Winpatrol deinstallieren

seb-soft · 24.03.2015, 10:56

Hallo, guten Tag
Wollte mein WinPatrol deinstallieren, bekomme jedoch die Meldung: "Sie verfügen nicht über ausreichende Berechtigungen, winpatrol zu deinstallieren"

Bin der alleinige Nutzer des Computers (Administrator)

Gruss seb-soft

Kronos60 · 24.03.2015, 17:41

Versuche ihn mal mit Revo Uninstaller Free zu deinstallieren:
http://www.revouninstaller.com/revo_uninstaller_free_download.html

seb-soft · 31.03.2015, 09:43

Hallo, das habe ich schon probiert,
Revouninstaller zeigt das Programm in der Liste nicht an.

Mit dem Programm ParetoLogic habe ich das selbe Prob. auch das wird von Revouninstaller nicht angezeigt.

Gruss

cosinus · 31.03.2015, 12:41

Selbst mit Revo geht das nicht?

Poste mal FRST-Logs

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

seb-soft · 05.04.2015, 12:26

Allen erstmal ein Frohes Osterfest.

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by seb (administrator) on SEB-PC on 05-04-2015 13:15:45
Running from C:\Unzipped
Loaded Profiles: seb (Available profiles: seb)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Englisch (USA)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
(Seagate) C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
(Seagate) C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
(Acronis) C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Cerious Software, Inc.) C:\Program Files (x86)\ThumbsPlus 7x deutsch\Thumbs.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Seagate Scheduler2 Service] => C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe [136544 2009-11-10] (Seagate)
HKLM-x32\...\Run: [DiscWizardMonitor.exe] => C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe [1352480 2009-11-10] (Seagate)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Seagate\DiscWizard\TimounterMonitor.exe [906912 2009-11-10] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2489456 2010-12-17] (VIA)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\f0691044-5155-4c8a-a881-249948816748.exe [183232 2015-03-27] (AVAST Software)
HKU\S-1-5-21-3122927800-2970940714-3403948491-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe [960688 2015-02-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-3122927800-2970940714-3403948491-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3122927800-2970940714-3403948491-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3122927800-2970940714-3403948491-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-09] (AVAST Software)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-09] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-21] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\seb\AppData\Roaming\Mozilla\Firefox\Profiles\bfj3vrht.default-1421832937164
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-21] (Oracle Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\seb\AppData\Roaming\Mozilla\Firefox\Profiles\bfj3vrht.default-1421832937164\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-02-14]
FF Extension: Adblock Plus - C:\Users\seb\AppData\Roaming\Mozilla\Firefox\Profiles\bfj3vrht.default-1421832937164\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-14]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-15]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi
FF HKU\S-1-5-21-3122927800-2970940714-3403948491-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\seb\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\seb\AppData\Roaming\IDM\idmmzcc5 [2015-04-02]
FF HKU\S-1-5-21-3122927800-2970940714-3403948491-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\seb\AppData\Roaming\IDM\idmmzcc5

Chrome: 
=======
CHR Profile: C:\Users\seb\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-15]
CHR Extension: (Google Drive) - C:\Users\seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-15]
CHR Extension: (YouTube) - C:\Users\seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-15]
CHR Extension: (Google Search) - C:\Users\seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-15]
CHR Extension: (Gmail) - C:\Users\seb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-15]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-09]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-09] (AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 Aspi32; C:\Windows\SysWow64\Drivers\Aspi32.sys [23936 1997-12-23] (Adaptec)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-09] ()
S3 cpuz130; No ImagePath
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-04-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S4 NVHDA; No ImagePath
R3 SAllBDA; C:\Windows\System32\Drivers\TeViiS2.sys [149128 2011-05-23] (TeVii Technology Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-12-16] ()
S3 Synth3dVsc; No ImagePath
S3 tsusbhub; No ImagePath
S3 VGPU; No ImagePath
R3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [10368 2009-09-16] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-05 13:15 - 2015-04-05 13:15 - 00000000 ____D () C:\FRST
2015-04-05 12:29 - 2015-04-05 12:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-03 22:40 - 2015-04-03 22:40 - 00003034 _____ () C:\Windows\System32\Tasks\Hessen_Dingsda_ab_2015_04_06_1032
2015-04-03 22:40 - 2015-04-03 22:40 - 00003034 _____ () C:\Windows\System32\Tasks\Hessen_Dingsda_ab_2015_04_06
2015-04-03 22:40 - 2015-04-03 22:40 - 00002888 _____ () C:\Windows\System32\Tasks\Hessen_Dingsda_ab_2015_04_06_PreStarter
2015-04-03 22:40 - 2015-04-03 22:40 - 00002888 _____ () C:\Windows\System32\Tasks\Hessen_Dingsda_ab_2015_04_06_1032_PreStarter
2015-04-03 22:40 - 2015-04-03 22:40 - 00000502 _____ () C:\Windows\Tasks\Hessen_Dingsda_ab_2015_04_06_1032.job
2015-04-03 22:40 - 2015-04-03 22:40 - 00000502 _____ () C:\Windows\Tasks\Hessen_Dingsda_ab_2015_04_06.job
2015-04-03 22:40 - 2015-04-03 22:40 - 00000356 _____ () C:\Windows\Tasks\Hessen_Dingsda_ab_2015_04_06_PreStarter.job
2015-04-03 22:40 - 2015-04-03 22:40 - 00000356 _____ () C:\Windows\Tasks\Hessen_Dingsda_ab_2015_04_06_1032_PreStarter.job
2015-04-02 15:54 - 2015-03-27 02:10 - 00192984 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2015-03-29 17:15 - 2015-03-29 17:15 - 00003044 _____ () C:\Windows\System32\Tasks\Tatort_Matterhorn_ab_2015_04_06
2015-03-29 17:15 - 2015-03-29 17:15 - 00002898 _____ () C:\Windows\System32\Tasks\Tatort_Matterhorn_ab_2015_04_06_PreStarter
2015-03-29 17:15 - 2015-03-29 17:15 - 00000512 _____ () C:\Windows\Tasks\Tatort_Matterhorn_ab_2015_04_06.job
2015-03-29 17:15 - 2015-03-29 17:15 - 00000366 _____ () C:\Windows\Tasks\Tatort_Matterhorn_ab_2015_04_06_PreStarter.job
2015-03-29 17:01 - 2015-03-29 17:01 - 00003044 _____ () C:\Windows\System32\Tasks\Spiel_mit_der_Angst_ab_2015_04_26
2015-03-29 17:01 - 2015-03-29 17:01 - 00002900 _____ () C:\Windows\System32\Tasks\Spiel_mit_der_Angst_ab_2015_04_26_PreStarter
2015-03-29 17:01 - 2015-03-29 17:01 - 00000512 _____ () C:\Windows\Tasks\Spiel_mit_der_Angst_ab_2015_04_26.job
2015-03-29 17:01 - 2015-03-29 17:01 - 00000368 _____ () C:\Windows\Tasks\Spiel_mit_der_Angst_ab_2015_04_26_PreStarter.job
2015-03-29 16:57 - 2015-03-29 16:57 - 00003046 _____ () C:\Windows\System32\Tasks\Mitternachtsspitzen_ab_2015_04_25
2015-03-29 16:57 - 2015-03-29 16:57 - 00002900 _____ () C:\Windows\System32\Tasks\Mitternachtsspitzen_ab_2015_04_25_PreStarter
2015-03-29 16:57 - 2015-03-29 16:57 - 00000514 _____ () C:\Windows\Tasks\Mitternachtsspitzen_ab_2015_04_25.job
2015-03-29 16:57 - 2015-03-29 16:57 - 00000368 _____ () C:\Windows\Tasks\Mitternachtsspitzen_ab_2015_04_25_PreStarter.job
2015-03-29 16:55 - 2015-03-30 13:10 - 00000526 _____ () C:\Windows\Tasks\Die_Sendung_mit_der_Maus_ab_2015_03_30.job
2015-03-29 16:55 - 2015-03-30 12:08 - 00000380 _____ () C:\Windows\Tasks\Die_Sendung_mit_der_Maus_ab_2015_03_30_PreStarter.job
2015-03-29 16:55 - 2015-03-29 16:55 - 00003390 _____ () C:\Windows\System32\Tasks\Die_Sendung_mit_der_Maus_ab_2015_03_30
2015-03-29 16:55 - 2015-03-29 16:55 - 00003244 _____ () C:\Windows\System32\Tasks\Die_Sendung_mit_der_Maus_ab_2015_03_30_PreStarter
2015-03-21 20:51 - 2015-03-26 22:52 - 00000504 _____ () C:\Windows\Tasks\Ginger_Rosa_ab_2015_04_15.job
2015-03-21 20:51 - 2015-03-26 22:52 - 00000358 _____ () C:\Windows\Tasks\Ginger_Rosa_ab_2015_04_15_PreStarter.job
2015-03-21 20:51 - 2015-03-21 20:51 - 00003036 _____ () C:\Windows\System32\Tasks\Ginger_Rosa_ab_2015_04_15
2015-03-21 20:51 - 2015-03-21 20:51 - 00002890 _____ () C:\Windows\System32\Tasks\Ginger_Rosa_ab_2015_04_15_PreStarter
2015-03-21 20:49 - 2015-03-26 22:52 - 00000628 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_10.job
2015-03-21 20:49 - 2015-03-26 22:52 - 00000582 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_09.job
2015-03-21 20:49 - 2015-03-26 22:52 - 00000482 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_10_PreStarter.job
2015-03-21 20:49 - 2015-03-26 22:52 - 00000436 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_09_PreStarter.job
2015-03-21 20:49 - 2015-03-21 20:49 - 00003160 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_04_10
2015-03-21 20:49 - 2015-03-21 20:49 - 00003114 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_04_09
2015-03-21 20:49 - 2015-03-21 20:49 - 00003014 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_04_10_PreStarter
2015-03-21 20:49 - 2015-03-21 20:49 - 00002968 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_04_09_PreStarter
2015-03-21 20:48 - 2015-03-26 22:52 - 00000612 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_08.job
2015-03-21 20:48 - 2015-03-26 22:52 - 00000604 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_07.job
2015-03-21 20:48 - 2015-03-26 22:52 - 00000466 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_08_PreStarter.job
2015-03-21 20:48 - 2015-03-26 22:52 - 00000458 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_07_PreStarter.job
2015-03-21 20:48 - 2015-03-21 20:48 - 00003144 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_04_08
2015-03-21 20:48 - 2015-03-21 20:48 - 00003136 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_04_07
2015-03-21 20:48 - 2015-03-21 20:48 - 00002998 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_04_08_PreStarter
2015-03-21 20:48 - 2015-03-21 20:48 - 00002990 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_04_07_PreStarter
2015-03-21 20:40 - 2015-04-04 18:55 - 00000706 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_03_22.job
2015-03-21 20:40 - 2015-04-04 17:58 - 00000560 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_03_22_PreStarter.job
2015-03-21 20:40 - 2015-03-21 20:40 - 00003850 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_03_22
2015-03-21 20:40 - 2015-03-21 20:40 - 00003704 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_03_22_PreStarter
2015-03-21 16:11 - 2015-03-21 16:11 - 433046050 _____ () C:\Windows\MEMORY.DMP
2015-03-21 16:11 - 2015-03-21 16:11 - 00274848 _____ () C:\Windows\Minidump\032115-37596-01.dmp
2015-03-15 01:23 - 2015-03-20 18:31 - 00000528 _____ () C:\Windows\Tasks\Ein_Herz_und_eine_Seele_ab_2015_04_05.job
2015-03-15 01:23 - 2015-03-20 18:31 - 00000382 _____ () C:\Windows\Tasks\Ein_Herz_und_eine_Seele_ab_2015_04_05_PreStarter.job
2015-03-15 01:23 - 2015-03-15 01:23 - 00003060 _____ () C:\Windows\System32\Tasks\Ein_Herz_und_eine_Seele_ab_2015_04_05
2015-03-15 01:23 - 2015-03-15 01:23 - 00002914 _____ () C:\Windows\System32\Tasks\Ein_Herz_und_eine_Seele_ab_2015_04_05_PreStarter
2015-03-15 01:22 - 2015-03-20 18:31 - 00000526 _____ () C:\Windows\Tasks\Die_Tuer_der_Versuchung_ab_2015_04_10.job
2015-03-15 01:22 - 2015-03-20 18:31 - 00000380 _____ () C:\Windows\Tasks\Die_Tuer_der_Versuchung_ab_2015_04_10_PreStarter.job
2015-03-15 01:22 - 2015-03-15 01:22 - 00003058 _____ () C:\Windows\System32\Tasks\Die_Tuer_der_Versuchung_ab_2015_04_10
2015-03-15 01:22 - 2015-03-15 01:22 - 00002912 _____ () C:\Windows\System32\Tasks\Die_Tuer_der_Versuchung_ab_2015_04_10_PreStarter
2015-03-14 20:19 - 2015-03-14 20:19 - 00001054 _____ () C:\Users\seb\Desktop\Biene Maja.doc - Verknüpfung.lnk
2015-03-14 20:17 - 2015-03-20 18:31 - 00000586 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_06.job
2015-03-14 20:17 - 2015-03-20 18:31 - 00000442 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_06_PreStarter.job
2015-03-14 20:17 - 2015-03-14 20:17 - 00003118 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_04_06
2015-03-14 20:17 - 2015-03-14 20:17 - 00002974 _____ () C:\Windows\System32\Tasks\Die_Biene_Maja_ab_2015_04_06_PreStarter
2015-03-14 16:52 - 2015-03-14 16:52 - 00000000 ____D () C:\Users\seb\AppData\Local\Apple Computer
2015-03-14 16:43 - 2015-03-14 16:43 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-03-14 16:43 - 2015-03-14 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-03-14 16:42 - 2015-03-14 16:43 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-03-14 16:42 - 2015-03-14 16:42 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-03-12 15:03 - 2015-03-12 15:03 - 00000000 ____D () C:\Users\seb\Documents\FormatFactory
2015-03-12 14:52 - 2015-03-12 14:52 - 00000000 ____D () C:\Users\Public\Documents\Baidu
2015-03-12 14:52 - 2015-03-12 14:52 - 00000000 ____D () C:\ProgramData\Baidu
2015-03-12 14:50 - 2015-03-12 14:50 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2015-03-12 02:49 - 2015-03-12 02:49 - 00000000 __SHD () C:\found.000
2015-03-12 02:06 - 2015-03-12 02:06 - 00000000 ____D () C:\Users\seb\AppData\Roaming\Apple Computer
2015-03-12 01:55 - 2015-03-12 01:55 - 00000000 ____D () C:\Users\seb\AppData\Local\Apple
2015-03-12 01:55 - 2015-03-12 01:55 - 00000000 ____D () C:\ProgramData\Apple

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-05 13:15 - 2013-12-27 10:21 - 00000000 ____D () C:\Unzipped
2015-04-05 13:10 - 2013-01-24 00:31 - 00000000 ____D () C:\Users\seb\AppData\Roaming\vlc
2015-04-05 13:03 - 2013-01-05 17:22 - 00697072 _____ () C:\Windows\system32\perfh007.dat
2015-04-05 13:03 - 2013-01-05 17:22 - 00149040 _____ () C:\Windows\system32\perfc007.dat
2015-04-05 13:03 - 2009-07-14 07:13 - 01619880 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-05 12:51 - 2014-06-28 07:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-05 12:42 - 2015-02-27 14:37 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-05 12:30 - 2013-01-05 16:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-05 12:29 - 2015-02-02 00:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-05 12:28 - 2014-12-18 14:57 - 00000257 _____ () C:\Users\seb\Desktop\Photo.URL
2015-04-05 11:38 - 2013-01-05 16:14 - 02001895 _____ () C:\Windows\WindowsUpdate.log
2015-04-05 07:15 - 2015-02-25 00:54 - 00000572 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_03_01.job
2015-04-05 07:15 - 2013-03-09 10:50 - 00000000 ____D () C:\Users\seb\AppData\Roaming\WinTVCap_GUI
2015-04-05 06:29 - 2015-02-25 00:54 - 00000428 _____ () C:\Windows\Tasks\Die_Biene_Maja_ab_2015_03_01_PreStarter.job
2015-04-04 18:00 - 2015-02-18 18:15 - 00000464 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2015-04-04 13:42 - 2015-02-27 14:37 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-04 11:30 - 2015-02-25 00:41 - 00000552 _____ () C:\Windows\Tasks\Die_Sendung_mit_der_Maus_ab_2015_02_28.job
2015-04-04 10:30 - 2015-02-25 00:41 - 00000406 _____ () C:\Windows\Tasks\Die_Sendung_mit_der_Maus_ab_2015_02_28_PreStarter.job
2015-04-03 16:22 - 2013-01-06 23:14 - 00000000 ____D () C:\Program Files (x86)\ThumbsPlus 7x deutsch
2015-04-03 11:01 - 2013-02-12 15:56 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-02 23:20 - 2014-12-09 11:45 - 00000000 ____D () C:\Users\seb\AppData\Roaming\DMCache
2015-04-02 23:20 - 2014-12-09 11:45 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-04-02 23:18 - 2014-12-09 11:45 - 00000000 ____D () C:\Users\seb\AppData\Roaming\IDM
2015-04-01 22:25 - 2015-02-04 22:37 - 00000600 _____ () C:\Windows\Tasks\Atlantis_ab_2015_02_11.job
2015-04-01 19:58 - 2015-02-04 22:37 - 00000454 _____ () C:\Windows\Tasks\Atlantis_ab_2015_02_11_PreStarter.job
2015-03-31 18:33 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-31 18:33 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-31 10:44 - 2015-02-18 18:15 - 00000438 _____ () C:\Windows\Tasks\ParetoLogic Update Version3.job
2015-03-28 16:04 - 2013-01-11 16:21 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2015-03-28 13:48 - 2013-02-12 15:27 - 00000000 ____D () C:\Users\seb\AppData\Roaming\dvdcss
2015-03-27 19:27 - 2013-01-11 16:26 - 00000000 ____D () C:\Users\seb\AppData\Local\Pinnacle
2015-03-26 23:11 - 2015-02-18 18:15 - 00000490 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-03-26 23:10 - 2015-02-06 15:15 - 00002133 _____ () C:\Windows\setupact.log
2015-03-26 23:10 - 2013-06-18 10:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-26 23:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-26 22:51 - 2013-01-05 18:57 - 00797310 _____ () C:\Windows\PFRO.log
2015-03-26 22:50 - 2013-04-26 13:38 - 00000000 ____D () C:\Users\seb\AppData\Roaming\TrueCrypt
2015-03-24 13:49 - 2013-01-11 16:59 - 00052736 _____ () C:\Users\seb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-21 19:30 - 2013-01-06 17:37 - 00000000 ____D () C:\Users\seb\AppData\Roaming\TV-Browser
2015-03-21 16:11 - 2013-01-23 01:15 - 00000000 ____D () C:\Windows\Minidump
2015-03-14 16:24 - 2013-06-07 11:59 - 00000000 ____D () C:\Users\seb\AppData\Roaming\WinFF
2015-03-12 14:35 - 2015-01-28 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-03-12 14:35 - 2015-01-28 14:50 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-03-12 14:35 - 2013-09-27 10:18 - 00000000 ____D () C:\ProgramData\Freemake
2015-03-12 01:56 - 2015-02-15 13:30 - 00000000 ____D () C:\Users\seb\AppData\Roaming\WinPatrol
2015-03-09 21:25 - 2013-06-13 07:41 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2015-03-09 21:25 - 2013-06-07 12:10 - 00000000 ____D () C:\Program Files (x86)\NCH Software
2015-03-08 12:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PLA

==================== Files in the root of some directories =======

2013-06-08 07:10 - 2014-12-16 20:25 - 0000030 _____ () C:\Program Files (x86)\Exiferupdate.ini
2013-11-16 09:03 - 2013-11-16 09:04 - 50063360 _____ () C:\Program Files (x86)\GUT3F71.tmp
2013-01-11 16:59 - 2015-03-24 13:49 - 0052736 _____ () C:\Users\seb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-11 11:31 - 2013-12-25 23:42 - 0007605 _____ () C:\Users\seb\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\seb\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\seb\AppData\Local\Temp\ochelper.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 12:16

==================== End Of Log ============================

--- --- ---

--- --- ---

Und der Rest.

Schönen Tag noch. Gruss

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by seb at 2015-04-05 13:16:50
Running from C:\Unzipped
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2.1.0 (HKLM-x32\...\{4F80F043-B003-4820-B8E3-CB7E6CF5BB03}_is1) (Version: 2.1.0 - Christian Koban)
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\AmUStor) (Version: 20.22.2217.13862 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.22.2217.13862 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Audials (HKLM-x32\...\{7FAA26D8-3727-41CD-A9DE-9480E4EA9130}) (Version: 8.0.55300.0 - RapidSolution Software AG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 11 (HKLM-x32\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
DivX Codec 3.1alpha release (HKLM-x32\...\DIVXCodec) (Version:  - )
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
Exifer (HKLM-x32\...\Exifer_is1) (Version:  - Friedemann Schmidt)
FlashGet(JetCar) (HKLM-x32\...\FlashGet(JetCar)) (Version:  - )
Free Driver Scout (HKLM-x32\...\{50a7e828-15d3-40e6-a37d-22d5c5357878}) (Version: 1.0.0.0 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.0 - Covus Freemium) Hidden
Free Studio version 5.3.1 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Ltd.)
Free Video Editor version 1.4.11.219 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.11.219 - DVDVideoSoft Ltd.)
Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.0 - Ellora Assets Corporation)
Future Pinball (HKLM-x32\...\Future Pinball_is1) (Version: Version 1.9.1.20101231 - Chris Leathley)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Google Earth (HKLM-x32\...\{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}) (Version: 7.0.2.8415 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
InstallShield für Microsoft Visual C++ 6 (HKLM-x32\...\InstallShield für Microsoft Visual C++ 6) (Version:  - )
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 6.0 Professional Edition (Deutsch) (HKLM-x32\...\Visual Studio 6.0 Professional Edition (deu)) (Version:  - )
Microsoft VM for Java (HKLM-x32\...\MsJavaVM) (Version:  - )
Microsoft Web Publishing Wizard 1.53 (HKLM-x32\...\WebPost) (Version:  - )
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mp3tag v2.53 (HKLM-x32\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSDN Library - Visual Studio 6.0a (Deutsch) (HKLM-x32\...\Microsoft Developer Network - Visual Studio 6.0a (deu)) (Version:  - )
NVIDIA 3D Vision Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Graphics Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PixiePack Codec Pack (HKLM-x32\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Seagate*DiscWizard (HKLM-x32\...\{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}) (Version: 11.0.8330 - Seagate)
ShrinkTo5Basic (HKLM-x32\...\ShrinkTo5Basic) (Version:  - )
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
ThumbsPlus 7x (deutsch) (HKLM-x32\...\ThumbsPlus7x) (Version:  - Atlantic Software Exchange, Inc.)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TV-Browser 3.4.0.95-Beta (HKLM-x32\...\tvbrowser) (Version: 3.4.0.95-Beta - TV-Browser Team)
VBEx32 2.1.01 (HKLM-x32\...\VBEx32_is1) (Version:  - vb@rchiv- Das große Visual Basic Archiv)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Deployment Tools (HKLM-x32\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 (HKLM-x32\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - WinPatrol)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BE}) (Version: 15.0.9302 - WinZip Computing, S.L. )
Xilisoft Download YouTube Video (HKLM-x32\...\Xilisoft Download YouTube Video) (Version: 5.6.1.20140425 - Xilisoft)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3122927800-2970940714-3403948491-1000_Classes\CLSID\{C539A15A-3AF9-4c92-B771-50CB78F5C751}\InprocServer32 -> C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll (Seagate)
CustomCLSID: HKU\S-1-5-21-3122927800-2970940714-3403948491-1000_Classes\CLSID\{C539A15B-3AF9-4c92-B771-50CB78F5C751}\InprocServer32 -> C:\Program Files (x86)\Seagate\DiscWizard\tishell64.dll (Seagate)

==================== Restore Points  =========================

22-03-2015 19:08:44 Scheduled Checkpoint
24-03-2015 12:13:11 Removed Apple Software Update
24-03-2015 12:14:43 Revo Uninstaller's restore point - Apple Application Support
02-04-2015 01:53:49 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-02-11 20:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {023219F5-3A5C-4B45-AAF0-D5EF9470856D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {02573FEF-8494-46AF-AEE6-9E4640FF0E64} - System32\Tasks\Hessen_Dingsda_ab_2015_04_06 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {03845044-F3F2-49F0-ADB2-51FED48791ED} - System32\Tasks\Die_Biene_Maja_ab_2015_04_06 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {040C3AEB-758C-4A75-949B-141C4967AF90} - System32\Tasks\Die_Biene_Maja_ab_2015_04_08_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {057421E0-A1D0-412B-A9FD-D66419ADA411} - System32\Tasks\Die_Sendung_mit_der_Maus_ab_2015_02_28_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {0806E896-D721-4B7B-A331-C7CB287FF4D1} - System32\Tasks\Die_Tuer_der_Versuchung_ab_2015_04_10 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {0A24B285-3613-4B61-AE37-20D8162B9B51} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {10DBE4E1-1886-42A0-B7E2-58DCD0229B81} - System32\Tasks\Tatort_Matterhorn_ab_2015_04_06_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {1660F2BB-E740-44E5-9EF4-0D59CA15A67C} - System32\Tasks\Atlantis_ab_2015_02_11 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {188A93A4-5297-4F75-A7C9-1EC94118BB75} - System32\Tasks\Tatort_Matterhorn_ab_2015_04_06 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {19C1243F-BA5C-474F-B72F-0DBE6C21F4E4} - System32\Tasks\Mitternachtsspitzen_ab_2015_04_25 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {1B436BF4-305A-4878-9324-F082369176D2} - System32\Tasks\{2EDA19E1-EDAD-4650-84E0-3651A132AC5A} => pcalua.exe -a D:\PinnacleOriginal\HollywoodFX\InstallHFZ.exe -d D:\PinnacleOriginal\HollywoodFX
Task: {2485E0EA-EDFB-4000-ABCF-CA863E9075B1} - System32\Tasks\Die_Biene_Maja_ab_2015_04_06_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {273F3E38-D813-48BD-9EAF-5D152CB78B8F} - System32\Tasks\Die_Biene_Maja_ab_2015_04_09_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {2F2AF128-54C0-4693-AEE9-6CA0A4496C1C} - System32\Tasks\avastBCLRestartS-1-5-21-3122927800-2970940714-3403948491-1000 => Firefox.exe 
Task: {32247E12-E338-4CAB-A8FF-9689298C5E90} - System32\Tasks\Die_Biene_Maja_ab_2015_04_10_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {40AD11AC-46E4-4BDC-B234-1DFCC7AC7688} - System32\Tasks\Hessen_Dingsda_ab_2015_04_06_1032_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {464C9C21-05A0-44E0-BDEB-0C5CD32394D5} - System32\Tasks\{E71FA50C-2A66-4E55-9475-1C1125FB8954} => pcalua.exe -a "C:\Program Files (x86)\Claro LTD\claro\1.8.8.5\GUninstaller.exe" -c -uprtc -key "claro"
Task: {54802746-DB94-406D-AC07-62E18F27CDF5} - System32\Tasks\Atlantis_ab_2015_02_11_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {594DDFFB-52DE-47F4-B1BE-B00C08704AED} - System32\Tasks\Die_Biene_Maja_ab_2015_03_22_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {5B7F407A-E382-413B-8F03-BD8C88C50564} - System32\Tasks\Hessen_Dingsda_ab_2015_04_06_1032 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {5D02FB00-2D6F-420C-A495-82189A0F39CB} - System32\Tasks\Spiel_mit_der_Angst_ab_2015_04_26_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {637A60BF-FF83-461B-98F5-5DA1622CF56E} - System32\Tasks\Ginger_Rosa_ab_2015_04_15_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {711AA0E2-C4C8-4354-A5FF-267CE869EB19} - System32\Tasks\Ein_Herz_und_eine_Seele_ab_2015_04_05_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {848810E3-F22E-4685-9444-5D578DD83485} - System32\Tasks\{204CB24E-4252-482E-93D2-30A0450F2046} => pcalua.exe -a "C:\Program Files (x86)\Moyea\FLV Downloader\install_flash_player_active_x.exe" -d "C:\Program Files (x86)\Moyea\FLV Downloader"
Task: {866E4DF8-2847-4D05-ACD3-C0872C1FB0E8} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {86AF534D-AA51-4DA2-8016-A0BF16A5FE5C} - System32\Tasks\Die_Biene_Maja_ab_2015_04_08 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {8CEB0E00-F5A8-49CA-B535-B4B0FEF50D73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {92035D14-A876-47F5-87AD-193AFD3B97C1} - System32\Tasks\Die_Biene_Maja_ab_2015_03_01_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {993D594B-A5D1-4499-945B-C8BA8A0F8D7B} - System32\Tasks\{44CADEB5-0CE4-4EB2-857B-47A0392A788C} => H:\Neu-Install-7\WinTVCAPGUI\WinTVCap_GUI_3.6.3.exe [2013-01-06] ()
Task: {9BBAF748-44ED-48FB-81B4-234934D1C7FC} - System32\Tasks\Spiel_mit_der_Angst_ab_2015_04_26 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {A0182966-A5E4-4641-9B06-1EBB03F32238} - System32\Tasks\{F5BA5D89-AFF8-405D-B9AD-6E9D0B0D0129} => C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download New\FreeYTVDownloader.exe
Task: {A0B091DF-18E1-46D0-BD1A-B0D7FB9B5001} - System32\Tasks\Die_Biene_Maja_ab_2015_03_22 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {AD222EA9-87F5-48A8-A877-FB8CB4465381} - System32\Tasks\{0C43FBC4-3303-4061-B61C-5080CAAC890B} => pcalua.exe -a C:\Users\seb\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=mp3
Task: {B06D73FE-3899-4FD3-B7A7-E60188D32646} - System32\Tasks\Die_Biene_Maja_ab_2015_04_07 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {B13F3A2D-4857-458D-A6AC-58EA5B50D680} - System32\Tasks\Die_Sendung_mit_der_Maus_ab_2015_02_28 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {B4995C9D-C574-45C5-8614-C2790F6F94D6} - System32\Tasks\Die_Sendung_mit_der_Maus_ab_2015_03_30_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {C6092945-FF54-48EC-9BE3-57CCA6E46232} - System32\Tasks\Hessen_Dingsda_ab_2015_04_06_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {C84525DE-9FC6-481A-92B4-48FA6EE5C716} - System32\Tasks\Die_Biene_Maja_ab_2015_04_09 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {C980ACEB-02E1-4A27-9BBE-CFEE59DC6BD7} - System32\Tasks\Ein_Herz_und_eine_Seele_ab_2015_04_05 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {CB021FED-CA7E-4BC4-85CB-527C5D551928} - System32\Tasks\Die_Biene_Maja_ab_2015_04_10 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {CC75A05C-540D-42FF-9A2B-7567B6891841} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {D0490138-A3D0-402C-89D9-C78164420752} - System32\Tasks\Die_Tuer_der_Versuchung_ab_2015_04_10_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {D38347D2-E6E7-4C5D-8D89-D397C5417291} - System32\Tasks\Die_Sendung_mit_der_Maus_ab_2015_03_30 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {D40F0396-9F08-4539-A1EE-C65D30AAD0A8} - System32\Tasks\{454066F8-297E-452E-A014-89F2FB2F0114} => pcalua.exe -a H:\Neu-Install-7\TV-Browser\WinTVCap_GUI_3.6.3.exe -d H:\Neu-Install-7\TV-Browser
Task: {E18F7A48-C74D-41D2-91E5-40A92E688D8F} - System32\Tasks\Ginger_Rosa_ab_2015_04_15 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {E9179D40-E888-4233-AD5F-EB17A9904CFA} - System32\Tasks\Die_Biene_Maja_ab_2015_03_01 => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {EE2D0B6B-CF41-4AEB-A83B-DF8AF6E017EC} - System32\Tasks\Die_Biene_Maja_ab_2015_04_07_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {F2EF8949-93A8-4BB2-867D-1998C110DAA0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-27] (Google Inc.)
Task: {F3CD5E50-3F49-4F6E-983A-618BB8C88DFF} - System32\Tasks\Mitternachtsspitzen_ab_2015_04_25_PreStarter => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe [2015-01-21] (Oracle Corporation)
Task: {F6D6D01A-CA6D-40DA-B862-C5ACEF85982E} - System32\Tasks\{A7105E6B-946B-493F-9209-4BAEA01ED4E3} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {FEE90840-1E00-447B-8AB5-A187A47BFBA9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-09] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Atlantis_ab_2015_02_11.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe«-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Atlantis_ab_2015_02_11_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exeb-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_03_01.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_03_01_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exeU-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_03_22.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exeà-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_03_22_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe—-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_06.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe¤-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_06_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe\-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_07.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe*-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_07_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exed-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_08.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe±-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_08_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exeh-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_09.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe¢-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_09_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exeY-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_10.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe¹-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Die_Biene_Maja_ab_2015_04_10_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exep-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Die_Sendung_mit_der_Maus_ab_2015_02_28.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe“-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Die_Sendung_mit_der_Maus_ab_2015_02_28_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exeJ-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Die_Sendung_mit_der_Maus_ab_2015_03_30.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe†-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Die_Sendung_mit_der_Maus_ab_2015_03_30_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe=-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Die_Tuer_der_Versuchung_ab_2015_04_10.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe†-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Die_Tuer_der_Versuchung_ab_2015_04_10_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe=-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Ein_Herz_und_eine_Seele_ab_2015_04_05.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe‡-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Ein_Herz_und_eine_Seele_ab_2015_04_05_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe>-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Ginger_Rosa_ab_2015_04_15.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe{-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Ginger_Rosa_ab_2015_04_15_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe2-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Hessen_Dingsda_ab_2015_04_06.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exez-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Hessen_Dingsda_ab_2015_04_06_1032.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exez-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Hessen_Dingsda_ab_2015_04_06_1032_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe1-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Hessen_Dingsda_ab_2015_04_06_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe1-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Mitternachtsspitzen_ab_2015_04_25.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe€-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Mitternachtsspitzen_ab_2015_04_25_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe7-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\Spiel_mit_der_Angst_ab_2015_04_26.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Spiel_mit_der_Angst_ab_2015_04_26_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe7-jar C:\ReDeMPG_Prestarter.jar
Task: C:\Windows\Tasks\Tatort_Matterhorn_ab_2015_04_06.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe-jar C:\ReDeMPG_Starter.jar
Task: C:\Windows\Tasks\Tatort_Matterhorn_ab_2015_04_06_PreStarter.job => C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe6-jar C:\ReDeMPG_Prestarter.jar

==================== Loaded Modules (whitelisted) ==============

2013-06-18 10:04 - 2012-10-02 21:51 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-01-05 16:19 - 2010-12-17 14:25 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-01-05 16:19 - 2010-12-17 14:25 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-01-05 16:19 - 2010-12-17 14:25 - 00105584 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2013-01-05 16:19 - 2010-12-17 14:25 - 64643696 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2012-11-16 15:09 - 2012-11-16 15:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-04-02 22:50 - 2015-04-02 22:50 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15040202\algo.dll
2015-04-05 11:24 - 2015-04-05 11:24 - 02923520 _____ () C:\Program Files\AVAST Software\Avast\defs\15040500\algo.dll
2009-11-10 18:39 - 2009-11-10 18:39 - 01332576 _____ () C:\Program Files (x86)\Seagate\DiscWizard\fox.dll
2015-03-13 19:10 - 2015-03-13 19:10 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-25 17:43 - 2014-09-25 17:43 - 00043920 _____ () C:\Program Files (x86)\TV-Browser\jRegistryKey.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3122927800-2970940714-3403948491-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Exetender_148 => "C:\Program Files (x86)\FreeRide Games\GPlayer.exe" /runonstartup
MSCONFIG\startupreg: FreeYTVDownloader => C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
MSCONFIG\startupreg: TeViiRC => C:\Windows\TeViiRC.exe

==================== Accounts: =============================

Administrator (S-1-5-21-3122927800-2970940714-3403948491-500 - Administrator - Disabled)
Guest (S-1-5-21-3122927800-2970940714-3403948491-501 - Limited - Disabled)
seb (S-1-5-21-3122927800-2970940714-3403948491-1000 - Administrator - Enabled) => C:\Users\seb

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/05/2015 00:30:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 36.0.4.5557 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d34

Startzeit: 01d06ae596a021cf

Endzeit: 472

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: c066f97f-db7e-11e4-9194-c860006d115b

Error: (04/04/2015 03:43:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Future Pinball.exe, Version: 1.9.2008.1225, Zeitstempel: 0x4d1d68d3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1a50
Startzeit der fehlerhaften Anwendung: 0xFuture Pinball.exe0
Pfad der fehlerhaften Anwendung: Future Pinball.exe1
Pfad des fehlerhaften Moduls: Future Pinball.exe2
Berichtskennung: Future Pinball.exe3

Error: (04/03/2015 05:15:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Future Pinball.exe, Version: 1.9.2008.1225, Zeitstempel: 0x4d1d68d3
Name des fehlerhaften Moduls: Future Pinball.exe, Version: 1.9.2008.1225, Zeitstempel: 0x4d1d68d3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0012a06b
ID des fehlerhaften Prozesses: 0x183c
Startzeit der fehlerhaften Anwendung: 0xFuture Pinball.exe0
Pfad der fehlerhaften Anwendung: Future Pinball.exe1
Pfad des fehlerhaften Moduls: Future Pinball.exe2
Berichtskennung: Future Pinball.exe3

Error: (03/30/2015 03:55:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Future Pinball.exe, Version 1.9.2008.1225 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 16ac

Startzeit: 01d06af11bec2b52

Endzeit: 145

Anwendungspfad: C:\Games\Future Pinball\Future Pinball.exe

Berichts-ID: 72fc53c3-d6e4-11e4-9194-c860006d115b

Error: (03/30/2015 00:39:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1030

Startzeit: 01d0695e5e3462ca

Endzeit: 23400

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 629778ac-d664-11e4-9194-c860006d115b

Error: (03/30/2015 00:36:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.4.5557, Zeitstempel: 0x550d0883
Name des fehlerhaften Moduls: mozalloc.dll, Version: 36.0.4.5557, Zeitstempel: 0x550cfa82
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001e02
ID des fehlerhaften Prozesses: 0x460
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (03/28/2015 03:51:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0xa88
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (03/26/2015 10:43:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Studio.exe, Version 15.0.0.7593 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2f8

Startzeit: 01d0663d74491382

Endzeit: 129

Anwendungspfad: C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe

Berichts-ID: af1f3a08-d3f8-11e4-82d3-c860006d115b

Error: (03/25/2015 00:42:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0xf4c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (03/24/2015 04:13:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x16dc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3


System errors:
=============
Error: (04/02/2015 03:27:47 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "Q:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (04/01/2015 00:21:57 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (03/30/2015 10:27:25 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (03/30/2015 02:32:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (03/28/2015 09:38:56 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (03/27/2015 08:35:43 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "Q:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (03/26/2015 11:10:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/26/2015 11:10:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\Aspi32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/26/2015 10:52:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Aspi32" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/26/2015 10:52:06 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\Aspi32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (04/05/2015 00:30:23 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe36.0.4.5557d3401d06ae596a021cf472C:\Program Files (x86)\Mozilla Firefox\firefox.exec066f97f-db7e-11e4-9194-c860006d115b

Error: (04/04/2015 03:43:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Future Pinball.exe1.9.2008.12254d1d68d3unknown0.0.0.000000000c0000005000000001a5001d06edd022daee5C:\Games\Future Pinball\Future Pinball.exeunknown8415de83-dad0-11e4-9194-c860006d115b

Error: (04/03/2015 05:15:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Future Pinball.exe1.9.2008.12254d1d68d3Future Pinball.exe1.9.2008.12254d1d68d3c00000050012a06b183c01d06e20dc92cfe4C:\Games\Future Pinball\Future Pinball.exeC:\Games\Future Pinball\Future Pinball.exe421d3aed-da14-11e4-9194-c860006d115b

Error: (03/30/2015 03:55:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Future Pinball.exe1.9.2008.122516ac01d06af11bec2b52145C:\Games\Future Pinball\Future Pinball.exe72fc53c3-d6e4-11e4-9194-c860006d115b

Error: (03/30/2015 00:39:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567103001d0695e5e3462ca23400C:\Windows\Explorer.EXE629778ac-d664-11e4-9194-c860006d115b

Error: (03/30/2015 00:36:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e0246001d069fe146ce467C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf91f83f2-d663-11e4-9194-c860006d115b

Error: (03/28/2015 03:51:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000000000a8801d068095a10cb4fC:\Windows\Explorer.EXEunknown95bde176-d551-11e4-9194-c860006d115b

Error: (03/26/2015 10:43:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Studio.exe15.0.0.75932f801d0663d74491382129C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exeaf1f3a08-d3f8-11e4-82d3-c860006d115b

Error: (03/25/2015 00:42:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000000000f4c01d0663cba13b975C:\Windows\Explorer.EXEunknowna6bbc71c-d2db-11e4-82d3-c860006d115b

Error: (03/24/2015 04:13:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4unknown0.0.0.000000000c0000005000000000000000016dc01d0663c97ce3c71C:\Windows\Explorer.EXEunknownefba00c9-d22f-11e4-82d3-c860006d115b


CodeIntegrity Errors:
===================================
  Date: 2015-02-11 19:17:13.202
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-02-11 19:17:13.077
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-01-10 16:11:25.067
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\CyberLink\PowerDVD\clpciid.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-01-10 16:11:25.004
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\CyberLink\PowerDVD\clpciid.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) D CPU 3.40GHz
Percentage of memory in use: 40%
Total physical RAM: 4095.05 MB
Available physical RAM: 2439.55 MB
Total Pagefile: 16377.23 MB
Available Pagefile: 13879.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:234.45 GB) (Free:77.14 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Daten) (Fixed) (Total:97.65 GB) (Free:91.15 GB) NTFS
Drive f: (DRIVE_F) (Fixed) (Total:833.85 GB) (Free:142.1 GB) NTFS
Drive h: (C_Boot_Daten_1) (Fixed) (Total:718.47 GB) (Free:449.43 GB) NTFS
Drive i: (C_Boot_Daten_3) (Fixed) (Total:244.14 GB) (Free:198.05 GB) NTFS
Drive j: (C_Boot_Daten_2) (Fixed) (Total:200.2 GB) (Free:172 GB) NTFS
Drive k: (Elements) (Fixed) (Total:1862.98 GB) (Free:553.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 5F0FC9BA)
Partition 1: (Not Active) - (Size=200.2 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=234.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.1 GB) - (Type=05)
Partition 4: (Not Active) - (Size=718.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B2025BBE)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 3497912C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

cosinus · 06.04.2015, 00:44

Zitat:

WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.1.2015.0 - WinPatrol)

WinPatrol ist da aber definitiv in der Liste...und dann muss es auch per Revo deinstallierbar sein.

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

WinPatrol
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Larusso · 06.04.2015, 10:29

Hy.

Versuchs mal damit --> http://www.winpatrol.com/winpatrolremove.exe

Kronos60 · 06.04.2015, 14:37

Du kannst dir auch die Trial-Version von Revo Uninstaller Pro downloaden dort gibt es eine Option Deinstallation erzwingen die kannst du ausprobieren, danach kannst du Revo dann deinstallieren.
http://www.revouninstaller.com/
[IMG]

[/IMG]

seb-soft · 08.04.2015, 17:53

Zitat:

Zitat von Kronos60

Du kannst dir auch die Trial-Version von Revo Uninstaller Pro downloaden dort gibt es eine Option Deinstallation erzwingen die kannst du ausprobieren, danach kannst du Revo dann deinstallieren.
Revo Uninstaller Pro - Uninstall Software, Remove Programs easily, Forced Uninstall, Leftovers Uninstaller, Portable Uninstaller
[IMG]

[/IMG]

Damit hat es funktioniert.

Danke allen für die Hilfe.
Schönen Tag noch
Gruss

Kronos60 · 08.04.2015, 19:15

Schön das es geklappt hat.

Es gibt von Revo auch eine Free-Version wenn du die haben willst:
http://www.revouninstaller.com/revo_uninstaller_free_download.html

06.04.2015, 10:29	#7
Larusso /// Selecta Jahrusso	Winpatrol deinstallieren Hy. Versuchs mal damit --> http://www.winpatrol.com/winpatrolremove.exe __________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie

Winpatrol deinstallieren

Antiviren-, Firewall- und andere Schutzprogramme: Winpatrol deinstallieren