Hallo, danke dass du mir helfen willst! :Boogie:
Ich probier das mal!
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by Laura (administrator) on LAPTOP-LAURA on 27-08-2014 21:23:53
Running from C:\LauraDaten
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\watchmi\TvdTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [506712 2011-02-03] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PinnacleDriverCheck] => C:\Windows\SysWOW64\\PSDrvCheck.exe [406016 2004-03-11] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-22] (AVAST Software)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2249361187-423248577-2537947663-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-12-27] (Google Inc.)
HKU\S-1-5-21-2249361187-423248577-2537947663-1000\...\Run: [AyqutAmoli] => regsvr32.exe "
HKU\S-1-5-21-2249361187-423248577-2537947663-1000\...\MountPoints2: {6a8d4056-b109-11e2-86c6-3860778d695b} - F:\ibs.exe
HKU\S-1-5-21-2249361187-423248577-2537947663-1000\...\MountPoints2: {a24c4ddf-6a34-11e3-b1c6-3860778d695b} - F:\Startme.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{AA4D1C5E-116A-4FF4-AA91-28F526868203}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.)
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb_uMq3OFwXGzbLFbmdB42PQcTgWeAqK5ifyuhzwzl0pzvhsi02ChiGuK0u7-aX81fRN6yl9FDVnDY_LHnWCrSUVPPrQj7tDSBHfRrKjjEZLLCx2QC8DZeySSrDkX-yEGEYhVP_w7n8B3fZtmz3KZ7c6UWJ_7OfwijdAA,,&q={searchTerms}
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name -> {EC136321-1AE5-4A7F-B01C-5380D666175B} -> No File
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKLM-x32 - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\tckgaz1q.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\tckgaz1q.default\Extensions\abs@avira.com [2014-08-22]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-05-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-22]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-19]
Chrome:
=======
CHR Profile: C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-06-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-22]
CHR HKLM-x32\...\Chrome\Extension: [nmpllndkedbnmonoomepeeglghdelffo] - C:\Program Files (x86)\icq\Chrome\icq-1.3.667.crx [2011-11-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-22] (AVAST Software)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-10-07] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] () [File not signed]
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [62464 2010-12-06] () [File not signed]
S2 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASAPIW2K; C:\Windows\SysWOW64\Drivers\asapiW2k.sys [11264 2005-01-10] (VOB Computersysteme GmbH) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-22] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-27 21:23 - 2014-08-27 21:23 - 00000000 ____D () C:\FRST
2014-08-27 17:47 - 2014-08-27 18:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 17:47 - 2014-08-27 17:47 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-27 17:47 - 2014-08-27 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-27 17:47 - 2014-08-27 17:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-27 17:47 - 2014-08-27 17:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-27 17:47 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-27 17:47 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-27 17:47 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-27 17:46 - 2014-08-27 17:47 - 00000000 ____D () C:\Users\Laura\AppData\Local\Abelssoft
2014-08-27 17:46 - 2014-08-27 17:46 - 00001054 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-27 17:46 - 2014-08-27 17:46 - 00000362 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-27 17:46 - 2014-08-27 17:46 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Abelssoft
2014-08-27 17:46 - 2014-08-27 17:46 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-27 17:46 - 2014-08-27 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-27 17:46 - 2014-08-27 17:46 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-27 17:03 - 2014-08-27 17:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-27 16:47 - 2014-08-27 16:47 - 00000000 ____D () C:\Users\Laura\Documents\Fax
2014-08-26 17:12 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-26 17:12 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-26 17:12 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-26 17:12 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-26 17:11 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-26 17:11 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-26 17:11 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-26 17:11 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-22 14:41 - 2014-08-22 14:41 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\AVAST Software
2014-08-22 14:39 - 2014-08-22 14:39 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-22 14:39 - 2014-08-22 14:39 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-22 14:39 - 2014-08-22 14:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-22 14:39 - 2014-08-22 14:39 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job
2014-08-22 14:39 - 2014-08-22 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-22 14:38 - 2014-08-22 14:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-22 14:37 - 2014-08-22 14:38 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-22 14:36 - 2014-08-22 14:36 - 91906368 _____ (AVAST Software) C:\Users\Laura\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-19 14:18 - 2014-08-19 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-08-15 22:25 - 2014-08-15 22:25 - 00000000 ____D () C:\Users\Laura\AppData\Local\Adobe_Systems_Incorporate
2014-08-15 22:23 - 2014-08-17 00:06 - 00000000 ____D () C:\Users\Laura\Documents\My Digital Editions
2014-08-15 22:23 - 2014-08-15 22:23 - 00002176 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-08-15 22:21 - 2014-08-15 22:21 - 06144272 _____ (Adobe Systems Incorporated) C:\Users\Laura\Downloads\ADE_3.0_Installer.exe
2014-08-14 18:13 - 2014-08-14 18:13 - 00000000 ____D () C:\Users\Laura\AppData\Local\Skype
2014-08-14 18:12 - 2014-08-14 18:12 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-14 18:12 - 2014-08-14 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-14 12:17 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 12:17 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 12:17 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 12:17 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 12:17 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 12:17 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 12:17 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 12:17 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 14:08 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 14:08 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 14:08 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 14:08 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 14:08 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 14:08 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 14:08 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 14:08 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 14:08 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 14:08 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 14:08 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 14:08 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 14:08 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 14:08 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 14:08 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 14:08 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 14:08 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 14:08 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 14:08 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 14:08 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 14:08 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 14:08 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 14:08 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 14:08 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 14:08 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 14:08 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 14:08 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 14:08 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 14:08 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 14:08 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 14:08 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 14:08 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 14:08 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 14:08 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 14:08 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 14:08 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 14:08 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 14:08 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 14:08 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 14:08 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 14:08 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 14:08 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 14:08 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 14:08 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 14:08 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 14:08 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 14:08 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 14:07 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 14:07 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 14:07 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 14:07 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 14:07 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 14:07 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 14:07 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 14:07 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 14:07 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 14:07 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 14:07 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 14:07 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 14:07 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 14:07 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 14:07 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 14:07 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 14:07 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 14:07 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 14:07 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 14:07 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 14:07 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 14:07 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 14:07 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 14:07 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 14:07 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 14:07 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 14:07 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 14:07 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-03 19:37 - 2014-08-07 20:06 - 00000000 ____D () C:\ProgramData\AyqutAmoli
2014-08-02 17:28 - 2014-08-02 17:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-27 21:24 - 2011-12-27 20:58 - 01641970 _____ () C:\Windows\WindowsUpdate.log
2014-08-27 21:23 - 2014-08-27 21:23 - 00000000 ____D () C:\FRST
2014-08-27 21:23 - 2011-12-27 21:39 - 00000000 ____D () C:\LauraDaten
2014-08-27 18:42 - 2014-08-27 17:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 18:31 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-27 18:31 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-27 18:25 - 2011-12-27 21:23 - 00105968 _____ () C:\Users\Laura\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-27 18:23 - 2009-07-14 06:45 - 00408816 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 18:22 - 2010-11-21 05:47 - 00658248 _____ () C:\Windows\PFRO.log
2014-08-27 18:22 - 2009-07-14 06:51 - 00072654 _____ () C:\Windows\setupact.log
2014-08-27 18:20 - 2012-11-29 17:36 - 00000000 ___RD () C:\Users\Laura\Dropbox
2014-08-27 18:19 - 2012-03-19 20:29 - 00000000 ____D () C:\Program Files (x86)\SweetIM
2014-08-27 17:47 - 2014-08-27 17:47 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-27 17:47 - 2014-08-27 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-27 17:47 - 2014-08-27 17:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-27 17:47 - 2014-08-27 17:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-27 17:47 - 2014-08-27 17:46 - 00000000 ____D () C:\Users\Laura\AppData\Local\Abelssoft
2014-08-27 17:46 - 2014-08-27 17:46 - 00001054 _____ () C:\Users\Public\Desktop\CHIP Updater.lnk
2014-08-27 17:46 - 2014-08-27 17:46 - 00000362 _____ () C:\Windows\Tasks\Updater scan.job
2014-08-27 17:46 - 2014-08-27 17:46 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Abelssoft
2014-08-27 17:46 - 2014-08-27 17:46 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-27 17:46 - 2014-08-27 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIP Updater
2014-08-27 17:46 - 2014-08-27 17:46 - 00000000 ____D () C:\Program Files (x86)\CHIP Updater
2014-08-27 17:36 - 2012-11-29 17:32 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Dropbox
2014-08-27 17:30 - 2014-08-27 17:03 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-27 17:30 - 2014-04-14 19:10 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-27 17:30 - 2013-08-17 20:13 - 00000000 ____D () C:\ProgramData\Avira
2014-08-27 16:47 - 2014-08-27 16:47 - 00000000 ____D () C:\Users\Laura\Documents\Fax
2014-08-24 14:41 - 2014-04-14 19:08 - 00000000 ____D () C:\Program Files\Scribus 1.4.3
2014-08-24 14:41 - 2012-08-20 00:03 - 00000000 ____D () C:\Program Files (x86)\Avidemux 2.5
2014-08-24 14:41 - 2012-03-09 16:35 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2014-08-24 14:41 - 2011-12-28 19:57 - 00000000 ____D () C:\Program Files (x86)\ICQ6Toolbar
2014-08-22 18:02 - 2013-11-17 18:53 - 00000000 ____D () C:\Windows\pss
2014-08-22 14:41 - 2014-08-22 14:41 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\AVAST Software
2014-08-22 14:39 - 2014-08-22 14:39 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-22 14:39 - 2014-08-22 14:39 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-22 14:39 - 2014-08-22 14:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-22 14:39 - 2014-08-22 14:39 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-22 14:39 - 2014-08-22 14:39 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job
2014-08-22 14:39 - 2014-08-22 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-22 14:38 - 2014-08-22 14:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-22 14:38 - 2014-08-22 14:37 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-22 14:36 - 2014-08-22 14:36 - 91906368 _____ (AVAST Software) C:\Users\Laura\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-20 23:33 - 2014-04-29 23:42 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\vlc
2014-08-20 22:15 - 2012-01-01 17:26 - 00000000 ____D () C:\Users\Laura\AppData\Local\CyberLink
2014-08-19 20:17 - 2011-08-29 17:58 - 00699326 _____ () C:\Windows\system32\perfh007.dat
2014-08-19 20:17 - 2011-08-29 17:58 - 00149434 _____ () C:\Windows\system32\perfc007.dat
2014-08-19 20:17 - 2009-07-14 07:13 - 01619208 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-19 15:19 - 2012-11-29 17:33 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-19 15:11 - 2013-08-30 15:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-19 14:18 - 2014-08-19 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-08-19 14:05 - 2013-03-14 16:16 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-19 14:05 - 2013-03-14 16:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-19 13:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-19 13:50 - 2012-04-07 21:26 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Skype
2014-08-17 00:06 - 2014-08-15 22:23 - 00000000 ____D () C:\Users\Laura\Documents\My Digital Editions
2014-08-15 22:25 - 2014-08-15 22:25 - 00000000 ____D () C:\Users\Laura\AppData\Local\Adobe_Systems_Incorporate
2014-08-15 22:23 - 2014-08-15 22:23 - 00002176 _____ () C:\Users\Public\Desktop\Adobe Digital Editions 3.0.lnk
2014-08-15 22:23 - 2011-08-29 21:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-15 22:21 - 2014-08-15 22:21 - 06144272 _____ (Adobe Systems Incorporated) C:\Users\Laura\Downloads\ADE_3.0_Installer.exe
2014-08-14 19:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-14 18:26 - 2011-12-28 19:09 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 18:13 - 2014-08-14 18:13 - 00000000 ____D () C:\Users\Laura\AppData\Local\Skype
2014-08-14 18:12 - 2014-08-14 18:12 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-14 18:12 - 2014-08-14 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-14 18:12 - 2012-04-07 21:26 - 00000000 ____D () C:\ProgramData\Skype
2014-08-14 18:06 - 2013-08-18 20:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 12:43 - 2011-08-29 19:49 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 12:16 - 2014-05-07 17:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-11 13:52 - 2011-12-27 21:40 - 00000000 ____D () C:\LauraMusik
2014-08-07 20:06 - 2014-08-03 19:37 - 00000000 ____D () C:\ProgramData\AyqutAmoli
2014-08-07 04:06 - 2014-08-13 14:07 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 14:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-02 17:29 - 2014-08-02 17:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 01:41 - 2014-08-13 14:08 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 14:08 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 18:20 - 2013-03-14 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
Files to move or delete:
====================
C:\ProgramData\ri8z8vr.bxx
C:\ProgramData\ri8z8vr.fvv
C:\ProgramData\ri8z8vr.reg
Some content of TEMP:
====================
C:\Users\Laura\AppData\Local\Temp\avgnt.exe
C:\Users\Laura\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpht64zn.dll
C:\Users\Laura\AppData\Local\Temp\First15.exe
C:\Users\Laura\AppData\Local\Temp\ose00000.exe
C:\Users\Laura\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Laura\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Laura\AppData\Local\Temp\VP6Install.exe
C:\Users\Laura\AppData\Local\Temp\VP6VFW.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-07-11 20:32
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by Laura at 2014-08-27 21:26:13
Running from C:\LauraDaten
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Aquanoid (HKCU\...\Aquanoid) (Version: - )
Art Mahjongg (HKCU\...\Art Mahjongg) (Version: - )
Bienengefahr (HKCU\...\Bienengefahr) (Version: - )
Bombenterror (HKCU\...\Bombenterror) (Version: - )
Boulder Match 2 (HKCU\...\Boulder Match 2) (Version: - )
Braincracker (HKCU\...\Braincracker) (Version: - )
Brainstorm (HKCU\...\Brainstorm) (Version: - )
ChessSweeper (HKCU\...\ChessSweeper) (Version: - )
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.29 - Abelssoft)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
Crazy Cong (HKCU\...\Crazy Cong) (Version: - )
Croix (HKCU\...\Croix) (Version: - )
Cube (HKCU\...\Cube) (Version: - )
CubeRun (HKCU\...\CubeRun) (Version: - )
Dart701OU (HKCU\...\Dart701OU) (Version: - )
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Holiday Fun (HKCU\...\Holiday Fun) (Version: - )
Invader (HKCU\...\Invader) (Version: - )
Jumper (HKCU\...\Jumper) (Version: - )
Kleine Lokomotive (HKCU\...\Kleine Lokomotive) (Version: - )
KLIX (HKCU\...\KLIX) (Version: - )
Lines (HKCU\...\Lines) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MDMahjongg (HKCU\...\MDMahjongg) (Version: - )
Metris 2 (HKCU\...\Metris 2) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{cb41fc68-4442-4f7f-b22f-8f31c74897ac}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Minipingpong (HKCU\...\Minipingpong) (Version: - )
MiniPlong (HKCU\...\MiniPlong) (Version: - )
Poczta usługi Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pumpkin (HKCU\...\Pumpkin) (Version: - )
Puzzle 2 (HKCU\...\Puzzle 2) (Version: - )
Shot (HKCU\...\Shot) (Version: - )
Target (HKCU\...\Target) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
XMas (HKCU\...\XMas) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Laura\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Laura\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Laura\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Laura\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2249361187-423248577-2537947663-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
12-07-2014 11:52:07 Windows Update
31-07-2014 16:13:50 Windows Update
14-08-2014 10:13:23 Windows Update
19-08-2014 12:16:36 Windows Update
22-08-2014 12:37:43 avast! antivirus system restore point
23-08-2014 19:02:06 Windows Update
26-08-2014 15:10:06 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {08C11D0E-2512-4286-AAAD-C9009E8967C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-27] (Google Inc.)
Task: {52CA83F5-E678-4848-A09B-33DF18B6F690} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-22] (Adobe Systems Incorporated)
Task: {62615960-733F-467A-9432-48EB5A57C207} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-27] (Google Inc.)
Task: {AD2FFC77-6D89-43BF-827A-D405D8B94691} - System32\Tasks\{0AF70B80-8EE6-4963-9F65-664723C441A2} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [2011-04-15] (CyberLink Corp.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf90a752a15671.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Updater scan.job => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A3C787FA-A1EB-434E-BB33-C73962C2A08A}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-09-08 01:28 - 2009-12-19 00:40 - 00104968 ____R () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2011-09-08 01:28 - 2011-07-09 01:50 - 00824328 ____R () C:\Program Files (x86)\PHotkey\PHotkey.exe
2011-09-08 01:28 - 2010-01-13 02:36 - 00117256 ____R () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2011-09-08 01:28 - 2010-01-13 02:36 - 00121864 ____R () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2011-09-08 01:28 - 2010-12-17 23:04 - 00449032 ____R () C:\Program Files (x86)\PHotkey\ATouch64.exe
2011-09-08 01:28 - 2010-12-27 23:14 - 00776200 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2011-09-08 01:28 - 2010-10-07 02:46 - 00159752 ____R () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2011-09-08 01:28 - 2011-07-13 22:56 - 03426312 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2011-09-08 01:28 - 2011-04-12 23:32 - 00483336 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2012-03-11 18:46 - 2011-02-17 20:13 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll
2011-08-30 00:12 - 2010-12-14 11:39 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2010-12-06 13:52 - 2010-12-06 13:52 - 00062464 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2011-12-27 21:14 - 2011-12-27 21:14 - 00061952 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\2.5.0.5__f722db7bec59a14b\Tvd.Remote.dll
2011-12-27 21:14 - 2011-12-27 21:14 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2011-12-27 21:14 - 2011-12-27 21:14 - 00078848 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\2.5.0.5__f722db7bec59a14b\Tvd.Reporting.dll
2011-12-27 21:14 - 2011-12-27 21:14 - 00148480 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\2.5.0.5__f722db7bec59a14b\Tvd.Aprico.dll
2011-07-27 00:37 - 2011-07-27 00:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2010-12-06 13:52 - 2010-12-06 13:52 - 01070080 _____ () C:\Program Files (x86)\watchmi\TvdTray.exe
2010-12-06 13:52 - 2010-12-06 13:52 - 00004608 _____ () C:\Program Files (x86)\watchmi\de\TvdTray.resources.dll
2014-08-22 14:39 - 2014-08-22 14:39 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-27 14:30 - 2014-08-27 14:30 - 02801152 _____ () C:\Program Files\AVAST Software\Avast\defs\14082700\algo.dll
2011-09-08 01:28 - 2009-12-19 00:36 - 00973432 ____R () C:\Program Files (x86)\PHotkey\acAuth.dll
2011-09-08 01:28 - 2009-12-19 00:41 - 00129544 ____R () C:\Program Files (x86)\PHotkey\GFNEX.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2014-08-22 14:39 - 2014-08-22 14:39 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-27 18:25 - 2014-08-27 18:25 - 00043008 _____ () c:\users\laura\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpht64zn.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-19 20:24 - 2014-08-19 20:24 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e1dca04e43d05aff13c672a916b3e8ef\IsdiInterop.ni.dll
2011-09-08 00:33 - 2011-05-20 19:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-08-02 17:28 - 2014-08-02 17:29 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-15 11:30 - 2013-09-15 11:30 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Laura^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ri8z8vr.lnk => C:\Windows\pss\ri8z8vr.lnk.Startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/27/2014 05:11:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.20.29596, Zeitstempel: 0x53ecd528
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x554
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (08/27/2014 05:11:44 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Net.Sockets.SocketException
Stack:
at System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
at System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
at Avira.OE.WinCore.NetworkStatusListener..ctor()
at Avira.OE.WinCore.InternetConnectionMonitor..ctor()
at Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
at Avira.OE.Systray.SystrayIcon..ctor()
at Avira.OE.Systray.Program.Main(System.String[])
Error: (08/27/2014 05:10:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.20.29596, Zeitstempel: 0x53ecd528
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x3c8
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (08/27/2014 05:10:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Net.Sockets.SocketException
Stack:
at System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
at System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
at Avira.OE.WinCore.NetworkStatusListener..ctor()
at Avira.OE.WinCore.InternetConnectionMonitor..ctor()
at Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
at Avira.OE.Systray.SystrayIcon..ctor()
at Avira.OE.Systray.Program.Main(System.String[])
Error: (08/22/2014 02:37:58 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary lkucjift.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (08/22/2014 02:21:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.19.30000, Zeitstempel: 0x53df7a63
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x4c0
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3
Error: (08/22/2014 02:21:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Net.Sockets.SocketException
Stack:
at System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(System.Net.Sockets.AddressFamily, System.Net.Sockets.SocketType, System.Net.Sockets.ProtocolType, Boolean, Boolean)
at System.Net.NetworkInformation.NetworkChange+AddressChangeListener.StartHelper(System.Net.NetworkInformation.NetworkAddressChangedEventHandler, Boolean, System.Net.NetworkInformation.StartIPOptions)
at Avira.OE.WinCore.NetworkStatusListener..ctor()
at Avira.OE.WinCore.InternetConnectionMonitor..ctor()
at Avira.OE.Systray.SystrayIcon..ctor(Avira.OE.WinCore.Interface.IServiceStatusMonitor, Avira.OE.Communicator.Interface.ICommunicatorClientProxy, Avira.OE.MiniGui.IMiniGuiWindow)
at Avira.OE.Systray.SystrayIcon..ctor()
at Avira.OE.Systray.Program.Main(System.String[])
Error: (08/19/2014 08:56:52 PM) (Source: VSS) (EventID: 12298) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "C:\" nicht gespeichert werden.
Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000, Der Vorgang wurde erfolgreich beendet.
], Leerung[0x00000000, Der Vorgang wurde erfolgreich beendet.
], Freigabe[0x80042314, Der Schattenkopieanbieter hat beim Warten auf den Schreibvorgang auf das Volume, von dem eine Schattenkopie erstellt wird, das Zeitlimit überschritten. Ursache hierfür könnte eine durch eine Anwendung oder einen Systemdienst verursachte hohe Aktivität auf dem Volume sein. Wiederholen Sie den Vorgang später, wenn das Volume nicht so stark ausgelastet ist.
], Ausführung[0x00000000, Der Vorgang wurde erfolgreich beendet.
].
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (08/19/2014 08:56:52 PM) (Source: VSS) (EventID: 12310) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die Schattenkopie kann nicht zugesichert werden - Vorgang hat das Zeitlimit überschritten.
Fehlerkontext: DeviceIoControl(\\?\Volume{2695bf48-30fe-11e1-a040-806e6f6e6963} - 0000000000000100,0x0053c010,00000000002687F0,0,0000000000269800,4096,[0]).
Vorgang:
Schattenkopien werden übertragen
Kontext:
Ausführungskontext: System Provider
Error: (08/14/2014 06:07:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 6.11.0.102 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2784
Startzeit: 01cfac22194e7f79
Endzeit: 1529
Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe
Berichts-ID: 0ce293fd-23cd-11e4-8925-3860778d695b
System errors:
=============
Error: (08/27/2014 06:23:28 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.
Error: (08/27/2014 06:22:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWOW64\Drivers\asapiW2k.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/27/2014 05:27:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (08/27/2014 05:27:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/27/2014 05:27:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst watchmi service erreicht.
Error: (08/27/2014 05:26:41 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.
Error: (08/27/2014 05:25:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWOW64\Drivers\asapiW2k.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/27/2014 05:10:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (08/27/2014 05:09:11 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}
Error: (08/27/2014 05:09:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{9B1F122C-2982-4E91-AA8B-E071D54F2A4D}
Microsoft Office Sessions:
=========================
Error: (05/24/2014 04:29:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 907 seconds with 420 seconds of active time. This session ended with a crash.
Error: (05/24/2014 02:36:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 162 seconds with 120 seconds of active time. This session ended with a crash.
Error: (05/24/2014 02:33:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 295 seconds with 240 seconds of active time. This session ended with a crash.
Error: (05/24/2014 02:28:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 797 seconds with 720 seconds of active time. This session ended with a crash.
Error: (04/13/2014 09:41:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 95314 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-08-27 18:22:03.262
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\asapiW2k.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-27 18:22:03.106
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\asapiW2k.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-27 17:25:19.562
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\asapiW2k.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-27 17:25:19.406
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\asapiW2k.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-27 17:07:31.582
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\asapiW2k.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-27 17:07:31.458
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\asapiW2k.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-27 16:50:52.936
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\asapiW2k.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-27 16:50:52.780
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\asapiW2k.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-27 16:45:12.336
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\asapiW2k.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-27 16:45:12.227
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\drivers\asapiW2k.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Percentage of memory in use: 61%
Total physical RAM: 4007.13 MB
Available physical RAM: 1532.42 MB
Total Pagefile: 8012.43 MB
Available Pagefile: 4931.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:6.9 GB) NTFS
Drive d: (Recover) (Fixed) (Total:48 GB) (Free:22.91 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 97BE5B6A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
