Hallo Jürgen,
herzlichen Dank, dass du mit helfen willst. Hier wie von dir beschrieben die Logfiles nach Schritt 1 - übrigens wenn ich hier auf dem Laptop meines Vaters auf das Code-Icon im Textfeld gehe, passiert gar nichts - nur falls das auch ein Hinweis sein könnte:
FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2014
Ran by herbert (administrator) on HERBERT-PC on 26-12-2014 07:41:13
Running from C:\Users\herbert\Desktop
Loaded Profile: herbert (Available profiles: herbert & DefaultAppPool)
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
() C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Activeris) C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(NTI Corporation) C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe
(Hauppauge Inc.) C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(fun communications GmbH, hxxp://www.fun.de) C:\Program Files (x86)\T-Online\T-Online_Software_6\Notifier\Notifier.exe
(Deutsche Telekom AG) C:\Program Files (x86)\T-Online\T-Online_Software_6\Browser\browser.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1796200 2011-02-22] (Acer Incorporated)
HKLM\...\Run: [HCWemmon] => C:\WINDOWS\HCWemmon.exe [61440 2007-03-29] (eMPIA Technology, Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe [295744 2011-02-15] (NTI Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [EPGServiceTool] => C:\Program Files (x86)\WinTV\EPG Services\System\EPGClient.exe [675840 2007-08-01] (Hauppauge Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe [30264 2009-08-04] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1081424 2011-03-14] (Dritek System Inc.)
HKLM-x32\...\Run: [Reader Application Helper] => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe [899400 2013-06-25] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\Trayserver.exe [90112 2007-03-29] (MAGIX AG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-21] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2012-10-13] ()
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4240760 2010-11-10] (Microsoft Corporation)
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Run: [BackgroundContainer] => "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Users\herbert\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Run: [lollipop_03061728] => lollipop_03061728
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135112 2014-05-15] (PC Utilities Software Limited)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [245056 2014-12-10] (Client Connect LTD)
AppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~3.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2720144 2014-05-19] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215360 2014-12-10] (Client Connect LTD)
AppInit_DLLs-x32: c:\program files (x86)\optimizer pro\optprocrash.dll => "c:\program files (x86)\optimizer pro\optprocrash.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\herbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7&q={searchTerms}
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=DE&userid=657d4aec-e7d7-0dad-76b8-609a49b3e768&searchtype=ds&q={searchTerms}&installDate=07/12/2013
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ie_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_ce1985dbeff74c29bd3cb9becc3f7032_39_1006_20130904_DE_ie_sp_
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=DE&userid=657d4aec-e7d7-0dad-76b8-609a49b3e768&searchtype=ds&q={searchTerms}&installDate=07/12/2013
URLSearchHook: HKLM-x32 - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - No File
URLSearchHook: HKLM-x32 - (No Name) - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7&q={searchTerms}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=DE&userid=657d4aec-e7d7-0dad-76b8-609a49b3e768&searchtype=ds&q={searchTerms}&installDate=07/12/2013
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-3195340951-745995918-4157368257-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M004816A0-C0AE-429D-AE90-AEA27E408AEB&SearchSource=58&CUI=&UM=2&UP=SP9664C388-2041-428E-B9AA-DD72667F1EDA&q={searchTerms}&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=
SearchScopes: HKU\S-1-5-21-3195340951-745995918-4157368257-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=ShoppingHelper&dpid=ShoppingHelper&co=DE&userid=657d4aec-e7d7-0dad-76b8-609a49b3e768&searchtype=ds&q={searchTerms}&installDate=07/12/2013
SearchScopes: HKU\S-1-5-21-3195340951-745995918-4157368257-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M004816A0-C0AE-429D-AE90-AEA27E408AEB&SearchSource=58&CUI=&UM=2&UP=SP9664C388-2041-428E-B9AA-DD72667F1EDA&q={searchTerms}&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=
SearchScopes: HKU\S-1-5-21-3195340951-745995918-4157368257-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3195340951-745995918-4157368257-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1386944312&from=adks&uid=WDCXWD5000BPVT-22HXZT1_WD-WXM1E11RYJV7RYJV7&q={searchTerms}
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: No Name -> {40c3cc16-7269-4b32-9531-17f2950fb06f} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: MimalaAmazonToolbar.ShowToolbarBHO -> {86a3cdaa-9b25-480e-b73f-c2d359b87966} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: No Name -> {b106b661-3e1b-4015-af5c-195e909f35c6} -> No File
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com)
BHO-x32: AlxHelper Class -> {F443A627-5009-4323-9C1D-7FD598D0D712} -> C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - Mimala Amazon Toolbar - {691ca8ec-7205-4aa9-bdd6-15493d16f835} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKU\S-1-5-21-3195340951-745995918-4157368257-1000 -> No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No File
Toolbar: HKU\S-1-5-21-3195340951-745995918-4157368257-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-3195340951-745995918-4157368257-1000 -> No Name - {B106B661-3E1B-4015-AF5C-195E909F35C6} - No File
Toolbar: HKU\S-1-5-21-3195340951-745995918-4157368257-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M004816A0-C0AE-429D-AE90-AEA27E408AEB&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP9664C388-2041-428E-B9AA-DD72667F1EDA&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=
FF DefaultSearchEngine: Trovi search
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801937&SearchSource=3&q={searchTerms}
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_ce1985dbeff74c29bd3cb9becc3f7032_39_1006_20130904_DE_ff_sp_
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3195340951-745995918-4157368257-1000: @phonostar.de/phonostar -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll No File
FF user.js: detected! => C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\searchplugins\Web Search.xml
FF Extension: Widget context - C:\Users\herbert\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA}.xpi [2014-03-15]
FF Extension: MediaPlayerplus - C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-07-27]
FF Extension: Amazon Browser Bar - C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\Extensions\abb@amazon.com [2013-09-04]
FF Extension: Cliqz Beta - C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\Extensions\cliqz@cliqz.com [2014-10-12]
FF Extension: enterprise 1.1 - C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\Extensions\e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com [2014-09-21]
FF Extension: Feven Pro 1.2 - C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\Extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com [2014-07-27]
FF Extension: Value Apps - C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\Extensions\{94cd2cc3-083f-49ba-a218-4cda4b4829fd} [2014-03-15]
FF Extension: Zula Games - C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\Extensions\zulagames@ZulaGames.com.xpi [2014-01-04]
FF Extension: Address Bar Search - C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-27]
FF Extension: BonanzaDeals - C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2013-12-19]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\herbert\AppData\Roaming\Mozilla\Firefox\Profiles\d120on5k.default\extensions\cliqz@cliqz.com
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_ce1985dbeff74c29bd3cb9becc3f7032_39_1006_20130904_DE_cr_sp_
CHR StartupUrls: Default -> "hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_cr_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_ce1985dbeff74c29bd3cb9becc3f7032_39_1006_20130904_DE_cr_sp_"
CHR DefaultSearchKeyword: Default -> trovi.com
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M004816A0-C0AE-429D-AE90-AEA27E408AEB&SearchSource=58&CUI=&UM=2&UP=SP9664C388-2041-428E-B9AA-DD72667F1EDA&q={searchTerms}&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=&SSPV=
CHR DefaultNewTabURL: Default -> https://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=69&CUI=&SSPV=&lay=5&p=cnts&UM=2&UP=SP9664C388-2041-428E-B9AA-DD72667F1EDA&SAT=CNTS
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\herbert\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-15]
CHR Extension: (Zula Games) - C:\Users\herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn [2013-10-13]
CHR Extension: (Domain Error Assistant) - C:\Users\herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2013-01-03]
CHR Extension: (Lightning Newtab) - C:\Users\herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2013-10-05]
CHR Extension: (MPlayerplus_01) - C:\Users\herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-07-01]
CHR Extension: (Slick Savings) - C:\Users\herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2013-01-03]
CHR Extension: (Google Wallet) - C:\Users\herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-21]
CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2013-12-21]
CHR HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2013-03-21]
CHR HKLM-x32\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\herbert\AppData\Roaming\BabSolution\CR\searchgol.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fagpjgjmoaccgkkpjeoinehnoaimnbla] - C:\Users\herbert\AppData\Roaming\BabSolution\CR\hola.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\herbert\AppData\Roaming\zulagames\zulagames.crx [2013-10-03]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.2.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\herbert\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-10-05]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\herbert\AppData\Local\Temp\tbch.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-21] (Avira Operations GmbH & Co. KG)
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53320 2014-11-13] (Just Develop It) <==== ATTENTION
S3 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [112128 2014-08-20] (Deutsche Telekom AG) [File not signed]
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3320640 2014-12-10] (Client Connect LTD)
R2 EPGService; C:\Program Files (x86)\WinTV\EPG Services\System\EPGService.exe [374272 2007-09-05] (Hauppauge Computer Works) [File not signed]
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [873064 2011-02-22] (Acer Incorporated)
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2013-11-11] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [File not signed]
R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2013-03-21] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-11] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-11-11] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2013-11-11] (Microsoft Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S3 synusb64; C:\Windows\System32\drivers\synusb64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
U3 idsvc; No ImagePath
R3 SPPD; \??\C:\WINDOWS\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-26 07:41 - 2014-12-26 07:41 - 00034017 _____ () C:\Users\herbert\Desktop\FRST.txt
2014-12-26 07:40 - 2014-12-26 07:41 - 00000000 ____D () C:\FRST
2014-12-26 07:39 - 2014-12-26 07:39 - 02122240 _____ (Farbar) C:\Users\herbert\Desktop\FRST64.exe
2014-12-25 21:55 - 2014-12-25 21:55 - 00002028 _____ () C:\Users\herbert\Downloads\Ereignisse.txt
2014-12-25 21:54 - 2014-12-25 21:54 - 00000000 ____D () C:\Users\herbert\Documents\Neuer Ordner (3)
2014-12-25 21:53 - 2014-12-25 21:53 - 00000000 ____D () C:\Users\herbert\Documents\Neuer Ordner (2)
2014-12-25 19:08 - 2014-12-25 19:08 - 00016998 _____ () C:\Users\herbert\Downloads\hijackthis.log
2014-12-25 19:03 - 2014-12-25 19:03 - 00388608 _____ (Trend Micro Inc.) C:\Users\herbert\Downloads\HijackThis.exe
2014-12-25 19:00 - 2014-12-25 19:01 - 42184784 _____ (Google Inc.) C:\Users\herbert\Downloads\chromestandalonesetup.exe
2014-12-25 05:57 - 2014-12-25 05:57 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2014-12-25 05:56 - 2014-12-26 05:56 - 00000000 ____D () C:\Users\herbert\AppData\Local\{B881C34B-041A-44A8-A222-5FE741D45734}
2014-12-24 06:52 - 2014-12-24 06:52 - 00000000 ____D () C:\Users\herbert\AppData\Local\{068CFA4F-791E-4E36-A2B0-7B630074705E}
2014-12-23 10:38 - 2014-12-23 10:38 - 00000000 ____D () C:\Users\herbert\AppData\Local\{7AA42C53-0B99-465F-AAA2-6C60471EBC86}
2014-12-21 19:40 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-21 19:40 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-21 19:36 - 2014-12-21 19:36 - 00775968 _____ (Reimage®) C:\Users\herbert\Downloads\ReimageRepair (2).exe
2014-12-21 19:24 - 2014-12-21 19:24 - 00000000 __SHD () C:\Users\herbert\AppData\Local\EmieBrowserModeList
2014-12-21 19:20 - 2014-12-25 05:57 - 00003106 _____ () C:\WINDOWS\System32\Tasks\Activeris AntiMalware_startup
2014-12-21 19:18 - 2014-12-21 19:18 - 00000000 ____D () C:\Users\herbert\AppData\Local\{A1E58E48-33EF-48C5-8C44-348E8496EE52}
2014-12-14 09:57 - 2014-12-14 09:57 - 00000921 _____ () C:\Users\herbert\Desktop\Bilder - Verknüpfung.lnk
2014-12-14 09:44 - 2014-12-14 09:44 - 00000000 ____D () C:\Users\herbert\AppData\Local\{95BABF5B-03DE-4A5A-923D-6454A6DD1FDB}
2014-12-13 17:25 - 2014-12-13 17:25 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-13 15:15 - 2014-12-13 15:16 - 00000000 ____D () C:\Users\herbert\Documents\schapprechnung
2014-12-13 15:11 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-13 15:11 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-13 15:11 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-13 15:11 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-13 14:56 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-13 14:56 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-13 14:55 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-13 14:55 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-13 14:55 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-13 14:55 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-13 14:55 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-13 14:55 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-13 14:55 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-13 14:55 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-13 14:55 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-13 14:55 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-13 14:55 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-13 14:55 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-13 14:55 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-13 14:55 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-13 14:55 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-13 14:55 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-13 14:55 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-13 14:55 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-13 14:55 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-13 14:55 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-13 14:55 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-13 14:55 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-13 14:55 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-13 14:55 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-13 14:55 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-13 14:55 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-13 14:55 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-13 14:55 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-13 14:55 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-13 14:55 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-13 14:55 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-13 14:55 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-13 14:55 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-13 14:55 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-13 14:55 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-13 14:55 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-13 14:55 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-13 14:55 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-13 14:55 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-13 14:55 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-13 14:55 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-13 14:55 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-13 14:55 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-13 14:55 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-13 14:55 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-13 14:55 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-13 14:55 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-13 14:55 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-13 14:55 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-13 14:55 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-13 14:55 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-13 14:55 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-13 14:28 - 2014-12-13 14:28 - 00000000 ____D () C:\Users\herbert\AppData\Local\{E8F526FE-FF48-4A33-8F60-F82617D024E5}
2014-11-28 11:43 - 2014-11-28 11:43 - 00000000 ____D () C:\Users\herbert\AppData\Local\{3E6A1AA4-617C-4AE7-A768-EF8A79B08873}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-26 07:39 - 2011-10-16 17:15 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-26 07:32 - 2014-05-19 17:32 - 00001404 _____ () C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-7.job
2014-12-26 07:32 - 2014-04-14 18:32 - 00000304 _____ () C:\WINDOWS\Tasks\SpeedUpMyPC Maintenance.job
2014-12-26 07:02 - 2014-09-21 19:02 - 00003482 _____ () C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-6.job
2014-12-26 07:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-26 06:51 - 2012-04-01 08:06 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-26 06:41 - 2013-11-12 17:16 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-12-26 06:33 - 2014-05-19 17:33 - 00002230 _____ () C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-4.job
2014-12-26 06:33 - 2014-05-19 17:33 - 00001548 _____ () C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-5.job
2014-12-26 06:33 - 2014-05-19 17:33 - 00001466 _____ () C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-1.job
2014-12-26 06:33 - 2014-05-19 17:33 - 00001446 _____ () C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-2.job
2014-12-26 06:32 - 2014-05-19 17:32 - 00003822 _____ () C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-3.job
2014-12-26 06:32 - 2014-05-19 17:32 - 00001476 _____ () C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-6.job
2014-12-26 05:55 - 2013-11-11 17:43 - 01984983 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-26 05:45 - 2013-09-30 05:14 - 02091098 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-26 05:45 - 2013-09-30 04:58 - 00888252 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-26 05:45 - 2013-09-30 04:58 - 00205708 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-26 05:42 - 2012-10-29 15:01 - 00050688 ___SH () C:\Users\herbert\Desktop\Thumbs.db
2014-12-25 20:03 - 2014-09-21 19:03 - 00002458 _____ () C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-5_user.job
2014-12-25 20:03 - 2014-09-21 19:03 - 00002458 _____ () C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-5.job
2014-12-25 20:03 - 2014-09-21 19:03 - 00002122 _____ () C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-2.job
2014-12-25 20:02 - 2014-09-21 19:02 - 00004508 _____ () C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-11.job
2014-12-25 20:02 - 2014-09-21 19:02 - 00003826 _____ () C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-4.job
2014-12-25 20:02 - 2014-09-21 19:02 - 00003482 _____ () C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-7.job
2014-12-25 20:02 - 2014-09-21 19:02 - 00002784 _____ () C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-1.job
2014-12-25 16:39 - 2011-10-16 17:15 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-25 05:55 - 2014-05-06 17:50 - 00000000 ___RD () C:\Users\herbert\OneDrive
2014-12-25 05:55 - 2014-04-14 18:32 - 00000318 _____ () C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job
2014-12-25 05:55 - 2013-01-14 18:38 - 00000384 _____ () C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job
2014-12-25 05:55 - 2011-09-22 17:31 - 00000000 ____D () C:\Users\herbert\Tracing
2014-12-25 05:54 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-24 07:17 - 2012-10-29 15:02 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3195340951-745995918-4157368257-1000
2014-12-24 06:49 - 2013-09-29 20:05 - 00302704 _____ () C:\WINDOWS\PFRO.log
2014-12-23 11:17 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-21 21:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-21 20:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-21 20:40 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-21 20:13 - 2014-08-13 17:52 - 00144695 _____ () C:\WINDOWS\system32\ScanResults.xml
2014-12-21 19:37 - 2014-08-03 18:00 - 00000165 _____ () C:\WINDOWS\Reimage.ini
2014-12-21 19:22 - 2014-05-20 17:44 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-12-21 19:16 - 2014-08-12 13:50 - 00000464 _____ () C:\WINDOWS\system32\ScannerSettings
2014-12-14 10:19 - 2013-11-11 17:22 - 00000000 ____D () C:\Users\herbert
2014-12-14 10:03 - 2013-11-12 19:00 - 00188928 ___SH () C:\Users\herbert\Downloads\Thumbs.db
2014-12-13 17:25 - 2014-07-20 14:07 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-13 17:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-13 17:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-13 17:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-13 17:13 - 2011-09-22 13:45 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-13 17:12 - 2013-08-16 15:32 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-13 17:03 - 2011-11-03 07:00 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-13 16:19 - 2012-08-16 14:53 - 00000000 ____D () C:\Users\herbert\Documents\krankenkasse
2014-12-13 16:00 - 2014-05-19 17:32 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-12-13 15:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-12-13 15:18 - 2013-08-22 15:46 - 00351419 _____ () C:\WINDOWS\setupact.log
2014-12-13 15:08 - 2013-01-16 14:44 - 00000000 ____D () C:\Users\herbert\Documents\Abrechnung 2013
2014-12-13 14:51 - 2012-04-01 08:06 - 00003796 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-13 14:43 - 2011-10-16 17:15 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-13 14:33 - 2014-10-13 15:26 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-11-26 22:10 - 2014-10-20 18:56 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-26 22:10 - 2014-10-20 18:56 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3824.dll
Some content of TEMP:
====================
C:\Users\herbert\AppData\Local\Temp\AF1.exe
C:\Users\herbert\AppData\Local\Temp\amsetup_activeris_default_010414_installer.exe
C:\Users\herbert\AppData\Local\Temp\avgnt.exe
C:\Users\herbert\AppData\Local\Temp\BackupSetup.exe
C:\Users\herbert\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\herbert\AppData\Local\Temp\dlLogic.exe
C:\Users\herbert\AppData\Local\Temp\dltr.exe
C:\Users\herbert\AppData\Local\Temp\GCVerifier.dll
C:\Users\herbert\AppData\Local\Temp\newvideoplayersetup.exe
C:\Users\herbert\AppData\Local\Temp\nsc1FCD.exe
C:\Users\herbert\AppData\Local\Temp\nsg1C42.exe
C:\Users\herbert\AppData\Local\Temp\nssC91B.exe
C:\Users\herbert\AppData\Local\Temp\nst2339.exe
C:\Users\herbert\AppData\Local\Temp\nsuCC2A.exe
C:\Users\herbert\AppData\Local\Temp\nswC5DE.exe
C:\Users\herbert\AppData\Local\Temp\ReimagePackage.exe
C:\Users\herbert\AppData\Local\Temp\Runner.exe
C:\Users\herbert\AppData\Local\Temp\Setup.exe
C:\Users\herbert\AppData\Local\Temp\spidentifierimpl.exe
C:\Users\herbert\AppData\Local\Temp\SPSetup.exe
C:\Users\herbert\AppData\Local\Temp\sqlite3.exe
C:\Users\herbert\AppData\Local\Temp\Update_Simplitec_PowerSuite_1.5.2.2de_DE.exe
C:\Users\herbert\AppData\Local\Temp\verifier.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 08:12
==================== End Of Log ============================
--- --- ---
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-12-2014
Ran by herbert at 2014-12-26 07:42:38
Running from C:\Users\herbert\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activeris AntiMalware (HKLM-x32\...\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1) (Version: 1.0.0.1 - Activeris) <==== ATTENTION
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0.3.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95 - WildTangent) Hidden
Amazon Browser Bar (HKLM\...\Amazon Browser Bar) (Version: 3.0.2012.0802 - Amazon) <==== ATTENTION
Amazon Browser Settings (HKLM-x32\...\Amazon Browser Settings) (Version: 3.0 - Amazon)
Amazon Kindle (HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Amazon Kindle) (Version: - Amazon)
Amazon Kindle For PC v1.0 (HKLM-x32\...\Amazon Kindle For PC) (Version: - )
Amazon Kindle For PC v1.0 (HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\Amazon Kindle For PC) (Version: - )
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar Updater (HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.36191 - Ask.com) <==== ATTENTION
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{580B9989-C624-2415-D922-56D856165564}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Backup Manager V3 (x32 Version: 3.0.0.85 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Browser 7 der Telekom 31.0.19 (x86 de) (HKLM-x32\...\Browser 7 der Telekom 31.0.19 (x86 de)) (Version: 31.0.19 - Deutsche Telekom AG)
Browser 7 Maintenance Service (HKLM-x32\...\Browser7MaintenanceService) (Version: 31.0.19 - Deutsche Telekom AG)
calibre (HKLM-x32\...\{1BFDD064-4C67-4156-A6C6-6E8D63563B3B}) (Version: 1.20.0 - Kovid Goyal)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Celestia 1.3.2 (HKLM-x32\...\Celestia_is1) (Version: - Shatters Software)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.33 - Abelssoft)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1421_35790 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktopicon Trends auf OTTO.de (HKLM\...\DesktopIconotto) (Version: 1.0.1 - )
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.13345 - Landesfinanzdirektion Thüringen)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.8 - MAGIX AG)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hauppauge German Help Files and Resources (HKLM-x32\...\Hauppauge German Help Files and Resources) (Version: - )
Hauppauge MCE XP/Vista Software Encoder (2.0.25180) (HKLM-x32\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25180 - Hauppauge Computer Works, Inc.)
Hauppauge WinTV (HKLM-x32\...\Hauppauge WinTV) (Version: - )
Hauppauge WinTV DVB-T EPG Service (HKLM-x32\...\Hauppauge WinTV DVB-T EPG Service) (Version: - )
Hauppauge WinTV Infrared Remote (HKLM-x32\...\Hauppauge WinTV Infrared Remote) (Version: - )
Hauppauge WinTV Scheduler (HKLM-x32\...\Hauppauge WinTV Scheduler) (Version: - )
Hauppauge WinTV Soft PVR (HKLM-x32\...\Hauppauge WinTV Soft PVR) (Version: - )
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
iClone SE (HKLM-x32\...\{580EC579-E476-469F-9EBF-F82D696FC67A}) (Version: 2.1 - Reallusion Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Packard Bell)
ImageConverter Plus 8.0 (HKLM-x32\...\ImageConverter Plus_is1) (Version: - fCoder Group, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
InterVideo FilterSDK for Hauppauge (HKLM-x32\...\{2227E1FA-01F5-483C-AB0E-2A308E900B3D}) (Version: - InterVideo Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.4 - Packard Bell)
Lollipop (HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\lollipop_03061728) (Version: - Lollipop Network, S.L.) <==== ATTENTION
MAGIX Foto Manager 2008 5.0.0.255 (D) (HKLM-x32\...\MAGIX Foto Manager 2008 D) (Version: 5.0.0.255 - MAGIX AG)
MAGIX Fotobuch 3.2 (HKLM-x32\...\MAGIX Fotobuch) (Version: 3.2 - MAGIX AG)
MAGIX Online Druck Service 2.3.2.0 (D) (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 2.3.2.0 - MAGIX AG)
MAGIX PC Visit (HKLM-x32\...\MAGIX PC Visit D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{1FF63306-EBC2-413D-927E-FA1323180AB1}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2008 PLUS 7.5.0.20 (D) (HKLM-x32\...\MAGIX Video deluxe 2008 PLUS D) (Version: 7.5.0.20 - MAGIX AG)
MAGIX Video deluxe 2015 Plus (HKLM\...\MX.{0797C499-48E8-46E2-9C97-90034F46F5E6}) (Version: 14.0.0.140 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Plus (Version: 14.0.0.140 - MAGIX Software GmbH) Hidden
MAGIX Video easy SE (HKLM-x32\...\MAGIX_{015B4C6B-BE3F-430F-B9EE-24505EDD16F1}) (Version: 3.0.1.46 - MAGIX AG)
MAGIX Video easy SE (Version: 3.0.1.46 - MAGIX AG) Hidden
MAGIX Xtreme Foto Designer 6 6.0.22.0 (D) (HKLM-x32\...\MAGIX Xtreme Foto Designer 6 D) (Version: 6.0.22.0 - MAGIX AG)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.1 Core Components (x86) ENU (HKLM-x32\...\{7AC8EF88-D996-4D47-B40C-4DD93E307481}) (Version: 2.1.1648.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition - DEU (HKLM-x32\...\Microsoft Visual C++ 2008 Express Edition - DEU) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{53C900F7-0CB1-3EDE-B9F3-76EDE6F0C253}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
minimal arts - Toolbar für amazon.de (HKLM-x32\...\{37D290AF-6602-4C22-9AF8-66CB7231C729}) (Version: 1.0.0 - minimal arts UG (haftungsbeschränkt))
MPlayerplus_01 (HKLM-x32\...\MPlayerplus_01) (Version: 1.34.5.12 - Freeven) <==== ATTENTION
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: - ) <==== ATTENTION
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.4 - WildTangent)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.85 - NTI Corporation)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3006 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.03.3004 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.1025.2010 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 2.0.2211 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 2.0.2211 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Packard Bell)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Reader for PC (HKLM-x32\...\{7FAEB610-D6B1-42CE-9EEA-6A5001C2E732}) (Version: 2.1.00.06250 - Sony Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6329 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Schoener Fernsehen 0.0.0.2c (HKLM-x32\...\Schoener Fernsehen) (Version: 0.0.0.2c - © schoener-fernsehen.com)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.19.10.160 - Client Connect LTD) <==== ATTENTION
Search-Gol Chrome Toolbar (HKLM-x32\...\Search-Gol Chrome Toolbar) (Version: - Search-Gol) <==== ATTENTION
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Softonic toolbar on IE (HKLM-x32\...\Softonic) (Version: - Softonic) <==== ATTENTION
Steinberg Cubase LE 5 (HKLM-x32\...\{50C78780-1A54-4A5C-B3A7-FF828C62C5C2}) (Version: 5.1.2 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Essential Set (HKLM-x32\...\{C04D5974-F528-4347-A494-EAF56124CC1A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
T-Online 6.0 (HKLM-x32\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version: - )
Torchlight (x32 Version: 2.2.0.95 - WildTangent) Hidden
TV-Browser 3.0.2 (HKLM-x32\...\tvbrowser) (Version: 3.0.2 - TV-Browser Team)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1523 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.0.1523 - CyberLink Corp.) Hidden
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 3.33 - NCH Software)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VisualBee for Microsoft PowerPoint (HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\VisualBee for Microsoft PowerPoint) (Version: V4.1 - VisualBee.com)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
VTPlus32 für WinTV (German) (HKLM-x32\...\VTPlus32 für WinTV (German)) (Version: - )
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3102 - Packard Bell)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Zattoo Live TV (HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\6d7aa3e3bf931c56) (Version: 1.0.0.44 - Zattoo Europa AG)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
28-11-2014 11:41:14 Windows Update
13-12-2014 16:57:43 Windows Update
21-12-2014 20:32:00 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03A2394B-0C32-411E-AA47-C7D366566DAE} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: {08A62D71-8B47-482D-BD0A-3A7EBDDD4976} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2014-09-19] (CHIP)
Task: {0A404381-5FD6-401F-B8D9-0CF4798ED86F} - System32\Tasks\{753FF5B1-8011-47A7-AF5B-94B52530CDEC} => D:\RUNME.EXE
Task: {14FCAC6C-6470-41A7-B26C-651A8061D519} - System32\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-5 => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-5.exe <==== ATTENTION
Task: {1D13B308-C746-4CA5-A5D8-042059950727} - System32\Tasks\{2F7F2EA3-C045-41B3-80BD-3917B6F2F86B} => C:\Users\herbert\AppData\Local\Amazon\Kindle\application\Kindle.exe [2011-12-14] (Amazon.com)
Task: {3052F74B-7ED8-490D-85CB-B92745CC2FBC} - System32\Tasks\{532AF74E-B7EB-4FE7-B38E-F6C9A493B358} => D:\RUNME.EXE
Task: {38CE96E5-6B37-48C6-9AC9-09B1CF19C1C1} - System32\Tasks\{57F689A4-83C4-44EF-8E47-E9980C059929} => D:\RUNME.EXE
Task: {3971BD60-36B7-466D-883E-DC11B03EDF86} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-13] (Adobe Systems Incorporated)
Task: {43E0C29C-0256-4B9D-9880-F0EB12CE78B5} - System32\Tasks\{50AF5F82-1998-4926-A5BA-576E1B357F1F} => C:\Users\herbert\Downloads\lide20lide30n670un676un1240uvst7031a_xpde(1).exe
Task: {44209798-C70E-4CCA-ACA2-646264E2CBB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {4744C9C1-AB2B-4F2F-8FBB-D848FF34648D} - System32\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-5 => C:\Program Files (x86)\MPlayerplus_01\d73553dc-f069-47b3-8808-35e7c4b13dc7-5.exe <==== ATTENTION
Task: {4BAEBE6C-FF7F-4446-A714-63BAE4D9F369} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\herbert\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {4D381888-D20E-4BC0-B6F1-64D6A35B3EC9} - System32\Tasks\{71AB71B0-1476-4EF0-A809-AF14FDD1F27F} => pcalua.exe -a "C:\Users\herbert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4MKAXGF8\DriverInstaller.exe" -d C:\Users\herbert\Desktop
Task: {4F7625E8-4F38-496A-A2CD-F104DC6D267A} - System32\Tasks\{87D1E967-91D2-4128-A02C-8D59E7705472} => C:\Users\herbert\AppData\Local\Amazon\Kindle\application\Kindle.exe [2011-12-14] (Amazon.com)
Task: {542AD80B-2959-4973-9E1E-44758F1592B3} - System32\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-4 => C:\Program Files (x86)\MPlayerplus_01\d73553dc-f069-47b3-8808-35e7c4b13dc7-4.exe <==== ATTENTION
Task: {61BD9B9A-C6DD-4C08-A415-558AF3E54579} - System32\Tasks\AdobeAAMUpdater-1.0-herbert-PC-herbert => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {689618D9-6D10-462B-9002-026E0A435352} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-02-21] (CyberLink)
Task: {6BC50602-778D-42A8-90C7-111C2F4C50E9} - System32\Tasks\{AFF7A02E-778C-4B22-9424-01CDC634456F} => D:\RUNME.EXE
Task: {7151086C-6291-48F8-8E65-A45AD81C46CE} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: {797CE307-F441-4E8C-8819-F287BA9D2B66} - System32\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-3 => C:\Program Files (x86)\MPlayerplus_01\d73553dc-f069-47b3-8808-35e7c4b13dc7-3.exe <==== ATTENTION
Task: {7AC84241-1422-4A64-957D-452A014D9090} - System32\Tasks\{DFED496E-7EB1-4971-8DFB-E4B5978C95DC} => D:\RUNME.EXE
Task: {7C0BB730-9D03-4DEE-9B8E-BA33A100BDD8} - System32\Tasks\{16FC39DC-8DC9-4A39-A641-2C14DA850DA7} => C:\Users\herbert\Downloads\lide20lide30n670un676un1240uvst7031a_xpde(1).exe
Task: {80730CB7-A528-4EEE-94EA-BED250195383} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8CF9A25A-CB47-4BA1-ACB7-67C715C61BF7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-28] (Google Inc.)
Task: {968F0803-4A8E-4251-899D-F5C88AF5D134} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {97261265-0111-476D-AAFA-44031B4B62D4} - System32\Tasks\{2CC85AEA-4F32-4778-BFC6-81C9AE422F3A} => D:\RUNME.EXE
Task: {978D1AAD-5275-4206-96C5-EA2BD15401D3} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-fiedler-herbert@t-online.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {99A02C9F-8F0F-4F40-A00F-349898F7FC60} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: {A520C125-4AC1-42FA-9764-AF0F5EBC24FD} - System32\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-7 => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-7.exe <==== ATTENTION
Task: {AC111FC5-B97F-4402-98EE-7DE6B16EDA1F} - System32\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-5_user => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-5.exe <==== ATTENTION
Task: {ADD65C9E-3428-4BCC-854E-967B310C92F5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-13] (Microsoft Corporation)
Task: {B9807DED-DCB9-45F0-9357-C1ADC8205A01} - System32\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-1 => C:\Program Files (x86)\MPlayerplus_01\MPlayerplus_01-codedownloader.exe <==== ATTENTION
Task: {BF8005EC-35AB-48FA-A106-7E4327E849CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C2E99D63-6709-4D97-88CA-79F495617018} - System32\Tasks\{FB318930-6340-4274-982F-3C314E4F323F} => D:\RUNME.EXE
Task: {C532A2F0-2858-47DF-BDCD-B471B033CC09} - System32\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-6 => C:\Program Files (x86)\MPlayerplus_01\MPlayerplus_01-novainstaller.exe <==== ATTENTION
Task: {C6A307B7-4EE3-4234-94CD-5B120D6C51EE} - System32\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-1 => C:\Program Files (x86)\enterprise 1.1\enterprise 1.1-codedownloader.exe <==== ATTENTION
Task: {C9B350A4-8245-4573-9723-AAFD6A21F204} - System32\Tasks\{E54B4202-79A3-4462-AF19-DE022726CD50} => pcalua.exe -a D:\setup.exe -d D:\
Task: {CD72B493-831E-4D1D-8720-52ECCF7332DF} - System32\Tasks\{63B80696-D49C-49E1-A07D-72EE9C22B0C2} => D:\RUNME.EXE
Task: {CDE3BEFB-8129-4E7E-B366-4419109B09A4} - System32\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-7 => C:\Program Files (x86)\MPlayerplus_01\MPlayerplus_01-nova.exe <==== ATTENTION
Task: {D293B07C-9F3A-44CF-A2E2-26DE05086C07} - System32\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-4 => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-4.exe <==== ATTENTION
Task: {D4571CED-11B1-4529-9ED8-0F3DAAC85891} - System32\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-2 => C:\Program Files (x86)\MPlayerplus_01\d73553dc-f069-47b3-8808-35e7c4b13dc7-2.exe <==== ATTENTION
Task: {D5182EFC-1271-49B8-A847-156D1445F462} - System32\Tasks\{2BC0E3B4-CA33-4C46-8018-9DBF6E6E8247} => pcalua.exe -a C:\Users\herbert\Downloads\lide20lide30n670un676un1240uvst7031a_xpde\SetupSG.exe -d C:\Users\herbert\Downloads\lide20lide30n670un676un1240uvst7031a_xpde
Task: {D5D0AB6F-C93F-4331-8C9B-9FEFE2D35A82} - System32\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-2 => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-2.exe <==== ATTENTION
Task: {D94BBE7C-A5E2-4A44-A46B-4BE284695190} - System32\Tasks\{D8C2A99C-6C0C-4064-94C4-3F9F31B66C87} => D:\RUNME.EXE
Task: {DE467FCE-8FBB-404C-B489-0DFEA11A62C2} - System32\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-6 => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-6.exe <==== ATTENTION
Task: {DECBFB91-7ADB-4653-9BE4-A5F74C84E0DE} - System32\Tasks\Activeris AntiMalware_startup => C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe [2014-01-23] (Activeris) <==== ATTENTION
Task: {E913F6BA-304D-496F-A5BC-ECEBE9FD5292} - System32\Tasks\{83D253BA-DC0C-4BE3-9235-3BB6DA664BA3} => D:\RUNME.EXE
Task: {EB85D009-50C3-4FAD-A3FA-CF0F26E8F1EA} - System32\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-11 => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-11.exe <==== ATTENTION
Task: {EEBEF4F6-DAE1-4B8A-BD93-8CDAFAB61B12} - System32\Tasks\APSnotifierCA => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {F1F20FB5-7435-4D43-8775-BA011607BD4E} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-1.job => C:\Program Files (x86)\enterprise 1.1\enterprise 1.1-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-11.job => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-2.job => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-4.job => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-5.job => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-5_user.job => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-6.job => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-6.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-7.job => C:\Program Files (x86)\enterprise 1.1\81bf0a9e-e311-4bc3-8fbb-155e36cb5688-7.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\APSnotifierCA.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-1.job => C:\Program Files (x86)\MPlayerplus_01\MPlayerplus_01-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-2.job => C:\Program Files (x86)\MPlayerplus_01\d73553dc-f069-47b3-8808-35e7c4b13dc7-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-3.job => C:\Program Files (x86)\MPlayerplus_01\d73553dc-f069-47b3-8808-35e7c4b13dc7-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-4.job => C:\Program Files (x86)\MPlayerplus_01\d73553dc-f069-47b3-8808-35e7c4b13dc7-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-5.job => C:\Program Files (x86)\MPlayerplus_01\d73553dc-f069-47b3-8808-35e7c4b13dc7-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-6.job => C:\Program Files (x86)\MPlayerplus_01\MPlayerplus_01-novainstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\d73553dc-f069-47b3-8808-35e7c4b13dc7-7.job => C:\Program Files (x86)\MPlayerplus_01\MPlayerplus_01-nova.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\simplitec\simpliclean\PowerSuite.exe
Task: C:\WINDOWS\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-10-30 07:17 - 2012-08-31 15:03 - 00288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2011-09-23 14:09 - 2012-08-31 15:02 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2013-03-21 19:24 - 2013-03-21 19:24 - 00222368 _____ () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-22 19:58 - 2012-10-13 16:05 - 00042496 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2014-11-13 10:59 - 2014-11-13 10:57 - 00270336 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
2014-11-13 10:59 - 2014-11-13 10:57 - 00060928 _____ () C:\Program Files (x86)\MyPC Backup\LinqBridge.dll
2014-11-13 10:59 - 2014-11-13 10:58 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-11-13 10:59 - 2014-11-13 10:57 - 00065536 _____ () C:\Program Files (x86)\MyPC Backup\BplusDotNet.dll
2011-02-15 19:37 - 2011-02-15 19:37 - 00465640 _____ () C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll
2011-02-15 19:37 - 2011-02-15 19:37 - 00125760 _____ () C:\Program Files (x86)\NTI\Packard Bell MyBackup\MailConverter32.dll
2011-02-15 19:36 - 2011-02-15 19:36 - 01081664 _____ () C:\Program Files (x86)\NTI\Packard Bell MyBackup\ACE.dll
2014-05-19 17:32 - 2012-09-26 14:31 - 00886272 _____ () C:\Program Files (x86)\Activeris AntiMalware\System.Data.SQLite.dll
2014-05-19 17:32 - 2014-01-23 18:04 - 01718264 _____ () C:\Program Files (x86)\Activeris AntiMalware\acrissys.dll
2014-05-19 17:32 - 2012-09-26 14:31 - 00168448 _____ () C:\Program Files (x86)\Activeris AntiMalware\UNRAR.DLL
2013-06-25 17:23 - 2013-06-25 17:23 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll
2013-05-23 18:54 - 2013-05-23 18:54 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll
2013-06-25 17:24 - 2013-06-25 17:24 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll
2014-10-22 15:30 - 2014-10-22 15:30 - 00169984 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\888ab4533ab915a9451bdae14d9c783e\IsdiInterop.ni.dll
2011-04-06 12:02 - 2011-01-13 01:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-09-23 06:30 - 2005-07-20 12:34 - 00700497 ____N () C:\Program Files (x86)\T-Online\T-Online_Software_6\Notifier\libcurl.dll
2011-09-23 06:30 - 2004-04-16 15:45 - 00143360 ____N () C:\Program Files (x86)\T-Online\T-Online_Software_6\Notifier\libexpat.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\Users\herbert\OneDrive:ms-properties
AlternateDataStreams: C:\Users\herbert\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "fst_de_19"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LManager"
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\StartupApproved\Run: => "lollipop_03061728"
HKU\S-1-5-21-3195340951-745995918-4157368257-1000\...\StartupApproved\Run: => "Optimizer Pro"
========================= Accounts: ==========================
Administrator (S-1-5-21-3195340951-745995918-4157368257-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3195340951-745995918-4157368257-1004 - Limited - Enabled)
Gast (S-1-5-21-3195340951-745995918-4157368257-501 - Limited - Disabled)
herbert (S-1-5-21-3195340951-745995918-4157368257-1000 - Administrator - Enabled) => C:\Users\herbert
HomeGroupUser$ (S-1-5-21-3195340951-745995918-4157368257-1008 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Unbekanntes USB-Gerät (Fehler beim Zurücksetzen des Ports.)
Description: Unbekanntes USB-Gerät (Fehler beim Zurücksetzen des Ports.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/26/2014 07:32:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: browser.exe, Version: 6.12.0.15, Zeitstempel: 0x4da6b0a0
Name des fehlerhaften Moduls: browser.exe, Version: 6.12.0.15, Zeitstempel: 0x4da6b0a0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00027bf9
ID des fehlerhaften Prozesses: 0x9e88
Startzeit der fehlerhaften Anwendung: 0xbrowser.exe0
Pfad der fehlerhaften Anwendung: browser.exe1
Pfad des fehlerhaften Moduls: browser.exe2
Berichtskennung: browser.exe3
Vollständiger Name des fehlerhaften Pakets: browser.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: browser.exe5
Error: (12/25/2014 09:35:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: browser.exe, Version: 6.12.0.15, Zeitstempel: 0x4da6b0a0
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17031, Zeitstempel: 0x53086d7c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000499a8
ID des fehlerhaften Prozesses: 0xd1c8
Startzeit der fehlerhaften Anwendung: 0xbrowser.exe0
Pfad der fehlerhaften Anwendung: browser.exe1
Pfad des fehlerhaften Moduls: browser.exe2
Berichtskennung: browser.exe3
Vollständiger Name des fehlerhaften Pakets: browser.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: browser.exe5
Error: (12/25/2014 09:24:30 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (12/25/2014 07:04:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Notifier.exe, Version: 6.4.0.2, Zeitstempel: 0x45a38d1f
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xdac4
Startzeit der fehlerhaften Anwendung: 0xNotifier.exe0
Pfad der fehlerhaften Anwendung: Notifier.exe1
Pfad des fehlerhaften Moduls: Notifier.exe2
Berichtskennung: Notifier.exe3
Vollständiger Name des fehlerhaften Pakets: Notifier.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Notifier.exe5
Error: (12/25/2014 08:13:41 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: ASP.NET_1.1.43228
Error: (12/25/2014 07:18:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: browser.exe, Version: 6.12.0.15, Zeitstempel: 0x4da6b0a0
Name des fehlerhaften Moduls: browser.exe, Version: 6.12.0.15, Zeitstempel: 0x4da6b0a0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00027bf9
ID des fehlerhaften Prozesses: 0xd3c
Startzeit der fehlerhaften Anwendung: 0xbrowser.exe0
Pfad der fehlerhaften Anwendung: browser.exe1
Pfad des fehlerhaften Moduls: browser.exe2
Berichtskennung: browser.exe3
Vollständiger Name des fehlerhaften Pakets: browser.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: browser.exe5
Error: (12/24/2014 06:54:23 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: ASP.NET_1.1.43228
Error: (12/21/2014 07:21:58 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: ASP.NET_1.1.43228
Error: (12/21/2014 07:16:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfe3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000ffffffff
ID des fehlerhaften Prozesses: 0x948
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_stisvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_stisvc5
Error: (12/14/2014 10:16:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215dfc6
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.16384, Zeitstempel: 0x5215f944
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001a79
ID des fehlerhaften Prozesses: 0xcd0
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3
Vollständiger Name des fehlerhaften Pakets: DllHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DllHost.exe5
System errors:
=============
Error: (12/26/2014 06:59:27 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (12/26/2014 06:42:20 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (12/26/2014 06:42:10 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (12/26/2014 06:41:56 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (12/26/2014 06:38:22 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (12/26/2014 06:38:09 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (12/26/2014 06:37:54 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (12/25/2014 05:54:22 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:80
Error: (12/25/2014 05:54:22 AM) (Source: W3SVC) (EventID: 1004) (User: )
Description: Der WWW-Publishingdienst (WWW-Dienst) konnte das URL-Präfix "hxxp://*:80/" für die Website "1" nicht registrieren. Die Website wurde deaktiviert. Das Datenfeld enthält die Fehlernummer.
Error: (12/24/2014 06:49:42 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:80
Microsoft Office Sessions:
=========================
Error: (10/17/2011 01:44:23 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-11-28 12:36:48.340
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2014-11-28 12:36:48.168
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2014-11-28 12:36:47.965
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2014-11-28 12:36:47.590
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2014-11-28 12:36:47.465
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2014-11-28 12:36:47.090
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2014-11-28 12:36:40.533
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2014-11-28 12:36:33.498
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2014-11-28 12:16:49.297
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2014-11-28 12:07:28.183
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 44%
Total physical RAM: 3947.86 MB
Available physical RAM: 2188.93 MB
Total Pagefile: 4741.3 MB
Available Pagefile: 2533.23 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:445.66 GB) (Free:118.07 GB) NTFS
Drive e: (Volume) (Fixed) (Total:465.76 GB) (Free:178.79 GB) NTFS
Drive f: (HDDRIVE2GO) (Fixed) (Total:1862.56 GB) (Free:1803.95 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 96D5FD3A)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=445.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: B377DBD9)
Partition 1: (Active) - (Size=1863 GB) - (Type=0C)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 5066EA98)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Gruß Ulrike |
Hinweis:
FRST 32-Bit | FRST 64-Bit