| |
| |||||||
Log-Analyse und Auswertung: Download/Installation von Updates nicht möglichWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.08.2013, 10:22
| #1 |
 |  Download/Installation von Updates nicht möglich Hallo, Nachdem ich meinen Laptop während meines Auslandsaufenthalts meiner Schwester für ein Jahr zur Benutzung überlassen habe, war es mir nicht möglich Avira, Windows Defender, Firefox Plugins und Windows Updates zu aktualisieren. Bisher unternommene Maßnahme: Deinstellation von Avira -> CCleaner -> Neuinstallation. Keine Veränderung. Vielen Dank schonmal im Vorraus für die Hilfe ---------------------------- Die Protokolle: Avira Report: Code:
ATTFilter Avira Free Antivirus Updater
Vollständiges Produktupdate
Erstellungszeitpunkt: Mittwoch, 14. August 2013 09:48:39
Betriebssystem:
Windows 7 Home Premium (Service Pack 1) [6.1.7601] 64 bit
Produktinformationen:
Produktversion: 13.0.0.3885
Updater: C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe 13.6.14.1550
Updaterresource: C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll 13.6.0.1550
Bibliothek: C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll 1.0.0.9
Plugin: C:\Program Files (x86)\Avira\AntiVir Desktop\updext.dll 13.6.0.1626
GUI: C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll 13.6.3.1626
Temporäres Verzeichnis: C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\
Backupverzeichnis: C:\ProgramData\Avira\AntiVir Desktop\BACKUP\
Installationsverzeichnis: C:\Program Files (x86)\Avira\AntiVir Desktop\
Updaterverzeichnis: C:\Program Files (x86)\Avira\AntiVir Desktop\
AppData Verzeichnis: C:\ProgramData\Avira\AntiVir Desktop\
Verbindungseinstellungen:
- Verbindungsart: Webserver
- Übertragungstyp: Vorhandene Verbindung
- Proxyeinstellungen: Verwende Systemeinstellungen
09:48:39 [UPD] [INFO] Prüfe ob neuere Dateien zur Verfügung stehen.
09:48:39 [UPD] [INFO] Wähle Updateserver 'hxxp://80.190.148.75/update'.
09:48:39 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.75/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:39 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:39 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:39 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.75/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:39 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:39 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:39 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.75/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:39 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:39 [UPD] [INFO] Wähle Updateserver 'hxxp://89.105.213.17/update'.
09:48:39 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.17/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:39 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:39 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:39 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.17/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.17/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPD] [INFO] Wähle Updateserver 'hxxp://89.105.213.18/update'.
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.18/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.18/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.18/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPD] [INFO] Wähle Updateserver 'hxxp://80.190.148.74/update'.
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.74/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.74/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.74/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPD] [INFO] Wähle Updateserver 'hxxp://208.111.128.7/update'.
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://208.111.128.7/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://208.111.128.7/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://208.111.128.7/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPD] [INFO] Wähle Updateserver 'hxxp://68.142.118.254/update'.
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://68.142.118.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://68.142.118.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://68.142.118.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:41 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:41 [UPDLIB] [ERROR] Kein anderer Server, Aktualisierung abgebrochen
09:48:41 [UPD] [ERROR] Erzeugen der Updatestruktur ist fehlgeschlagen. Die UpdateLib liefert den Fehler 537.
Zusammenfassung:
****************
0 Dateien heruntergeladen
0 Dateien installiert
Mittwoch, 14. August 2013 09:48:41
Das Update ist fehlgeschlagen!
Code:
ATTFilter Aktualisierungsstatus
Status: Die Suche des Programms nach Definitionsaktualisierung ist nicht möglich. Fehler: 0x80072efe.
Die Serververbindung wurde aufgrund eines Fehlers beendet.
Startzeit: 11:00
Verstrichene Zeit: 00:08:28
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 08:47 on 14/08/2013 (****)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-08-2013
Ran by **** (administrator) on 14-08-2013 08:52:35
Running from C:\Users\**** 2\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
(NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Akamai Technologies, Inc.) C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Akamai Technologies, Inc.) C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-10] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-29] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-11-23] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [x]
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-11] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\***\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_Plugin.exe [686792 2012-07-30] (Adobe Systems Incorporated)
Startup: C:\Users\**** 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {F96AC87D-7D37-4755-A9C0-27B4C0AFECD2} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {F96AC87D-7D37-4755-A9C0-27B4C0AFECD2} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: WOT - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: testpilot - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\testpilot@labs.mozilla.com.xpi
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-12] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4159984 2010-12-08] (INCA Internet Co., Ltd.)
R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)
S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [77184 2004-03-09] (Protection Technology)
S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [65504 2004-03-09] (Protection Technology)
S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 WinRing0_1_2_0; C:\Users\**** 2\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [14544 2011-02-17] (OpenLibSys.org)
S3 dump_wmimmc; \??\C:\Program Files (x86)\Gameforge4D\CABAL Online\GameGuard\dump_wmimmc.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [x]
S0 prohlp02; System32\drivers\prohlp02.sys [x]
S0 prosync1; System32\drivers\prosync1.sys [x]
S0 sfhlp01; System32\drivers\sfhlp01.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Downloads\FRST64.exe
2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Desktop\FRST64.exe
2013-08-14 08:47 - 2013-08-14 08:47 - 00000470 _____ C:\Users\**** 2\Desktop\defogger_disable.log
2013-08-14 08:47 - 2013-08-14 08:47 - 00000000 _____ C:\Users\****\defogger_reenable
2013-08-14 08:46 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Desktop\Defogger.exe
2013-08-14 08:43 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Downloads\Defogger.exe
2013-08-14 08:28 - 2013-08-14 08:49 - 00013070 _____ C:\Users\**** 2\Desktop\hijackthis.log
2013-08-14 08:27 - 2013-08-14 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\**** 2\Desktop\HiJackThis204.exe
2013-08-14 08:27 - 2013-08-14 08:27 - 00012372 _____ C:\Users\**** 2\Downloads\hijackthis.log
2013-08-14 08:20 - 2013-08-14 08:20 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Avira
2013-08-14 07:58 - 2013-08-14 07:58 - 19500928 _____ C:\Users\****\Downloads\QuickTimeInstaller.exe.part
2013-08-14 07:28 - 2013-08-14 07:28 - 00000000 ____D C:\Users\****\Documents\Warzone 2100 2.3
2013-08-14 00:14 - 2013-08-14 00:14 - 00000000 ____D C:\Users\****\AppData\Roaming\Avira
2013-08-14 00:09 - 2013-08-14 00:09 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 _____ C:\Users\****\Documents\APNSetup1.exe
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 _____ C:\Users\****\Documents\APNSetup.exe
2013-08-14 00:09 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-14 00:09 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-14 00:09 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-14 00:04 - 2013-08-14 00:07 - 110344048 _____ C:\Users\****\Downloads\avira_free_antivirus85_de.exe
2013-08-13 23:35 - 2013-08-13 23:43 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de(1).exe
2013-08-13 23:30 - 2013-08-13 23:30 - 00981567 _____ C:\Users\****\Downloads\EFRC32Setup.exe
2013-08-13 23:30 - 2013-08-13 23:30 - 00001053 _____ C:\Users\***\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:29 - 2013-08-13 23:29 - 00981612 _____ C:\Users\****\Downloads\EFRCSetup.exe
2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Users\**** 2\AppData\Local\O&O
2013-08-13 23:18 - 2013-08-13 23:18 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus(1).exe
2013-08-13 23:07 - 2013-08-13 23:07 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus.exe
2013-08-13 22:47 - 2013-08-14 08:12 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-08-13 22:47 - 2013-08-13 22:47 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2013-08-13 22:46 - 2013-08-13 22:46 - 02094432 _____ C:\Users\**** 2\Downloads\SecurityTaskManager_Setup-1.8d.exe
2013-08-13 22:05 - 2013-08-14 00:09 - 00000000 ____D C:\ProgramData\Avira
2013-08-13 22:01 - 2013-08-13 22:03 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de.exe
2013-08-13 21:50 - 2013-08-13 21:50 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security(1).exe
2013-08-13 21:39 - 2013-08-13 21:39 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security.exe
2013-08-13 21:34 - 2013-08-13 21:35 - 22268584 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup 23.0.exe
2013-08-13 21:34 - 2012-11-09 07:45 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-08-13 21:34 - 2012-11-09 06:43 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-08-13 21:33 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-08-13 21:33 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-08-13 21:33 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-08-13 21:33 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-08-13 21:33 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-08-13 21:33 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-08-13 21:33 - 2012-11-09 07:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-13 21:33 - 2012-11-09 06:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-13 21:32 - 2013-08-13 21:32 - 00282112 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup Stub 23.0.exe
2013-08-13 21:32 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-13 21:32 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-08-13 21:32 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-08-13 21:32 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-08-13 21:32 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-08-13 21:32 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-08-13 21:32 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-08-13 21:32 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-08-13 21:32 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-08-13 21:32 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-08-13 21:32 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-08-13 21:32 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2013-08-13 21:31 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-08-10 16:46 - 2013-08-10 20:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2013-08-07 16:08 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-08-07 16:08 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-08-07 16:08 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-29 13:53 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-29 13:53 - 2012-11-01 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-07-29 13:53 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-29 13:53 - 2012-11-01 06:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-27 14:36 - 2013-08-13 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia
2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-07-27 14:01 - 2013-07-27 14:01 - 00125544 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ___RD C:\Users\***\Virtual Machines
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Local\EgisTec IPS
2013-07-27 14:00 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***
2013-07-27 14:00 - 2013-07-27 14:00 - 00000020 ___SH C:\Users\***\ntuser.ini
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Vorlagen
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Startmenü
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Netzwerkumgebung
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Lokale Einstellungen
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Eigene Dateien
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Druckumgebung
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Musik
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Bilder
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Verlauf
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Anwendungsdaten
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Anwendungsdaten
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore
2013-07-27 14:00 - 2011-11-08 03:40 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help
2013-07-23 13:54 - 2013-04-10 05:30 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
2013-08-14 08:51 - 2013-08-14 08:51 - 00000000 ____D C:\FRST
2013-08-14 08:49 - 2013-08-14 08:28 - 00013070 _____ C:\Users\**** 2\Desktop\hijackthis.log
2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Downloads\FRST64.exe
2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Desktop\FRST64.exe
2013-08-14 08:47 - 2013-08-14 08:47 - 00000470 _____ C:\Users\**** 2\Desktop\defogger_disable.log
2013-08-14 08:47 - 2013-08-14 08:47 - 00000000 _____ C:\Users\****\defogger_reenable
2013-08-14 08:47 - 2011-01-29 18:01 - 00000000 ____D C:\Users\****
2013-08-14 08:45 - 2011-03-01 11:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-14 08:44 - 2011-02-15 09:32 - 00000000 ____D C:\Users\JRN~1\AppData\Local\Adobe
2013-08-14 08:43 - 2013-08-14 08:46 - 00050477 _____ C:\Users\**** 2\Desktop\Defogger.exe
2013-08-14 08:43 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Downloads\Defogger.exe
2013-08-14 08:27 - 2013-08-14 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\**** 2\Desktop\HiJackThis204.exe
2013-08-14 08:27 - 2013-08-14 08:27 - 00012372 _____ C:\Users\**** 2\Downloads\hijackthis.log
2013-08-14 08:20 - 2013-08-14 08:20 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Avira
2013-08-14 08:19 - 2011-05-01 18:56 - 00000000 ____D C:\Users\**** 2\AppData\Local\CrashDumps
2013-08-14 08:15 - 2011-03-01 11:09 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-14 08:12 - 2013-08-13 22:47 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-08-14 08:03 - 2010-11-23 19:39 - 01335823 _____ C:\Windows\WindowsUpdate.log
2013-08-14 07:58 - 2013-08-14 07:58 - 19500928 _____ C:\Users\****\Downloads\QuickTimeInstaller.exe.part
2013-08-14 07:46 - 2012-02-29 10:53 - 00000000 ____D C:\Users\****\Documents\OpenTTD
2013-08-14 07:28 - 2013-08-14 07:28 - 00000000 ____D C:\Users\****\Documents\Warzone 2100 2.3
2013-08-14 07:28 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-14 07:28 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-14 07:23 - 2011-01-30 23:32 - 00003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC372759-2740-4048-B35C-C3CD4DCC66F6}
2013-08-14 07:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-14 00:14 - 2013-08-14 00:14 - 00000000 ____D C:\Users\****\AppData\Roaming\Avira
2013-08-14 00:13 - 2011-01-29 21:22 - 00000000 ____D C:\Users\****\Tracing
2013-08-14 00:09 - 2013-08-14 00:09 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 _____ C:\Users\****\Documents\APNSetup1.exe
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 _____ C:\Users\****\Documents\APNSetup.exe
2013-08-14 00:09 - 2013-08-13 22:05 - 00000000 ____D C:\ProgramData\Avira
2013-08-14 00:07 - 2013-08-14 00:04 - 110344048 _____ C:\Users\****\Downloads\avira_free_antivirus85_de.exe
2013-08-13 23:56 - 2012-02-29 12:33 - 00000000 ___RD C:\Users\****\Virtual Machines
2013-08-13 23:56 - 2011-01-29 18:02 - 00125544 _____ C:\Users\JRN~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-13 23:56 - 2011-01-29 18:02 - 00000000 ___RD C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-13 23:56 - 2011-01-29 18:02 - 00000000 ___RD C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-08-13 23:54 - 2012-02-29 11:14 - 00000000 ____D C:\Users\**** 2\Documents\OpenTTD
2013-08-13 23:43 - 2013-08-13 23:35 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de(1).exe
2013-08-13 23:32 - 2011-05-22 15:31 - 00000000 ____D C:\Program Files (x86)\Eusing Free Registry Cleaner
2013-08-13 23:30 - 2013-08-13 23:30 - 00981567 _____ C:\Users\****\Downloads\EFRC32Setup.exe
2013-08-13 23:30 - 2013-08-13 23:30 - 00001053 _____ C:\Users\***\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\****\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\**** 3\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\**** 2\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\Gast\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:29 - 2013-08-13 23:29 - 00981612 _____ C:\Users\****\Downloads\EFRCSetup.exe
2013-08-13 23:25 - 2010-09-16 01:34 - 00000000 ____D C:\Program Files (x86)\NewTech Infosystems
2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Users\**** 2\AppData\Local\O&O
2013-08-13 23:21 - 2011-03-21 20:13 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-08-13 23:20 - 2010-11-24 04:28 - 00656294 _____ C:\Windows\system32\perfh007.dat
2013-08-13 23:20 - 2010-11-24 04:28 - 00130894 _____ C:\Windows\system32\perfc007.dat
2013-08-13 23:20 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-13 23:18 - 2013-08-13 23:18 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus(1).exe
2013-08-13 23:15 - 2011-08-14 16:21 - 00000000 ___RD C:\Users\**** 2\Virtual Machines
2013-08-13 23:07 - 2013-08-13 23:07 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus.exe
2013-08-13 22:47 - 2013-08-13 22:47 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2013-08-13 22:46 - 2013-08-13 22:46 - 02094432 _____ C:\Users\**** 2\Downloads\SecurityTaskManager_Setup-1.8d.exe
2013-08-13 22:40 - 2010-09-16 01:38 - 00000000 ____D C:\ProgramData\McAfee
2013-08-13 22:40 - 2010-09-16 01:38 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-08-13 22:35 - 2013-02-09 17:52 - 00000000 ____D C:\Program Files (x86)\Steinberg
2013-08-13 22:32 - 2010-09-16 01:41 - 00000000 ____D C:\Program Files (x86)\Acer GameZone
2013-08-13 22:25 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-13 22:03 - 2013-08-13 22:01 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de.exe
2013-08-13 21:57 - 2012-10-12 15:10 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Dropbox
2013-08-13 21:54 - 2012-10-23 17:40 - 00000000 ___RD C:\Users\**** 2\Dropbox
2013-08-13 21:53 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-13 21:52 - 2012-12-10 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-13 21:50 - 2013-08-13 21:50 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security(1).exe
2013-08-13 21:48 - 2011-02-09 13:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-13 21:39 - 2013-08-13 21:39 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security.exe
2013-08-13 21:37 - 2013-07-27 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-13 21:37 - 2011-01-29 19:05 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-13 21:35 - 2013-08-13 21:34 - 22268584 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup 23.0.exe
2013-08-13 21:32 - 2013-08-13 21:32 - 00282112 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup Stub 23.0.exe
2013-08-13 21:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-10 20:46 - 2013-08-10 16:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2013-08-10 16:46 - 2011-02-09 13:11 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-10 16:46 - 2011-02-03 00:06 - 00000000 ____D C:\Users\****\AppData\Roaming\Skype
2013-08-10 16:46 - 2011-02-01 01:35 - 00000000 ____D C:\ProgramData\Skype
2013-07-27 14:43 - 2012-10-21 15:36 - 00000000 ____D C:\Users\***\Documents\Schule
2013-07-27 14:42 - 2012-12-16 16:44 - 00000000 ____D C:\Users\***\Documents\Bewerbungsfotos
2013-07-27 14:40 - 2012-11-15 20:38 - 00000000 ____D C:\Users\**** 2\Documents\***
2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia
2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-07-27 14:01 - 2013-07-27 14:01 - 00125544 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ___RD C:\Users\***\Virtual Machines
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Local\EgisTec IPS
2013-07-27 14:01 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***
2013-07-27 14:00 - 2013-07-27 14:00 - 00000020 ___SH C:\Users\***\ntuser.ini
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Vorlagen
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Startmenü
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Netzwerkumgebung
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Lokale Einstellungen
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Eigene Dateien
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Druckumgebung
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Musik
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Bilder
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Verlauf
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Anwendungsdaten
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Anwendungsdaten
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore
2013-07-27 13:46 - 2011-01-29 21:09 - 00000000 ____D C:\Users\JRN~1\AppData\Local\Windows Live
2013-07-26 19:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-26 17:40 - 2011-03-01 11:09 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-26 17:40 - 2011-03-01 11:09 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-24 18:15 - 2009-07-14 06:45 - 00444664 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-18 08:02 - 2013-08-14 00:09 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-18 08:02 - 2013-08-14 00:09 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
Files to move or delete:
====================
C:\Users\**** 2\jagex_runescape_preferences.dat
C:\Users\**** 2\jagex_runescape_preferences2.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-26 19:01
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2013
Ran by **** at 2013-08-14 08:53:30
Running from C:\Users\**** 2\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
4Story 3.4.1 (x32)
Acer Backup Manager (x32 Version: 2.0.0.68)
Acer Crystal Eye webcam Ver:1.1.194.1021 (x32 Version: 1.1.194.1021)
Acer ePower Management (x32 Version: 5.00.3005)
Acer eRecovery Management (x32 Version: 4.05.3013)
Acer Registration (x32 Version: 1.03.3003)
Acer ScreenSaver (x32 Version: 1.1.0423.2010)
Acer Updater (x32 Version: 1.02.3001)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (x32 Version: 10.2.159.1)
Adobe Flash Player 11 Plugin (x32 Version: 11.3.300.268)
Adobe Photoshop Lightroom 3.6 64-bit (Version: 3.6.1)
Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4)
AirRivals (x32)
Akamai NetSession Interface (x32)
Alcor Micro USB Card Reader (x32 Version: 1.9.17.06019)
Apple Application Support (x32 Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (x32 Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.786.0)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Backup Manager Basic (x32 Version: 2.0.0.68)
Battlecruiser Millennium FREEWARE (x32 Version: 1.09.03)
be Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 14.2.4.2)
capella-scan 7.0 (x32 Version: 7.0.22)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0828.2240.38829)
Catalyst Control Center InstallProxy (x32 Version: 2010.0828.2240.38829)
Catalyst Control Center Localization All (x32 Version: 2010.0828.2240.38829)
CCC Help Chinese Standard (x32 Version: 2010.0828.2239.38829)
CCC Help Chinese Traditional (x32 Version: 2010.0828.2239.38829)
CCC Help Czech (x32 Version: 2010.0828.2239.38829)
CCC Help Danish (x32 Version: 2010.0828.2239.38829)
CCC Help Dutch (x32 Version: 2010.0828.2239.38829)
CCC Help English (x32 Version: 2010.0828.2239.38829)
CCC Help Finnish (x32 Version: 2010.0828.2239.38829)
CCC Help French (x32 Version: 2010.0828.2239.38829)
CCC Help German (x32 Version: 2010.0828.2239.38829)
CCC Help Greek (x32 Version: 2010.0828.2239.38829)
CCC Help Hungarian (x32 Version: 2010.0828.2239.38829)
CCC Help Italian (x32 Version: 2010.0828.2239.38829)
CCC Help Japanese (x32 Version: 2010.0828.2239.38829)
CCC Help Korean (x32 Version: 2010.0828.2239.38829)
CCC Help Norwegian (x32 Version: 2010.0828.2239.38829)
CCC Help Polish (x32 Version: 2010.0828.2239.38829)
CCC Help Portuguese (x32 Version: 2010.0828.2239.38829)
CCC Help Russian (x32 Version: 2010.0828.2239.38829)
CCC Help Spanish (x32 Version: 2010.0828.2239.38829)
CCC Help Swedish (x32 Version: 2010.0828.2239.38829)
CCC Help Thai (x32 Version: 2010.0828.2239.38829)
CCC Help Turkish (x32 Version: 2010.0828.2239.38829)
ccc-core-static (x32 Version: 2010.0828.2240.38829)
ccc-utility64 (Version: 2010.0828.2240.38829)
CCleaner (Version: 3.15)
CD goes MP3 (x32 Version: 2.1)
Cisco AnyConnect VPN Client (x32 Version: 2.5.2014)
CyberLink PowerDVD 9 (x32 Version: 9.0.3814.50)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Defraggler (Version: 2.07)
Derive 6 (x32 Version: 6.1)
DivX-Setup (x32 Version: 2.6.1.8)
Drachenkrieg (with media and plugins), version 1.1.29 (x32)
Elfenwelt - Abenteuer im Elfenland (x32)
Enable Viacam 1.4 (x32 Version: 1.4)
eSobi v2 (x32 Version: 2.0.4.000274)
Eusing Free Registry Cleaner (x32)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free Video to iPod Converter version 4.3.3.804 (x32)
Free YouTube to MP3 Converter version 3.10.17.221 (x32 Version: 3.10.17.221)
Freeciv 2.2.4 (GTK+ client) (HKCU)
Freemake Video Converter Version 3.0.2 (x32 Version: 3.0.2)
GIMP 2.6.8
Google Earth (x32 Version: 6.0.1.2032)
Google Update Helper (x32 Version: 1.3.21.153)
HyperCam 2 (Version: 2.25.01)
HyperCam 2 (x32)
iCloud (Version: 1.1.0.40)
Identity Card (x32 Version: 1.00.3003)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.00.01.1002)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
iTunes (Version: 10.6.3.25)
Java(TM) 7 Update 3 (64-bit) (Version: 7.0.30)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Launch Manager (x32 Version: 4.0.14)
Lern-o-Mat (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 23.0 (x86 de) (x32 Version: 23.0)
Mozilla Maintenance Service (x32 Version: 23.0)
Mozilla Thunderbird 9.0.1 (x86 de) (x32 Version: 9.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MTX (x32 Version: 1.0.0)
my moments (HKCU Version: 2.5.1.0)
MyWinLocker (x32 Version: 3.1.212.0)
MyWinLocker Suite (x32 Version: 3.1.212.0)
NTI Backup Now 5 (x32 Version: 5.1.2.630)
NTI Backup Now Standard (x32 Version: 5.1.2.630)
NTI Media Maker 8 (x32 Version: 8.0.12.6636)
OpenAL (x32)
OpenTTD 1.1.5 (x32 Version: 1.1.5)
Photo Gallery (x32 Version: 16.4.3505.0912)
PX Profile Update (x32 Version: 1.00.1.)
QuickTime (x32 Version: 7.72.80.56)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6167)
Recuva (Version: 1.39)
Security Task Manager 1.8d (x32 Version: 1.8d)
Shredder (Version: 2.0.8.3)
Shredder (x32 Version: 2.0.8.3)
Skype™ 6.7 (x32 Version: 6.7.102)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
Syncrosoft Lizenz Kontrolle (x32)
TrueCrypt (x32 Version: 7.0a)
Überwachungstool für die Intel® Turbo-Boost-Technik (Version: 1.0.186.6)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Visual C++ 8.0 CRT (x86) WinSXS MSM (x32 Version: 8.0.50727.762)
Warzone 2100-2.3.9 (x32 Version: 2.3.9)
Warzone 2100-3.1_beta10 (x32 Version: 3.1_beta10)
Welcome Center (x32 Version: 1.02.3004)
Wild Creatures (x32)
Wildlife Park (x32)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live Family Safety (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0)
Windows Speech Recognition Macros (x32 Version: 1.0.6862.19)
Wing Commander Saga 1.0.2.7795 (Version: 1.0.2.7795)
WinRAR 4.11 (32-Bit) (x32 Version: 4.11.0)
==================== Restore Points =========================
22-06-2013 11:13:12 Windows Update
22-06-2013 18:20:31 Windows Update
23-07-2013 13:33:31 Windows Update
30-07-2013 08:32:59 Windows Update
07-08-2013 16:39:46 Windows Update
13-08-2013 19:45:05 Removed Skype Click to Call
13-08-2013 19:47:43 Removed Skype Click to Call
13-08-2013 20:22:48 Removed BlueStacks Notification Center
13-08-2013 20:34:44 Removed Steinberg Cubase LE 4
13-08-2013 21:08:37 Windows Update
13-08-2013 21:22:08 O&O Defrag Free Edition wurde entfernt.
13-08-2013 21:23:30 Removed Oracle VM VirtualBox 4.1.0
13-08-2013 21:24:52 Configured Backup Manager Basic
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {4C79F9F7-AC4B-495D-8681-E5F6BE84CCAE} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {4E02C21D-1B27-478D-BFD0-E4DA908F3F3F} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {50E78190-CF50-4143-AFD6-CEAD88F5022C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {69FCED66-FBD2-4B46-B2EC-D095B188FBB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8C09D1FF-401A-4111-9E02-9777FE46EC1D} - System32\Tasks\{8FBFAD8D-B04E-4EB6-AA87-3DC1BA0C625B} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013-07-31] (Mozilla Corporation)
Task: {9607534B-3EA2-4A5D-A623-197D0C6E95B6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-260301430-403971504-409968616-1001
Task: {A0062C2C-8B80-4A2F-B305-9C38A034838C} - System32\Tasks\User_Feed_Synchronization-{FC372759-2740-4048-B35C-C3CD4DCC66F6} => C:\Windows\system32\msfeedssync.exe [2011-04-21] (Microsoft Corporation)
Task: {C050E51A-BC2D-4F3D-9800-EC540A79BB5D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {DA3AE28F-6460-4AD3-ACB4-42A9266923A5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {DF7B18EF-B0FE-4587-971D-3229E5D17AD0} - System32\Tasks\{66CE549C-71E9-40F6-8205-0326404CB12A} => C:\Program Files (x86)\Wildlife Park\Int\Win32\Program\VC6\WLPAdd1.exe No File
Task: {DF88A619-ED66-4B99-97D1-225CFF8FAC39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-01] (Google Inc.)
Task: {E16F09F7-F7A8-44DF-983D-B40FFCA0566C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-01] (Google Inc.)
Task: {F8C9BB01-5C1A-4740-97FB-FEC92836A6BB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/14/2013 08:49:07 AM) (Source: Application Hang) (User: )
Description: Programm FRST64.exe, Version 3.3.8.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 12d8
Startzeit: 01ce98ba4d7dedff
Endzeit: 0
Anwendungspfad: C:\Users\**** 2\Downloads\FRST64.exe
Berichts-ID: 997ec877-04ad-11e3-a8e8-206a8a2378c9
Error: (08/13/2013 11:17:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (08/13/2013 11:08:31 PM) (Source: Bonjour Service) (User: )
Description: 472: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (08/13/2013 11:08:31 PM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10093
Error: (08/12/2013 05:04:10 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9968
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9968
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/10/2013 04:46:57 PM) (Source: MsiInstaller) (User: JP1)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/06/2013 02:28:06 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
System errors:
=============
Error: (08/14/2013 07:19:58 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/14/2013 07:19:14 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/14/2013 00:28:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (08/14/2013 00:02:42 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/14/2013 00:02:19 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/13/2013 11:59:30 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/13/2013 11:58:45 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/13/2013 11:32:30 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/13/2013 11:32:01 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/13/2013 11:31:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Microsoft Office Sessions:
=========================
Error: (08/14/2013 08:49:07 AM) (Source: Application Hang)(User: )
Description: FRST64.exe3.3.8.112d801ce98ba4d7dedff0C:\Users\**** 2\Downloads\FRST64.exe997ec877-04ad-11e3-a8e8-206a8a2378c9
Error: (08/13/2013 11:17:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\**** 2\Downloads\SoftonicDownloader_fuer_youtube-song-downloader.exe
Error: (08/13/2013 11:08:31 PM) (Source: Bonjour Service)(User: )
Description: 472: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (08/13/2013 11:08:31 PM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10093
Error: (08/12/2013 05:04:10 PM) (Source: Windows Backup)(User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9968
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9968
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/10/2013 04:46:57 PM) (Source: MsiInstaller)(User: JP1)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/06/2013 02:28:06 PM) (Source: Windows Backup)(User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 3956.5 MB
Available physical RAM: 2035.16 MB
Total Pagefile: 7911.18 MB
Available Pagefile: 5722.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:451.99 GB) (Free:241.57 GB) NTFS (Disk=0 Partition=3)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: F3E8F3E8)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-08-14 09:18:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\JRN~1\AppData\Local\Temp\ugtdypow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff8000340a000 63 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 624 fffff8000340a040 1 byte [21]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Windows\SysWOW64\svchost.exe[1684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Windows\SysWOW64\svchost.exe[1684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[1784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[1784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[4828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[4828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe[4540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe[4540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\LManager.exe[1412] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[1412] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe[3792] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe[3792] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread [1716:1792] 0000000077553e45
Thread [1716:1796] 00000000758f7587
Thread [1716:1808] 0000000072dac59c
Thread [1716:1812] 0000000072dac59c
Thread [1716:1816] 0000000072dac59c
Thread [1716:1820] 0000000077552e25
Thread [1716:1824] 0000000072dac41c
Thread [1716:2124] 0000000072bae2db
Thread [1716:2128] 0000000072dac59c
Thread [1716:2132] 0000000072dac41c
Thread [1716:2136] 0000000072dac41c
Thread [1716:2140] 0000000072dac41c
Thread [1716:2144] 0000000072dac41c
Thread [1716:2148] 0000000072dac41c
Thread [1716:2152] 0000000072dac41c
Thread [1716:2156] 0000000072dac41c
Thread [1716:2160] 0000000072dac41c
Thread [1716:2164] 0000000072dac41c
Thread [1716:2168] 0000000072dac41c
Thread [1716:2172] 0000000072dac41c
Thread [1716:2176] 0000000072dac41c
Thread [1716:2180] 0000000072dac41c
Thread [1716:2184] 0000000072dac41c
Thread [1716:2188] 0000000072dac41c
Thread [1716:2192] 0000000072dac41c
Thread [1716:2196] 0000000072dac41c
Thread [1716:2204] 0000000072dac59c
Thread [1716:2208] 0000000070fb8e20
Thread [1716:2212] 0000000070fb8e20
Thread [1716:2216] 0000000070fb8e20
Thread [1716:2220] 0000000070fb4e00
Thread [1716:2940] 0000000072dac59c
Thread [1716:2660] 0000000072dac59c
Thread [1716:2424] 0000000072dac59c
---- EOF - GMER 2.1 ----
|
|
14.08.2013, 12:18
| #2 | |
| /// the machine /// TB-Ausbilder    | Download/Installation von Updates nicht möglich hi,
__________________Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ |
|
14.08.2013, 12:45
| #3 |
| | Download/Installation von Updates nicht möglichCode:
ATTFilter Combofix Logfile: |
|
14.08.2013, 19:38
| #4 |
| /// the machine /// TB-Ausbilder | Download/Installation von Updates nicht möglich Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.08.2013, 22:09
| #5 |
| | Download/Installation von Updates nicht möglich Hier noch eimal die Protokolle: Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.08.14.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 **** :: JP1 [Administrator] Schutz: Aktiviert 14.08.2013 21:46:53 mbam-log-2013-08-14 (21-46-53).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 301956 Laufzeit: 7 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 3 C:\ProgramData\InstallMate (PUP.Optional.InstallMate.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{F6FD24B4-34A3-4635-8ECD-7B5C791EAE5F} (PUP.Optional.InstallMate.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{F6FD24B4-34A3-4635-8ECD-7B5C791EAE5F}\4561E9E111E6CB85 (PUP.Optional.InstallMate.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 7 C:\Users\**** 2\Downloads\SoftonicDownloader_fuer_youtube-song-downloader.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{F6FD24B4-34A3-4635-8ECD-7B5C791EAE5F}\20120529211440.log (PUP.Optional.InstallMate.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{F6FD24B4-34A3-4635-8ECD-7B5C791EAE5F}\Setup.dat (PUP.Optional.InstallMate.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{F6FD24B4-34A3-4635-8ECD-7B5C791EAE5F}\Setup.exe (PUP.Optional.InstallMate.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{F6FD24B4-34A3-4635-8ECD-7B5C791EAE5F}\Setup.ico (PUP.Optional.InstallMate.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{F6FD24B4-34A3-4635-8ECD-7B5C791EAE5F}\TsuDll.dll (PUP.Optional.InstallMate.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\ProgramData\InstallMate\{F6FD24B4-34A3-4635-8ECD-7B5C791EAE5F}\_Setup.dll (PUP.Optional.InstallMate.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.000 - Report created14/08/2013at22:15:50
# Updated 13/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : **** - JP1
# Running from : C:\Users\**** 2\Desktop\adwcleaner.exe
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\Mail.Ru
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Users\****\AppData\Local\PackageAware
Folder Deleted : C:\Users\****\AppData\Roaming\dvdvideosoftiehelpers
Folder Deleted : C:\Users\**** 2\AppData\LocalLow\boost_interprocess
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_youtube-song-downloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_youtube-song-downloader_RASMANCS
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16483
[OK] No bad entry found.
-\\ Mozilla Firefox v23.0 (de)
Folder Deleted : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
[ File : C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\prefs.js ]
[OK] No bad entry found.
[ File : C:\Users\**** 2\AppData\Roaming\Mozilla\Firefox\Profiles\w9s7vug1.default\prefs.js ]
Line Deleted : user_pref("browser.newtabpage.blocked", "{\"YGcMcVXz6s38Af/t+p9v/A==\":1,\"B6N/pSfrlcKCQFIk2vZEuQ==\[...]
[ File : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\i8andakk.default\prefs.js ]
Line Deleted : user_pref("browser.newtabpage.blocked", "{\"cLGWrxS2IszkkkBm3vohLQ==\":1,\"DAwbdNjxiiKHIBtQqmhhUA==\[...]
*************************
AdwCleaner[0].txt - [1815 octets] - [14/08/2013 22:15:50]
########## EOF - \AdwCleaner\AdwCleaner[0].txt - [1874 octets] ##########
[/CODE] JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.5 (08.13.2013:1)
OS: Windows 7 Home Premium x64
Ran by **** on 14.08.2013 at 22:33:52,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\eusing free registry cleaner"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free registry cleaner"
Successfully deleted: [Folder] "C:\Users\****\AppData\Roaming\microsoft\windows\start menu\programs\free registry cleaner"
Successfully deleted: [Empty Folder] C:\Users\****\appdata\local\{0B919B11-B5DD-492D-B025-9962C69CD080}
Successfully deleted: [Empty Folder] C:\Users\****\appdata\local\{73564B1B-7F15-4CBE-8B04-9CC4776DF1F7}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.08.2013 at 22:38:11,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-08-2013 Ran by **** (administrator) on 14-08-2013 22:42:15 Running from C:\Users\**** 2\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (AMD) C:\Windows\system32\atieclxx.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Windows\PLFSetI.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Akamai Technologies, Inc.) C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Akamai Technologies, Inc.) C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-10] (Alcor Micro Corp.) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-29] (Realtek Semiconductor) HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-11-23] () HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated) HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated) HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [x] HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-11] (Dritek System Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.) HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] () HKU\***\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_Plugin.exe [686792 2012-07-30] (Adobe Systems Incorporated) Startup: C:\Users\**** 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {F96AC87D-7D37-4755-A9C0-27B4C0AFECD2} URL = hxxp://www.google.de/search?q={searchTerms} BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} FF Extension: WOT - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF Extension: testpilot - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\testpilot@labs.mozilla.com.xpi FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 ==================== Services (Whitelisted) ================= R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-12] (Akamai Technologies, Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-18] (Avira Operations GmbH & Co. KG) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.) S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4159984 2010-12-08] (INCA Internet Co., Ltd.) R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [77184 2004-03-09] (Protection Technology) S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [65504 2004-03-09] (Protection Technology) S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft) R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () R2 WinRing0_1_2_0; C:\Users\**** 2\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [14544 2011-02-17] (OpenLibSys.org) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 dump_wmimmc; \??\C:\Program Files (x86)\Gameforge4D\CABAL Online\GameGuard\dump_wmimmc.sys [x] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x] S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [x] S0 prohlp02; System32\drivers\prohlp02.sys [x] S0 prosync1; System32\drivers\prosync1.sys [x] S0 sfhlp01; System32\drivers\sfhlp01.sys [x] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-14 22:38 - 2013-08-14 22:38 - 00001521 _____ C:\Users\****\Desktop\JRT.txt 2013-08-14 22:33 - 2013-08-14 22:33 - 00000000 ____D C:\Windows\ERUNT 2013-08-14 22:28 - 2013-08-14 22:28 - 00001950 _____ C:\Users\**** 2\Desktop\AdwCleaner[0].txt 2013-08-14 22:15 - 2013-08-14 22:26 - 00000000 ____D C:\AdwCleaner 2013-08-14 22:13 - 2013-08-14 22:13 - 01158897 _____ (Thisisu) C:\Users\**** 2\Downloads\JRT.exe 2013-08-14 22:13 - 2013-08-14 22:13 - 01158897 _____ (Thisisu) C:\Users\**** 2\Desktop\JRT.exe 2013-08-14 22:12 - 2013-08-14 22:12 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Malwarebytes 2013-08-14 22:04 - 2013-08-14 22:04 - 00800594 _____ C:\Users\**** 2\Downloads\adwcleaner.exe 2013-08-14 22:04 - 2013-08-14 22:04 - 00800594 _____ C:\Users\**** 2\Desktop\adwcleaner.exe 2013-08-14 21:44 - 2013-08-14 21:44 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\Users\****\AppData\Roaming\Malwarebytes 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-14 21:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-14 21:43 - 2013-08-14 21:44 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\**** 2\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-14 19:14 - 2013-08-14 19:14 - 00001153 _____ C:\Users\**** 2\Desktop\Security Task Manager.lnk 2013-08-14 18:20 - 2013-08-14 18:25 - 00000680 __RSH C:\Users\**** 2\ntuser.pol 2013-08-14 18:16 - 2013-08-14 19:03 - 00000000 ____D C:\Users\JRN~1\AppData\Local\CrashDumps 2013-08-14 18:13 - 2013-08-14 18:13 - 00001011 _____ C:\Users\****\Desktop\Trojancheck.lnk 2013-08-14 18:13 - 2013-08-14 18:13 - 00001011 _____ C:\Users\**** 2\Desktop\Trojancheck.lnk 2013-08-14 18:13 - 2013-08-14 18:13 - 00001011 _____ C:\Users\***\Desktop\Trojancheck.lnk 2013-08-14 18:13 - 2013-08-14 18:13 - 00001011 _____ C:\Users\Gast\Desktop\Trojancheck.lnk 2013-08-14 18:13 - 2013-08-14 18:13 - 00000000 ____D C:\Program Files (x86)\Trojancheck 6 2013-08-14 18:12 - 2013-08-14 18:12 - 01273071 _____ C:\Users\**** 2\Downloads\tc6_install.exe 2013-08-14 17:57 - 2013-08-14 17:57 - 00000000 ____D C:\Users\****\Documents\ProcAlyzer Dumps 2013-08-14 17:52 - 2013-08-14 17:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-08-14 17:52 - 2013-08-14 17:52 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2013-08-14 17:52 - 2013-08-14 17:52 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-08-14 17:52 - 2009-01-25 13:14 - 00017272 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe 2013-08-14 17:51 - 2013-08-14 17:52 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-08-14 17:48 - 2013-08-14 17:49 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\**** 2\Downloads\spybotsd-2.1.21-SR2.exe 2013-08-14 13:47 - 2013-08-14 22:00 - 00003456 _____ C:\Windows\PFRO.log 2013-08-14 13:43 - 2013-08-14 13:43 - 00021804 _____ C:\Users\**** 2\Desktop\Combofix.txt 2013-08-14 13:40 - 2013-08-14 13:40 - 00021805 _____ C:\ComboFix.txt 2013-08-14 13:25 - 2013-08-14 13:40 - 00000000 ____D C:\ComboFix 2013-08-14 13:21 - 2013-08-14 13:40 - 00000000 ____D C:\Qoobox 2013-08-14 13:21 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-08-14 13:21 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-08-14 13:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-08-14 13:20 - 2013-08-14 13:39 - 00000000 ____D C:\Windows\erdnt 2013-08-14 13:20 - 2013-08-14 13:19 - 05104695 ____R (Swearware) C:\Users\**** 2\Desktop\ComboFix.exe 2013-08-14 13:19 - 2013-08-14 13:19 - 05104695 _____ (Swearware) C:\Users\**** 2\Downloads\ComboFix.exe 2013-08-14 11:09 - 2013-08-14 11:11 - 00000241 _____ C:\Users\**** 2\Desktop\Windows Defender.txt 2013-08-14 09:49 - 2013-08-14 09:49 - 00015618 _____ C:\Users\**** 2\Desktop\Upd-2013-08-14-09-48-38.log 2013-08-14 09:25 - 2013-08-14 22:30 - 00000224 _____ C:\Windows\setupact.log 2013-08-14 09:25 - 2013-08-14 09:25 - 00000000 _____ C:\Windows\setuperr.log 2013-08-14 09:18 - 2013-08-14 11:12 - 00010916 _____ C:\Users\**** 2\Desktop\Gmer.txt 2013-08-14 09:17 - 2013-08-14 09:17 - 00010916 _____ C:\Users\****\Desktop\Gmer.txt 2013-08-14 08:57 - 2013-08-14 08:57 - 00377856 _____ C:\Users\**** 2\Downloads\gmer_2.1.19163.exe 2013-08-14 08:57 - 2013-08-14 08:57 - 00377856 _____ C:\Users\**** 2\Desktop\gmer_2.1.19163.exe 2013-08-14 08:53 - 2013-08-14 10:57 - 00025101 _____ C:\Users\**** 2\Desktop\Addition.txt 2013-08-14 08:51 - 2013-08-14 08:51 - 00000000 ____D C:\FRST 2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Downloads\FRST64.exe 2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Desktop\FRST64.exe 2013-08-14 08:47 - 2013-08-14 08:47 - 00000470 _____ C:\Users\**** 2\Desktop\defogger_disable.log 2013-08-14 08:47 - 2013-08-14 08:47 - 00000000 _____ C:\Users\****\defogger_reenable 2013-08-14 08:46 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Desktop\Defogger.exe 2013-08-14 08:43 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Downloads\Defogger.exe 2013-08-14 08:28 - 2013-08-14 08:49 - 00013070 _____ C:\Users\**** 2\Desktop\hijackthis.log 2013-08-14 08:27 - 2013-08-14 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\**** 2\Desktop\HiJackThis204.exe 2013-08-14 08:27 - 2013-08-14 08:27 - 00012372 _____ C:\Users\**** 2\Downloads\hijackthis.log 2013-08-14 08:20 - 2013-08-14 08:20 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Avira 2013-08-14 07:58 - 2013-08-14 07:58 - 19500928 _____ C:\Users\****\Downloads\QuickTimeInstaller.exe.part 2013-08-14 07:28 - 2013-08-14 07:28 - 00000000 ____D C:\Users\****\Documents\Warzone 2100 2.3 2013-08-14 00:14 - 2013-08-14 00:14 - 00000000 ____D C:\Users\****\AppData\Roaming\Avira 2013-08-14 00:09 - 2013-08-14 00:09 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 ____D C:\Program Files (x86)\Avira 2013-08-14 00:09 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-08-14 00:09 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-08-14 00:09 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-08-14 00:04 - 2013-08-14 00:07 - 110344048 _____ C:\Users\****\Downloads\avira_free_antivirus85_de.exe 2013-08-13 23:35 - 2013-08-13 23:43 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de(1).exe 2013-08-13 23:30 - 2013-08-13 23:30 - 00981567 _____ C:\Users\****\Downloads\EFRC32Setup.exe 2013-08-13 23:30 - 2013-08-13 23:30 - 00001053 _____ C:\Users\***\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:29 - 2013-08-13 23:29 - 00981612 _____ C:\Users\****\Downloads\EFRCSetup.exe 2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Users\**** 2\AppData\Local\O&O 2013-08-13 23:18 - 2013-08-13 23:18 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus(1).exe 2013-08-13 23:07 - 2013-08-13 23:07 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus.exe 2013-08-13 22:47 - 2013-08-14 19:15 - 00000000 ____D C:\ProgramData\SecTaskMan 2013-08-13 22:47 - 2013-08-13 22:47 - 00000000 ____D C:\Program Files (x86)\Security Task Manager 2013-08-13 22:46 - 2013-08-13 22:46 - 02094432 _____ C:\Users\**** 2\Downloads\SecurityTaskManager_Setup-1.8d.exe 2013-08-13 22:05 - 2013-08-14 00:09 - 00000000 ____D C:\ProgramData\Avira 2013-08-13 22:01 - 2013-08-13 22:03 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de.exe 2013-08-13 21:50 - 2013-08-13 21:50 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security(1).exe 2013-08-13 21:39 - 2013-08-13 21:39 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security.exe 2013-08-13 21:34 - 2013-08-13 21:35 - 22268584 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup 23.0.exe 2013-08-13 21:34 - 2012-11-09 07:45 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2013-08-13 21:34 - 2012-11-09 06:43 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2013-08-13 21:33 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2013-08-13 21:33 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2013-08-13 21:33 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2013-08-13 21:33 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-08-13 21:33 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2013-08-13 21:33 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-08-13 21:33 - 2012-11-09 07:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-13 21:33 - 2012-11-09 06:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-13 21:32 - 2013-08-13 21:32 - 00282112 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup Stub 23.0.exe 2013-08-13 21:32 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-08-13 21:32 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2013-08-13 21:32 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2013-08-13 21:32 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-08-13 21:32 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-08-13 21:32 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-08-13 21:32 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2013-08-13 21:32 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-08-13 21:32 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-08-13 21:32 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-08-13 21:32 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2013-08-13 21:32 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2013-08-13 21:31 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2013-08-10 16:46 - 2013-08-10 20:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype 2013-08-07 16:08 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-08-07 16:08 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2013-08-07 16:08 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2013-07-29 13:53 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2013-07-29 13:53 - 2012-11-01 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2013-07-29 13:53 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2013-07-29 13:53 - 2012-11-01 06:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2013-07-27 14:36 - 2013-08-13 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla 2013-07-27 14:01 - 2013-07-27 14:01 - 00125544 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ___RD C:\Users\***\Virtual Machines 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Local\EgisTec IPS 2013-07-27 14:00 - 2013-07-27 14:01 - 00000000 ____D C:\Users\*** 2013-07-27 14:00 - 2013-07-27 14:00 - 00000020 ___SH C:\Users\***\ntuser.ini 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Vorlagen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Startmenü 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Netzwerkumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Lokale Einstellungen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Eigene Dateien 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Druckumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Musik 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Bilder 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Verlauf 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore 2013-07-27 14:00 - 2011-11-08 03:40 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help 2013-07-23 13:54 - 2013-04-10 05:30 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys ==================== One Month Modified Files and Folders ======= 2013-08-14 22:41 - 2011-03-01 11:09 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-14 22:40 - 2013-08-14 22:40 - 00001521 _____ C:\Users\**** 2\Desktop\JRT.txt 2013-08-14 22:38 - 2013-08-14 22:38 - 00001521 _____ C:\Users\****\Desktop\JRT.txt 2013-08-14 22:38 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-14 22:38 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-14 22:33 - 2013-08-14 22:33 - 00000000 ____D C:\Windows\ERUNT 2013-08-14 22:30 - 2013-08-14 09:25 - 00000224 _____ C:\Windows\setupact.log 2013-08-14 22:30 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-14 22:29 - 2010-11-23 19:39 - 01557044 _____ C:\Windows\WindowsUpdate.log 2013-08-14 22:28 - 2013-08-14 22:28 - 00001950 _____ C:\Users\**** 2\Desktop\AdwCleaner[0].txt 2013-08-14 22:26 - 2013-08-14 22:15 - 00000000 ____D C:\AdwCleaner 2013-08-14 22:13 - 2013-08-14 22:13 - 01158897 _____ (Thisisu) C:\Users\**** 2\Downloads\JRT.exe 2013-08-14 22:13 - 2013-08-14 22:13 - 01158897 _____ (Thisisu) C:\Users\**** 2\Desktop\JRT.exe 2013-08-14 22:12 - 2013-08-14 22:12 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Malwarebytes 2013-08-14 22:04 - 2013-08-14 22:04 - 00800594 _____ C:\Users\**** 2\Downloads\adwcleaner.exe 2013-08-14 22:04 - 2013-08-14 22:04 - 00800594 _____ C:\Users\**** 2\Desktop\adwcleaner.exe 2013-08-14 22:00 - 2013-08-14 13:47 - 00003456 _____ C:\Windows\PFRO.log 2013-08-14 21:45 - 2011-03-01 11:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-14 21:44 - 2013-08-14 21:44 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\Users\****\AppData\Roaming\Malwarebytes 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-14 21:44 - 2013-08-14 21:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\**** 2\Downloads\mbam-setup-1.75.0.1300.exe 2013-08-14 19:15 - 2013-08-13 22:47 - 00000000 ____D C:\ProgramData\SecTaskMan 2013-08-14 19:14 - 2013-08-14 19:14 - 00001153 _____ C:\Users\**** 2\Desktop\Security Task Manager.lnk 2013-08-14 19:03 - 2013-08-14 18:16 - 00000000 ____D C:\Users\JRN~1\AppData\Local\CrashDumps 2013-08-14 19:01 - 2011-05-01 18:56 - 00000000 ____D C:\Users\**** 2\AppData\Local\CrashDumps 2013-08-14 18:25 - 2013-08-14 18:20 - 00000680 __RSH C:\Users\**** 2\ntuser.pol 2013-08-14 18:25 - 2011-01-31 00:08 - 00000000 ____D C:\Users\**** 2 2013-08-14 18:20 - 2011-03-13 23:01 - 00000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-08-14 18:20 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2013-08-14 18:13 - 2013-08-14 18:13 - 00001011 _____ C:\Users\****\Desktop\Trojancheck.lnk 2013-08-14 18:13 - 2013-08-14 18:13 - 00001011 _____ C:\Users\**** 2\Desktop\Trojancheck.lnk 2013-08-14 18:13 - 2013-08-14 18:13 - 00001011 _____ C:\Users\***\Desktop\Trojancheck.lnk 2013-08-14 18:13 - 2013-08-14 18:13 - 00001011 _____ C:\Users\Gast\Desktop\Trojancheck.lnk 2013-08-14 18:13 - 2013-08-14 18:13 - 00000000 ____D C:\Program Files (x86)\Trojancheck 6 2013-08-14 18:12 - 2013-08-14 18:12 - 01273071 _____ C:\Users\**** 2\Downloads\tc6_install.exe 2013-08-14 17:58 - 2013-08-14 17:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-08-14 17:57 - 2013-08-14 17:57 - 00000000 ____D C:\Users\****\Documents\ProcAlyzer Dumps 2013-08-14 17:52 - 2013-08-14 17:52 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk 2013-08-14 17:52 - 2013-08-14 17:52 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-08-14 17:52 - 2013-08-14 17:51 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-08-14 17:49 - 2013-08-14 17:48 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\**** 2\Downloads\spybotsd-2.1.21-SR2.exe 2013-08-14 17:40 - 2011-10-28 17:31 - 00007919 _____ C:\Users\**** 2\AppData\Roaming\.freeciv-client-rc-2.3 2013-08-14 16:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-08-14 15:00 - 2011-03-14 01:26 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\.freeciv 2013-08-14 14:58 - 2011-10-28 17:30 - 00000000 ____D C:\Users\**** 2\AppData\Local\Freeciv-2.3.0-gtk2 2013-08-14 14:49 - 2012-02-29 11:14 - 00000000 ____D C:\Users\**** 2\Documents\OpenTTD 2013-08-14 13:43 - 2013-08-14 13:43 - 00021804 _____ C:\Users\**** 2\Desktop\Combofix.txt 2013-08-14 13:40 - 2013-08-14 13:40 - 00021805 _____ C:\ComboFix.txt 2013-08-14 13:40 - 2013-08-14 13:25 - 00000000 ____D C:\ComboFix 2013-08-14 13:40 - 2013-08-14 13:21 - 00000000 ____D C:\Qoobox 2013-08-14 13:39 - 2013-08-14 13:20 - 00000000 ____D C:\Windows\erdnt 2013-08-14 13:37 - 2009-07-14 04:34 - 00000231 _____ C:\Windows\system.ini 2013-08-14 13:19 - 2013-08-14 13:20 - 05104695 ____R (Swearware) C:\Users\**** 2\Desktop\ComboFix.exe 2013-08-14 13:19 - 2013-08-14 13:19 - 05104695 _____ (Swearware) C:\Users\**** 2\Downloads\ComboFix.exe 2013-08-14 13:18 - 2011-02-15 09:32 - 00000000 ____D C:\Users\JRN~1\AppData\Local\Adobe 2013-08-14 11:12 - 2013-08-14 09:18 - 00010916 _____ C:\Users\**** 2\Desktop\Gmer.txt 2013-08-14 11:11 - 2013-08-14 11:09 - 00000241 _____ C:\Users\**** 2\Desktop\Windows Defender.txt 2013-08-14 10:57 - 2013-08-14 08:53 - 00025101 _____ C:\Users\**** 2\Desktop\Addition.txt 2013-08-14 09:49 - 2013-08-14 09:49 - 00015618 _____ C:\Users\**** 2\Desktop\Upd-2013-08-14-09-48-38.log 2013-08-14 09:25 - 2013-08-14 09:25 - 00000000 _____ C:\Windows\setuperr.log 2013-08-14 09:17 - 2013-08-14 09:17 - 00010916 _____ C:\Users\****\Desktop\Gmer.txt 2013-08-14 08:57 - 2013-08-14 08:57 - 00377856 _____ C:\Users\**** 2\Downloads\gmer_2.1.19163.exe 2013-08-14 08:57 - 2013-08-14 08:57 - 00377856 _____ C:\Users\**** 2\Desktop\gmer_2.1.19163.exe 2013-08-14 08:51 - 2013-08-14 08:51 - 00000000 ____D C:\FRST 2013-08-14 08:49 - 2013-08-14 08:28 - 00013070 _____ C:\Users\**** 2\Desktop\hijackthis.log 2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Downloads\FRST64.exe 2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Desktop\FRST64.exe 2013-08-14 08:47 - 2013-08-14 08:47 - 00000470 _____ C:\Users\**** 2\Desktop\defogger_disable.log 2013-08-14 08:47 - 2013-08-14 08:47 - 00000000 _____ C:\Users\****\defogger_reenable 2013-08-14 08:47 - 2011-01-29 18:01 - 00000000 ____D C:\Users\**** 2013-08-14 08:43 - 2013-08-14 08:46 - 00050477 _____ C:\Users\**** 2\Desktop\Defogger.exe 2013-08-14 08:43 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Downloads\Defogger.exe 2013-08-14 08:27 - 2013-08-14 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jörn 2\Desktop\HiJackThis204.exe 2013-08-14 08:27 - 2013-08-14 08:27 - 00012372 _____ C:\Users\**** 2\Downloads\hijackthis.log 2013-08-14 08:20 - 2013-08-14 08:20 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Avira 2013-08-14 07:58 - 2013-08-14 07:58 - 19500928 _____ C:\Users\****\Downloads\QuickTimeInstaller.exe.part 2013-08-14 07:46 - 2012-02-29 10:53 - 00000000 ____D C:\Users\****\Documents\OpenTTD 2013-08-14 07:28 - 2013-08-14 07:28 - 00000000 ____D C:\Users\****\Documents\Warzone 2100 2.3 2013-08-14 07:23 - 2011-01-30 23:32 - 00003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC372759-2740-4048-B35C-C3CD4DCC66F6} 2013-08-14 00:14 - 2013-08-14 00:14 - 00000000 ____D C:\Users\****\AppData\Roaming\Avira 2013-08-14 00:13 - 2011-01-29 21:22 - 00000000 ____D C:\Users\****\Tracing 2013-08-14 00:09 - 2013-08-14 00:09 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 ____D C:\Program Files (x86)\Avira 2013-08-14 00:09 - 2013-08-13 22:05 - 00000000 ____D C:\ProgramData\Avira 2013-08-14 00:07 - 2013-08-14 00:04 - 110344048 _____ C:\Users\****\Downloads\avira_free_antivirus85_de.exe 2013-08-13 23:56 - 2012-02-29 12:33 - 00000000 ___RD C:\Users\****\Virtual Machines 2013-08-13 23:56 - 2011-01-29 18:02 - 00125544 _____ C:\Users\JRN~1\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-13 23:56 - 2011-01-29 18:02 - 00000000 ___RD C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-08-13 23:56 - 2011-01-29 18:02 - 00000000 ___RD C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-08-13 23:43 - 2013-08-13 23:35 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de(1).exe 2013-08-13 23:30 - 2013-08-13 23:30 - 00981567 _____ C:\Users\****\Downloads\EFRC32Setup.exe 2013-08-13 23:30 - 2013-08-13 23:30 - 00001053 _____ C:\Users\***\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\****\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\**** 2\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\Gast\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:29 - 2013-08-13 23:29 - 00981612 _____ C:\Users\****\Downloads\EFRCSetup.exe 2013-08-13 23:25 - 2010-09-16 01:34 - 00000000 ____D C:\Program Files (x86)\NewTech Infosystems 2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Users\**** 2\AppData\Local\O&O 2013-08-13 23:20 - 2010-11-24 04:28 - 00656294 _____ C:\Windows\system32\perfh007.dat 2013-08-13 23:20 - 2010-11-24 04:28 - 00130894 _____ C:\Windows\system32\perfc007.dat 2013-08-13 23:20 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-13 23:18 - 2013-08-13 23:18 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus(1).exe 2013-08-13 23:15 - 2011-08-14 16:21 - 00000000 ___RD C:\Users\**** 2\Virtual Machines 2013-08-13 23:07 - 2013-08-13 23:07 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus.exe 2013-08-13 22:47 - 2013-08-13 22:47 - 00000000 ____D C:\Program Files (x86)\Security Task Manager 2013-08-13 22:46 - 2013-08-13 22:46 - 02094432 _____ C:\Users\**** 2\Downloads\SecurityTaskManager_Setup-1.8d.exe 2013-08-13 22:40 - 2010-09-16 01:38 - 00000000 ____D C:\ProgramData\McAfee 2013-08-13 22:40 - 2010-09-16 01:38 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-08-13 22:35 - 2013-02-09 17:52 - 00000000 ____D C:\Program Files (x86)\Steinberg 2013-08-13 22:32 - 2010-09-16 01:41 - 00000000 ____D C:\Program Files (x86)\Acer GameZone 2013-08-13 22:25 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2013-08-13 22:03 - 2013-08-13 22:01 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de.exe 2013-08-13 21:57 - 2012-10-12 15:10 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Dropbox 2013-08-13 21:54 - 2012-10-23 17:40 - 00000000 ___RD C:\Users\**** 2\Dropbox 2013-08-13 21:53 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-13 21:52 - 2012-12-10 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-13 21:50 - 2013-08-13 21:50 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security(1).exe 2013-08-13 21:48 - 2011-02-09 13:21 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-08-13 21:39 - 2013-08-13 21:39 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security.exe 2013-08-13 21:37 - 2013-07-27 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-13 21:37 - 2011-01-29 19:05 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-08-13 21:35 - 2013-08-13 21:34 - 22268584 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup 23.0.exe 2013-08-13 21:32 - 2013-08-13 21:32 - 00282112 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup Stub 23.0.exe 2013-08-13 21:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2013-08-10 20:46 - 2013-08-10 16:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype 2013-08-10 16:46 - 2011-02-09 13:11 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk 2013-08-10 16:46 - 2011-02-03 00:06 - 00000000 ____D C:\Users\****\AppData\Roaming\Skype 2013-08-10 16:46 - 2011-02-01 01:35 - 00000000 ____D C:\ProgramData\Skype 2013-07-27 14:43 - 2012-10-21 15:36 - 00000000 ____D C:\Users\***\Documents\Schule 2013-07-27 14:42 - 2012-12-16 16:44 - 00000000 ____D C:\Users\***\Documents\Bewerbungsfotos 2013-07-27 14:40 - 2012-11-15 20:38 - 00000000 ____D C:\Users\**** 2\Documents\Ilka 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla 2013-07-27 14:01 - 2013-07-27 14:01 - 00125544 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ___RD C:\Users\***\Virtual Machines 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Local\EgisTec IPS 2013-07-27 14:01 - 2013-07-27 14:00 - 00000000 ____D C:\Users\*** 2013-07-27 14:00 - 2013-07-27 14:00 - 00000020 ___SH C:\Users\***\ntuser.ini 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Vorlagen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Startmenü 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Netzwerkumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Lokale Einstellungen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Eigene Dateien 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Druckumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Musik 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Bilder 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Verlauf 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore 2013-07-27 13:46 - 2011-01-29 21:09 - 00000000 ____D C:\Users\JRN~1\AppData\Local\Windows Live 2013-07-26 17:40 - 2011-03-01 11:09 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-07-26 17:40 - 2011-03-01 11:09 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-07-24 18:15 - 2009-07-14 06:45 - 00444664 _____ C:\Windows\system32\FNTCACHE.DAT 2013-07-18 08:02 - 2013-08-14 00:09 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-07-18 08:02 - 2013-08-14 00:09 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys Files to move or delete: ==================== C:\Users\**** 2\jagex_runescape_preferences.dat C:\Users\**** 2\jagex_runescape_preferences2.dat ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-14 12:36 ==================== End Of Log ============================ |
|
15.08.2013, 12:19
| #6 |
| /// the machine /// TB-Ausbilder | Download/Installation von Updates nicht möglichESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Download/Installation von Updates nicht möglich |
|
15.08.2013, 13:26
| #7 |
| | Download/Installation von Updates nicht möglich Leider ja :/ Das möchte ja gar kein Ende nehmen... Danke nochmal für die Hilfe Fehlermeldung bei: ESET Online Scanner "Can not get update. Is proxy configured?" Benutze keinen Proxy. Avira, Malwarebytes, Windows Firewall und Windows Defender sind Deaktiviert. |
|
15.08.2013, 18:29
| #8 |
| /// the machine /// TB-Ausbilder | Download/Installation von Updates nicht möglich Lass ESET weg. Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.08.2013, 20:04
| #9 |
| | Download/Installation von Updates nicht möglichCode:
ATTFilter Farbar Service Scanner Version: 14-08-2013 01
Ran by **** 2 (ATTENTION: The logged in user is not administrator) on 15-08-2013 at 19:31:37
Running from "C:\Users\**** 2\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
Code:
ATTFilter Results of screen317's Security Check version 0.99.72 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Avira Desktop Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Eusing Free Registry Cleaner Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.3.300.268 Flash Player out of Date! Adobe Reader 10.1.4 Adobe Reader out of Date! Mozilla Firefox (23.0) Mozilla Thunderbird (9.0.1) ````````Process Check: objlist.exe by Laurent```````` Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-08-2013 Ran by **** 2 (ATTENTION: The logged in user is not administrator) on 15-08-2013 20:53:10 Running from C:\Users\**** 2\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Windows\PLFSetI.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Akamai Technologies, Inc.) C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-10] (Alcor Micro Corp.) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-29] (Realtek Semiconductor) HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-11-23] () HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated) HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated) HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [x] HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation) HKCU\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [719672 2012-01-20] (Microsoft Corporation) HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.) HKCU\...\Policies\system: [LogonHoursAction] 2 HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-11] (Dritek System Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG) Startup: C:\Users\**** 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com URLSearchHook: (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\**** 2\AppData\Roaming\Mozilla\Firefox\Profiles\w9s7vug1.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Users\**** 2\AppData\Roaming\Kalydo\KalydoPlayer\bin1\npkalydo.dll (Eximion B.V.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\**** 2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Extension: No Name - C:\Users\**** 2\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} FF Extension: No Name - C:\Users\**** 2\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} FF Extension: FoxyProxy Basic - C:\Users\**** 2\AppData\Roaming\Mozilla\Firefox\Profiles\w9s7vug1.default\Extensions\foxyproxy-basic@eric.h.jung FF Extension: FoxyProxy Basic - C:\Users\**** 2\AppData\Roaming\Mozilla\Firefox\Profiles\w9s7vug1.default\Extensions\foxyproxy@eric.h.jung FF Extension: HTTPS-Everywhere - C:\Users\**** 2\AppData\Roaming\Mozilla\Firefox\Profiles\w9s7vug1.default\Extensions\https-everywhere@eff.org FF Extension: No Name - C:\Users\**** 2\AppData\Roaming\Mozilla\Firefox\Profiles\w9s7vug1.default\Extensions\trash FF Extension: WOT - C:\Users\**** 2\AppData\Roaming\Mozilla\Firefox\Profiles\w9s7vug1.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF Extension: testpilot - C:\Users\**** 2\AppData\Roaming\Mozilla\Firefox\Profiles\w9s7vug1.default\Extensions\testpilot@labs.mozilla.com.xpi FF Extension: No Name - C:\Users\**** 2\AppData\Roaming\Mozilla\Firefox\Profiles\w9s7vug1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF Extension: No Name - C:\Users\**** 2\AppData\Roaming\Mozilla\Firefox\Profiles\w9s7vug1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 ==================== Services (Whitelisted) ================= R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-12] (Akamai Technologies, Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-18] (Avira Operations GmbH & Co. KG) R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.) R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4159984 2010-12-08] (INCA Internet Co., Ltd.) R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [77184 2004-03-09] (Protection Technology) S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [65504 2004-03-09] (Protection Technology) S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft) R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () R2 WinRing0_1_2_0; C:\Users\**** 2\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [14544 2011-02-17] (OpenLibSys.org) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 dump_wmimmc; \??\C:\Program Files (x86)\Gameforge4D\CABAL Online\GameGuard\dump_wmimmc.sys [x] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x] S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [x] S0 prohlp02; System32\drivers\prohlp02.sys [x] S0 prosync1; System32\drivers\prosync1.sys [x] S0 sfhlp01; System32\drivers\sfhlp01.sys [x] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-15 19:31 - 2013-08-15 19:35 - 00002085 _____ C:\Users\**** 2\Desktop\FSS.txt 2013-08-15 19:30 - 2013-08-15 19:30 - 00357085 _____ (Farbar) C:\Users\**** 2\Desktop\FSS.exe 2013-08-15 19:26 - 2013-08-15 19:26 - 00891115 _____ C:\Users\**** 2\Desktop\SecurityCheck.exe 2013-08-15 14:17 - 2013-08-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET 2013-08-15 14:13 - 2013-08-15 14:13 - 02347384 _____ (ESET) C:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe 2013-08-14 23:48 - 2013-08-14 23:48 - 00000085 _____ C:\Windows\wininit.ini 2013-08-14 23:02 - 2013-08-14 23:02 - 00000000 ____D C:\ProgramData\boost_interprocess 2013-08-14 22:54 - 2013-08-14 22:54 - 00048175 _____ C:\Users\**** 2\Desktop\FRST1.txt 2013-08-14 22:40 - 2013-08-14 22:40 - 00001521 _____ C:\Users\**** 2\Desktop\JRT.txt 2013-08-14 22:38 - 2013-08-14 22:38 - 00001521 _____ C:\Users\****\Desktop\JRT.txt 2013-08-14 22:33 - 2013-08-14 22:33 - 00000000 ____D C:\Windows\ERUNT 2013-08-14 22:28 - 2013-08-14 22:28 - 00001950 _____ C:\Users\**** 2\Desktop\AdwCleaner[0].txt 2013-08-14 22:15 - 2013-08-14 22:26 - 00000000 ____D C:\AdwCleaner 2013-08-14 22:13 - 2013-08-14 22:13 - 01158897 _____ (Thisisu) C:\Users\**** 2\Desktop\JRT.exe 2013-08-14 22:12 - 2013-08-14 22:12 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Malwarebytes 2013-08-14 22:04 - 2013-08-14 22:04 - 00800594 _____ C:\Users\**** 2\Desktop\adwcleaner.exe 2013-08-14 21:44 - 2013-08-14 21:44 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-14 21:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-14 18:20 - 2013-08-14 18:25 - 00000680 __RSH C:\Users\**** 2\ntuser.pol 2013-08-14 18:13 - 2013-08-14 23:44 - 00000000 ____D C:\Program Files (x86)\Trojancheck 6 2013-08-14 17:52 - 2013-08-14 17:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-08-14 13:47 - 2013-08-14 23:49 - 00005780 _____ C:\Windows\PFRO.log 2013-08-14 13:43 - 2013-08-14 13:43 - 00021804 _____ C:\Users\**** 2\Desktop\Combofix.txt 2013-08-14 13:40 - 2013-08-14 13:40 - 00021805 _____ C:\ComboFix.txt 2013-08-14 13:25 - 2013-08-14 13:40 - 00000000 ____D C:\ComboFix 2013-08-14 13:21 - 2013-08-14 13:40 - 00000000 ____D C:\Qoobox 2013-08-14 13:21 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-08-14 13:21 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-08-14 13:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-08-14 13:20 - 2013-08-14 13:39 - 00000000 ____D C:\Windows\erdnt 2013-08-14 13:20 - 2013-08-14 13:19 - 05104695 ____R (Swearware) C:\Users\**** 2\Desktop\ComboFix.exe 2013-08-14 11:09 - 2013-08-14 11:11 - 00000241 _____ C:\Users\**** 2\Desktop\Windows Defender.txt 2013-08-14 09:49 - 2013-08-14 09:49 - 00015618 _____ C:\Users\**** 2\Desktop\Upd-2013-08-14-09-48-38.log 2013-08-14 09:25 - 2013-08-15 07:54 - 00000392 _____ C:\Windows\setupact.log 2013-08-14 09:25 - 2013-08-14 09:25 - 00000000 _____ C:\Windows\setuperr.log 2013-08-14 09:18 - 2013-08-14 11:12 - 00010916 _____ C:\Users\**** 2\Desktop\Gmer.txt 2013-08-14 09:17 - 2013-08-14 09:17 - 00010916 _____ C:\Users\****\Desktop\Gmer.txt 2013-08-14 08:57 - 2013-08-14 08:57 - 00377856 _____ C:\Users\**** 2\Desktop\gmer_2.1.19163.exe 2013-08-14 08:53 - 2013-08-14 10:57 - 00025101 _____ C:\Users\**** 2\Desktop\Addition.txt 2013-08-14 08:51 - 2013-08-14 08:51 - 00000000 ____D C:\FRST 2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Desktop\FRST64.exe 2013-08-14 08:47 - 2013-08-14 08:47 - 00000470 _____ C:\Users\**** 2\Desktop\defogger_disable.log 2013-08-14 08:47 - 2013-08-14 08:47 - 00000000 _____ C:\Users\****\defogger_reenable 2013-08-14 08:46 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Desktop\Defogger.exe 2013-08-14 08:28 - 2013-08-14 08:49 - 00013070 _____ C:\Users\**** 2\Desktop\hijackthis.log 2013-08-14 08:27 - 2013-08-14 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\**** 2\Desktop\HiJackThis204.exe 2013-08-14 08:20 - 2013-08-14 08:20 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Avira 2013-08-14 07:58 - 2013-08-14 07:58 - 19500928 _____ C:\Users\****\Downloads\QuickTimeInstaller.exe.part 2013-08-14 00:09 - 2013-08-14 00:09 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 ____D C:\Program Files (x86)\Avira 2013-08-14 00:09 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-08-14 00:09 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-08-14 00:09 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-08-14 00:04 - 2013-08-14 00:07 - 110344048 _____ C:\Users\****\Downloads\avira_free_antivirus85_de.exe 2013-08-13 23:30 - 2013-08-13 23:30 - 00981567 _____ C:\Users\****\Downloads\EFRC32Setup.exe 2013-08-13 23:30 - 2013-08-13 23:30 - 00001053 _____ C:\Users\***\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:29 - 2013-08-13 23:29 - 00981612 _____ C:\Users\****\Downloads\EFRCSetup.exe 2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Users\JRN2~1\AppData\Local\O&O 2013-08-13 22:47 - 2013-08-14 23:24 - 00000000 ____D C:\ProgramData\SecTaskMan 2013-08-13 22:05 - 2013-08-14 00:09 - 00000000 ____D C:\ProgramData\Avira 2013-08-13 21:34 - 2012-11-09 07:45 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2013-08-13 21:34 - 2012-11-09 06:43 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2013-08-13 21:33 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2013-08-13 21:33 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2013-08-13 21:33 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2013-08-13 21:33 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-08-13 21:33 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2013-08-13 21:33 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-08-13 21:33 - 2012-11-09 07:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-13 21:33 - 2012-11-09 06:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-13 21:32 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-08-13 21:32 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2013-08-13 21:32 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2013-08-13 21:32 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-08-13 21:32 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-08-13 21:32 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-08-13 21:32 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2013-08-13 21:32 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-08-13 21:32 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-08-13 21:32 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-08-13 21:32 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2013-08-13 21:32 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2013-08-13 21:31 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2013-08-10 16:46 - 2013-08-10 20:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype 2013-08-07 16:08 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-08-07 16:08 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2013-08-07 16:08 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2013-07-29 13:53 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2013-07-29 13:53 - 2012-11-01 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2013-07-29 13:53 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2013-07-29 13:53 - 2012-11-01 06:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2013-07-27 14:36 - 2013-08-13 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla 2013-07-27 14:01 - 2013-07-27 14:01 - 00125544 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ___RD C:\Users\***\Virtual Machines 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Local\EgisTec IPS 2013-07-27 14:00 - 2013-07-27 14:01 - 00000000 ____D C:\Users\*** 2013-07-27 14:00 - 2013-07-27 14:00 - 00000020 ___SH C:\Users\***\ntuser.ini 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Vorlagen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Startmenü 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Netzwerkumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Lokale Einstellungen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Eigene Dateien 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Druckumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Musik 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Bilder 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Verlauf 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore 2013-07-27 14:00 - 2011-11-08 03:40 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help 2013-07-23 13:54 - 2013-04-10 05:30 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys ==================== One Month Modified Files and Folders ======= 2013-08-15 20:51 - 2013-08-15 20:51 - 00001028 _____ C:\Users\**** 2\Desktop\checkup.txt 2013-08-15 20:45 - 2011-03-01 11:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-15 20:44 - 2012-02-29 11:14 - 00000000 ____D C:\Users\**** 2\Documents\OpenTTD 2013-08-15 19:43 - 2010-11-23 19:39 - 01741685 _____ C:\Windows\WindowsUpdate.log 2013-08-15 19:36 - 2011-03-01 11:09 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-15 19:35 - 2013-08-15 19:31 - 00002085 _____ C:\Users\**** 2\Desktop\FSS.txt 2013-08-15 19:30 - 2013-08-15 19:30 - 00357085 _____ (Farbar) C:\Users\**** 2\Desktop\FSS.exe 2013-08-15 19:26 - 2013-08-15 19:26 - 00891115 _____ C:\Users\**** 2\Desktop\SecurityCheck.exe 2013-08-15 14:18 - 2010-11-24 04:28 - 00656294 _____ C:\Windows\system32\perfh007.dat 2013-08-15 14:18 - 2010-11-24 04:28 - 00130894 _____ C:\Windows\system32\perfc007.dat 2013-08-15 14:18 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-15 14:17 - 2013-08-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET 2013-08-15 14:13 - 2013-08-15 14:13 - 02347384 _____ (ESET) C:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe 2013-08-15 08:02 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-15 08:02 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-15 07:54 - 2013-08-14 09:25 - 00000392 _____ C:\Windows\setupact.log 2013-08-15 07:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-14 23:49 - 2013-08-14 13:47 - 00005780 _____ C:\Windows\PFRO.log 2013-08-14 23:48 - 2013-08-14 23:48 - 00000085 _____ C:\Windows\wininit.ini 2013-08-14 23:44 - 2013-08-14 18:13 - 00000000 ____D C:\Program Files (x86)\Trojancheck 6 2013-08-14 23:24 - 2013-08-13 22:47 - 00000000 ____D C:\ProgramData\SecTaskMan 2013-08-14 23:02 - 2013-08-14 23:02 - 00000000 ____D C:\ProgramData\boost_interprocess 2013-08-14 22:54 - 2013-08-14 22:54 - 00048175 _____ C:\Users\**** 2\Desktop\FRST1.txt 2013-08-14 22:40 - 2013-08-14 22:40 - 00001521 _____ C:\Users\**** 2\Desktop\JRT.txt 2013-08-14 22:38 - 2013-08-14 22:38 - 00001521 _____ C:\Users\****\Desktop\JRT.txt 2013-08-14 22:33 - 2013-08-14 22:33 - 00000000 ____D C:\Windows\ERUNT 2013-08-14 22:28 - 2013-08-14 22:28 - 00001950 _____ C:\Users\**** 2\Desktop\AdwCleaner[0].txt 2013-08-14 22:26 - 2013-08-14 22:15 - 00000000 ____D C:\AdwCleaner 2013-08-14 22:13 - 2013-08-14 22:13 - 01158897 _____ (Thisisu) C:\Users\**** 2\Desktop\JRT.exe 2013-08-14 22:12 - 2013-08-14 22:12 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Malwarebytes 2013-08-14 22:04 - 2013-08-14 22:04 - 00800594 _____ C:\Users\**** 2\Desktop\adwcleaner.exe 2013-08-14 21:44 - 2013-08-14 21:44 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-14 19:01 - 2011-05-01 18:56 - 00000000 ____D C:\Users\JRN2~1\AppData\Local\CrashDumps 2013-08-14 18:25 - 2013-08-14 18:20 - 00000680 __RSH C:\Users\**** 2\ntuser.pol 2013-08-14 18:25 - 2011-01-31 00:08 - 00000000 ____D C:\Users\**** 2 2013-08-14 18:20 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2013-08-14 17:58 - 2013-08-14 17:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-08-14 17:40 - 2011-10-28 17:31 - 00007919 _____ C:\Users\**** 2\AppData\Roaming\.freeciv-client-rc-2.3 2013-08-14 16:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-08-14 15:00 - 2011-03-14 01:26 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\.freeciv 2013-08-14 14:58 - 2011-10-28 17:30 - 00000000 ____D C:\Users\JRN2~1\AppData\Local\Freeciv-2.3.0-gtk2 2013-08-14 13:43 - 2013-08-14 13:43 - 00021804 _____ C:\Users\**** 2\Desktop\Combofix.txt 2013-08-14 13:40 - 2013-08-14 13:40 - 00021805 _____ C:\ComboFix.txt 2013-08-14 13:40 - 2013-08-14 13:25 - 00000000 ____D C:\ComboFix 2013-08-14 13:40 - 2013-08-14 13:21 - 00000000 ____D C:\Qoobox 2013-08-14 13:39 - 2013-08-14 13:20 - 00000000 ____D C:\Windows\erdnt 2013-08-14 13:37 - 2009-07-14 04:34 - 00000231 _____ C:\Windows\system.ini 2013-08-14 13:19 - 2013-08-14 13:20 - 05104695 ____R (Swearware) C:\Users\**** 2\Desktop\ComboFix.exe 2013-08-14 11:12 - 2013-08-14 09:18 - 00010916 _____ C:\Users\**** 2\Desktop\Gmer.txt 2013-08-14 11:11 - 2013-08-14 11:09 - 00000241 _____ C:\Users\**** 2\Desktop\Windows Defender.txt 2013-08-14 10:57 - 2013-08-14 08:53 - 00025101 _____ C:\Users\**** 2\Desktop\Addition.txt 2013-08-14 09:49 - 2013-08-14 09:49 - 00015618 _____ C:\Users\**** 2\Desktop\Upd-2013-08-14-09-48-38.log 2013-08-14 09:25 - 2013-08-14 09:25 - 00000000 _____ C:\Windows\setuperr.log 2013-08-14 09:17 - 2013-08-14 09:17 - 00010916 _____ C:\Users\****\Desktop\Gmer.txt 2013-08-14 08:57 - 2013-08-14 08:57 - 00377856 _____ C:\Users\**** 2\Desktop\gmer_2.1.19163.exe 2013-08-14 08:51 - 2013-08-14 08:51 - 00000000 ____D C:\FRST 2013-08-14 08:49 - 2013-08-14 08:28 - 00013070 _____ C:\Users\**** 2\Desktop\hijackthis.log 2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Desktop\FRST64.exe 2013-08-14 08:47 - 2013-08-14 08:47 - 00000470 _____ C:\Users\**** 2\Desktop\defogger_disable.log 2013-08-14 08:47 - 2013-08-14 08:47 - 00000000 _____ C:\Users\****\defogger_reenable 2013-08-14 08:47 - 2011-01-29 18:01 - 00000000 ____D C:\Users\**** 2013-08-14 08:43 - 2013-08-14 08:46 - 00050477 _____ C:\Users\**** 2\Desktop\Defogger.exe 2013-08-14 08:27 - 2013-08-14 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\**** 2\Desktop\HiJackThis204.exe 2013-08-14 08:20 - 2013-08-14 08:20 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Avira 2013-08-14 07:58 - 2013-08-14 07:58 - 19500928 _____ C:\Users\****\Downloads\QuickTimeInstaller.exe.part 2013-08-14 00:13 - 2011-01-29 21:22 - 00000000 ____D C:\Users\****\Tracing 2013-08-14 00:09 - 2013-08-14 00:09 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 ____D C:\Program Files (x86)\Avira 2013-08-14 00:09 - 2013-08-13 22:05 - 00000000 ____D C:\ProgramData\Avira 2013-08-14 00:07 - 2013-08-14 00:04 - 110344048 _____ C:\Users\****\Downloads\avira_free_antivirus85_de.exe 2013-08-13 23:56 - 2012-02-29 12:33 - 00000000 ___RD C:\Users\****\Virtual Machines 2013-08-13 23:30 - 2013-08-13 23:30 - 00981567 _____ C:\Users\****\Downloads\EFRC32Setup.exe 2013-08-13 23:30 - 2013-08-13 23:30 - 00001053 _____ C:\Users\***\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\****\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:29 - 2013-08-13 23:29 - 00981612 _____ C:\Users\****\Downloads\EFRCSetup.exe 2013-08-13 23:25 - 2010-09-16 01:34 - 00000000 ____D C:\Program Files (x86)\NewTech Infosystems 2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Users\JRN2~1\AppData\Local\O&O 2013-08-13 23:15 - 2011-08-14 16:21 - 00000000 ___RD C:\Users\**** 2\Virtual Machines 2013-08-13 23:15 - 2011-01-31 00:08 - 00000000 ___RD C:\Users\**** 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-08-13 23:15 - 2011-01-31 00:08 - 00000000 ___RD C:\Users\**** 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-08-13 22:40 - 2010-09-16 01:38 - 00000000 ____D C:\ProgramData\McAfee 2013-08-13 22:40 - 2010-09-16 01:38 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-08-13 22:35 - 2013-02-09 17:52 - 00000000 ____D C:\Program Files (x86)\Steinberg 2013-08-13 22:32 - 2010-09-16 01:41 - 00000000 ____D C:\Program Files (x86)\Acer GameZone 2013-08-13 22:25 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2013-08-13 21:57 - 2012-10-12 15:10 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Dropbox 2013-08-13 21:54 - 2012-10-23 17:40 - 00000000 ___RD C:\Users\**** 2\Dropbox 2013-08-13 21:53 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-13 21:52 - 2012-12-10 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-13 21:48 - 2011-02-09 13:21 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-08-13 21:37 - 2013-07-27 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-13 21:37 - 2011-01-29 19:05 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-08-13 21:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2013-08-10 20:46 - 2013-08-10 16:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype 2013-08-10 16:46 - 2011-02-09 13:11 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk 2013-08-10 16:46 - 2011-02-01 01:35 - 00000000 ____D C:\ProgramData\Skype 2013-07-27 14:43 - 2012-10-21 15:36 - 00000000 ____D C:\Users\***\Documents\Schule 2013-07-27 14:42 - 2012-12-16 16:44 - 00000000 ____D C:\Users\***\Documents\Bewerbungsfotos 2013-07-27 14:40 - 2012-11-15 20:38 - 00000000 ____D C:\Users\**** 2\Documents\Ilka 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla 2013-07-27 14:01 - 2013-07-27 14:01 - 00125544 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ___RD C:\Users\***\Virtual Machines 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Local\EgisTec IPS 2013-07-27 14:01 - 2013-07-27 14:00 - 00000000 ____D C:\Users\*** 2013-07-27 14:00 - 2013-07-27 14:00 - 00000020 ___SH C:\Users\***\ntuser.ini 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Vorlagen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Startmenü 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Netzwerkumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Lokale Einstellungen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Eigene Dateien 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Druckumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Musik 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Bilder 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Verlauf 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore 2013-07-24 18:15 - 2009-07-14 06:45 - 00444664 _____ C:\Windows\system32\FNTCACHE.DAT 2013-07-18 08:02 - 2013-08-14 00:09 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-07-18 08:02 - 2013-08-14 00:09 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys Files to move or delete: ==================== C:\Users\**** 2\jagex_runescape_preferences.dat C:\Users\**** 2\jagex_runescape_preferences2.dat ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================ --- --- --- |
|
15.08.2013, 20:06
| #10 |
| /// the machine /// TB-Ausbilder | Download/Installation von Updates nicht möglich Hi, all unsere Tools müssen mit Adminrechten laufen. Downloade dir bitte Windows Repair (All In One) von hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.08.2013, 22:22
| #11 |
| | Download/Installation von Updates nicht möglich Ausgeführt. Irgendwelche Logs erforderlich? Das Updaten ist leider weiterhin nicht möglich :/ Hier der FSS-Log mit Adminrechten: Code:
ATTFilter Farbar Service Scanner Version: 14-08-2013 01
Ran by **** (administrator) on 15-08-2013 at 23:18:46
Running from "C:\Users\**** 2\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
|
|
15.08.2013, 22:24
| #12 |
| /// the machine /// TB-Ausbilder | Download/Installation von Updates nicht möglich Bitte nochmal ein frisches FRST log und beschreib genau was passiert und was an Meldungen kommt wenn Du was genau updaten willst.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.08.2013, 23:09
| #13 |
| | Download/Installation von Updates nicht möglich Versuch von Update von Avira: Updatefenster öffnet sich -> Sucht nach Updates -> nach ca. 1-2sek.: Fehlermeldung Report: Code:
ATTFilter Avira Free Antivirus Updater
Vollständiges Produktupdate
Erstellungszeitpunkt: Donnerstag, 15. August 2013 23:25:25
Betriebssystem:
Windows 7 Home Premium (Service Pack 1) [6.1.7601] 64 bit
Produktinformationen:
Produktversion: 13.0.0.3885
Updater: C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe 13.6.14.1550
Updaterresource: C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll 13.6.0.1550
Bibliothek: C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll 1.0.0.9
Plugin: C:\Program Files (x86)\Avira\AntiVir Desktop\updext.dll 13.6.0.1626
GUI: C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll 13.6.3.1626
Temporäres Verzeichnis: C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\
Backupverzeichnis: C:\ProgramData\Avira\AntiVir Desktop\BACKUP\
Installationsverzeichnis: C:\Program Files (x86)\Avira\AntiVir Desktop\
Updaterverzeichnis: C:\Program Files (x86)\Avira\AntiVir Desktop\
AppData Verzeichnis: C:\ProgramData\Avira\AntiVir Desktop\
Verbindungseinstellungen:
- Verbindungsart: Webserver
- Übertragungstyp: Vorhandene Verbindung
- Proxyeinstellungen: Verwende Systemeinstellungen
23:25:26 [UPD] [INFO] Prüfe ob neuere Dateien zur Verfügung stehen.
23:25:26 [UPD] [INFO] Wähle Updateserver 'hxxp://89.105.213.17/update'.
23:25:26 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.17/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:26 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:26 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:26 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.17/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:26 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:26 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:26 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.17/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:26 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:26 [UPD] [INFO] Wähle Updateserver 'hxxp://80.190.148.74/update'.
23:25:26 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.74/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:26 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:26 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:26 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.74/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:26 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:26 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:26 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.74/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:26 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:26 [UPD] [INFO] Wähle Updateserver 'hxxp://89.105.213.18/update'.
23:25:26 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.18/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.18/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.18/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPD] [INFO] Wähle Updateserver 'hxxp://80.190.148.75/update'.
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.75/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.75/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.75/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPD] [INFO] Wähle Updateserver 'hxxp://208.111.161.254/update'.
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://208.111.161.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://208.111.161.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://208.111.161.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPD] [INFO] Wähle Updateserver 'hxxp://87.248.217.254/update'.
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://87.248.217.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://87.248.217.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPDLIB] [ERROR] Erneuter Versuch...
23:25:27 [UPD] [INFO] Herunterladen von 'hxxp://87.248.217.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
23:25:27 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
23:25:27 [UPDLIB] [ERROR] Kein anderer Server, Aktualisierung abgebrochen
23:25:27 [UPD] [ERROR] Erzeugen der Updatestruktur ist fehlgeschlagen. Die UpdateLib liefert den Fehler 537.
Zusammenfassung:
****************
0 Dateien heruntergeladen
0 Dateien installiert
Donnerstag, 15. August 2013 23:25:27
Das Update ist fehlgeschlagen!
Suche nach Updates -> nach ca. 10min Abbruch -> Fehler: Code 80072EFE "Unbekannter Fehler bei Windows Update." FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-08-2013 Ran by **** (administrator) on 15-08-2013 23:30:23 Running from C:\Users\**** 2\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (AMD) C:\Windows\system32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Windows\PLFSetI.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Akamai Technologies, Inc.) C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-10] (Alcor Micro Corp.) HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-29] (Realtek Semiconductor) HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-11-23] () HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated) HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated) HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [x] HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation) HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.) HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-11] (Dritek System Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG) HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] () HKU\***\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_Plugin.exe [686792 2012-07-30] (Adobe Systems Incorporated) Startup: C:\Users\**** 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - {F96AC87D-7D37-4755-A9C0-27B4C0AFECD2} URL = hxxp://www.google.de/search?q={searchTerms} BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} FF Extension: WOT - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} FF Extension: testpilot - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\testpilot@labs.mozilla.com.xpi FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 ==================== Services (Whitelisted) ================= R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-12] (Akamai Technologies, Inc.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-18] (Avira Operations GmbH & Co. KG) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.) S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4159984 2010-12-08] (INCA Internet Co., Ltd.) R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [77184 2004-03-09] (Protection Technology) S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [65504 2004-03-09] (Protection Technology) S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology) S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft) R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] () R2 WinRing0_1_2_0; C:\Users\**** 2\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [14544 2011-02-17] (OpenLibSys.org) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 dump_wmimmc; \??\C:\Program Files (x86)\Gameforge4D\CABAL Online\GameGuard\dump_wmimmc.sys [x] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x] S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x] S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [x] S0 prohlp02; System32\drivers\prohlp02.sys [x] S0 prosync1; System32\drivers\prosync1.sys [x] S0 sfhlp01; System32\drivers\sfhlp01.sys [x] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-08-15 21:40 - 2013-08-15 21:40 - 00003288 ____N C:\bootsqm.dat 2013-08-15 21:31 - 2013-08-15 22:37 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2013-08-15 21:30 - 2013-08-15 21:30 - 00000000 ____D C:\Users\**** 2\Desktop\tweaking.com_windows_repair_aio 2013-08-15 21:27 - 2013-08-15 21:27 - 03268369 _____ C:\Users\**** 2\Desktop\tweaking.com_windows_repair_aio.zip 2013-08-15 20:51 - 2013-08-15 20:51 - 00001028 _____ C:\Users\**** 2\Desktop\checkup.txt 2013-08-15 19:31 - 2013-08-15 23:19 - 00002085 _____ C:\Users\**** 2\Desktop\FSS.txt 2013-08-15 19:30 - 2013-08-15 19:30 - 00357085 _____ (Farbar) C:\Users\v 2\Desktop\FSS.exe 2013-08-15 19:26 - 2013-08-15 19:26 - 00891115 _____ C:\Users\**** 2\Desktop\SecurityCheck.exe 2013-08-15 14:17 - 2013-08-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET 2013-08-15 14:13 - 2013-08-15 14:13 - 02347384 _____ (ESET) C:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe 2013-08-14 23:48 - 2013-08-14 23:48 - 00000085 _____ C:\Windows\wininit.ini 2013-08-14 23:02 - 2013-08-14 23:02 - 00000000 ____D C:\ProgramData\boost_interprocess 2013-08-14 22:54 - 2013-08-14 22:54 - 00048175 _____ C:\Users\**** 2\Desktop\FRST1.txt 2013-08-14 22:40 - 2013-08-14 22:40 - 00001521 _____ C:\Users\**** 2\Desktop\JRT.txt 2013-08-14 22:38 - 2013-08-14 22:38 - 00001521 _____ C:\Users\****\Desktop\JRT.txt 2013-08-14 22:33 - 2013-08-14 22:33 - 00000000 ____D C:\Windows\ERUNT 2013-08-14 22:28 - 2013-08-14 22:28 - 00001950 _____ C:\Users\**** 2\Desktop\AdwCleaner[0].txt 2013-08-14 22:15 - 2013-08-14 22:26 - 00000000 ____D C:\AdwCleaner 2013-08-14 22:13 - 2013-08-14 22:13 - 01158897 _____ (Thisisu) C:\Users\**** 2\Desktop\JRT.exe 2013-08-14 22:12 - 2013-08-14 22:12 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Malwarebytes 2013-08-14 22:04 - 2013-08-14 22:04 - 00800594 _____ C:\Users\**** 2\Desktop\adwcleaner.exe 2013-08-14 21:44 - 2013-08-14 21:44 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\Users\****\AppData\Roaming\Malwarebytes 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-14 21:44 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-08-14 18:20 - 2013-08-14 18:25 - 00000680 __RSH C:\Users\**** 2\ntuser.pol 2013-08-14 18:16 - 2013-08-14 19:03 - 00000000 ____D C:\Users\JRN~1\AppData\Local\CrashDumps 2013-08-14 18:13 - 2013-08-14 23:44 - 00000000 ____D C:\Program Files (x86)\Trojancheck 6 2013-08-14 17:57 - 2013-08-14 17:57 - 00000000 ____D C:\Users\****\Documents\ProcAlyzer Dumps 2013-08-14 17:52 - 2013-08-14 17:58 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-08-14 17:52 - 2013-08-14 17:52 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-08-14 13:47 - 2013-08-15 22:38 - 00006132 _____ C:\Windows\PFRO.log 2013-08-14 13:43 - 2013-08-14 13:43 - 00021804 _____ C:\Users\**** 2\Desktop\Combofix.txt 2013-08-14 13:40 - 2013-08-14 13:40 - 00021805 _____ C:\ComboFix.txt 2013-08-14 13:25 - 2013-08-14 13:40 - 00000000 ____D C:\ComboFix 2013-08-14 13:21 - 2013-08-14 13:40 - 00000000 ____D C:\Qoobox 2013-08-14 13:21 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2013-08-14 13:21 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2013-08-14 13:21 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2013-08-14 13:21 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2013-08-14 13:20 - 2013-08-14 13:39 - 00000000 ____D C:\Windows\erdnt 2013-08-14 13:20 - 2013-08-14 13:19 - 05104695 ____R (Swearware) C:\Users\**** 2\Desktop\ComboFix.exe 2013-08-14 11:09 - 2013-08-14 11:11 - 00000241 _____ C:\Users\**** 2\Desktop\Windows Defender.txt 2013-08-14 09:49 - 2013-08-14 09:49 - 00015618 _____ C:\Users\**** 2\Desktop\Upd-2013-08-14-09-48-38.log 2013-08-14 09:25 - 2013-08-15 22:39 - 00000504 _____ C:\Windows\setupact.log 2013-08-14 09:25 - 2013-08-14 09:25 - 00000000 _____ C:\Windows\setuperr.log 2013-08-14 09:18 - 2013-08-14 11:12 - 00010916 _____ C:\Users\**** 2\Desktop\Gmer.txt 2013-08-14 09:17 - 2013-08-14 09:17 - 00010916 _____ C:\Users\****\Desktop\Gmer.txt 2013-08-14 08:57 - 2013-08-14 08:57 - 00377856 _____ C:\Users\**** 2\Desktop\gmer_2.1.19163.exe 2013-08-14 08:53 - 2013-08-14 10:57 - 00025101 _____ C:\Users\**** 2\Desktop\Addition.txt 2013-08-14 08:51 - 2013-08-14 08:51 - 00000000 ____D C:\FRST 2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Desktop\FRST64.exe 2013-08-14 08:47 - 2013-08-14 08:47 - 00000470 _____ C:\Users\**** 2\Desktop\defogger_disable.log 2013-08-14 08:47 - 2013-08-14 08:47 - 00000000 _____ C:\Users\****\defogger_reenable 2013-08-14 08:46 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Desktop\Defogger.exe 2013-08-14 08:28 - 2013-08-14 08:49 - 00013070 _____ C:\Users\**** 2\Desktop\hijackthis.log 2013-08-14 08:27 - 2013-08-14 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\**** 2\Desktop\HiJackThis204.exe 2013-08-14 08:20 - 2013-08-14 08:20 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Avira 2013-08-14 07:58 - 2013-08-14 07:58 - 19500928 _____ C:\Users\****\Downloads\QuickTimeInstaller.exe.part 2013-08-14 07:28 - 2013-08-14 07:28 - 00000000 ____D C:\Users\****\Documents\Warzone 2100 2.3 2013-08-14 00:14 - 2013-08-14 00:14 - 00000000 ____D C:\Users\****\AppData\Roaming\Avira 2013-08-14 00:09 - 2013-08-14 00:09 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 ____D C:\Program Files (x86)\Avira 2013-08-14 00:09 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-08-14 00:09 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-08-14 00:09 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-08-14 00:04 - 2013-08-14 00:07 - 110344048 _____ C:\Users\****\Downloads\avira_free_antivirus85_de.exe 2013-08-13 23:30 - 2013-08-13 23:30 - 00981567 _____ C:\Users\****\Downloads\EFRC32Setup.exe 2013-08-13 23:30 - 2013-08-13 23:30 - 00001053 _____ C:\Users\***\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:29 - 2013-08-13 23:29 - 00981612 _____ C:\Users\****\Downloads\EFRCSetup.exe 2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Users\**** 2\AppData\Local\O&O 2013-08-13 22:47 - 2013-08-14 23:24 - 00000000 ____D C:\ProgramData\SecTaskMan 2013-08-13 22:05 - 2013-08-14 00:09 - 00000000 ____D C:\ProgramData\Avira 2013-08-13 21:34 - 2012-11-09 07:45 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2013-08-13 21:34 - 2012-11-09 06:43 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2013-08-13 21:33 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2013-08-13 21:33 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2013-08-13 21:33 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2013-08-13 21:33 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2013-08-13 21:33 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2013-08-13 21:33 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2013-08-13 21:33 - 2012-11-09 07:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2013-08-13 21:33 - 2012-11-09 06:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2013-08-13 21:32 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2013-08-13 21:32 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2013-08-13 21:32 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2013-08-13 21:32 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2013-08-13 21:32 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2013-08-13 21:32 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-08-13 21:32 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2013-08-13 21:32 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2013-08-13 21:32 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll 2013-08-13 21:32 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-08-13 21:32 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2013-08-13 21:32 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2013-08-13 21:31 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2013-08-10 16:46 - 2013-08-10 20:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype 2013-08-07 16:08 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-08-07 16:08 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2013-08-07 16:08 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2013-07-29 13:53 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2013-07-29 13:53 - 2012-11-01 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2013-07-29 13:53 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2013-07-29 13:53 - 2012-11-01 06:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2013-07-27 14:36 - 2013-08-13 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla 2013-07-27 14:01 - 2013-07-27 14:01 - 00125544 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ___RD C:\Users\***\Virtual Machines 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Local\EgisTec IPS 2013-07-27 14:00 - 2013-07-27 14:01 - 00000000 ____D C:\Users\*** 2013-07-27 14:00 - 2013-07-27 14:00 - 00000020 ___SH C:\Users\***\ntuser.ini 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Vorlagen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Startmenü 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Netzwerkumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Lokale Einstellungen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Eigene Dateien 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Druckumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Musik 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Bilder 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Verlauf 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore 2013-07-27 14:00 - 2011-11-08 03:40 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help 2013-07-23 13:54 - 2013-04-10 05:30 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys ==================== One Month Modified Files and Folders ======= 2013-08-15 23:19 - 2013-08-15 19:31 - 00002085 _____ C:\Users\**** 2\Desktop\FSS.txt 2013-08-15 22:54 - 2010-11-23 19:39 - 01803508 _____ C:\Windows\WindowsUpdate.log 2013-08-15 22:47 - 2010-11-24 04:28 - 00656294 _____ C:\Windows\system32\perfh007.dat 2013-08-15 22:47 - 2010-11-24 04:28 - 00130894 _____ C:\Windows\system32\perfc007.dat 2013-08-15 22:47 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI 2013-08-15 22:45 - 2011-03-01 11:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-08-15 22:44 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-08-15 22:44 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-08-15 22:40 - 2011-03-01 11:09 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-08-15 22:40 - 2011-01-31 00:08 - 00125544 _____ C:\Users\**** 2\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-15 22:39 - 2013-08-14 09:25 - 00000504 _____ C:\Windows\setupact.log 2013-08-15 22:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-08-15 22:39 - 2009-07-14 06:45 - 00444664 _____ C:\Windows\system32\FNTCACHE.DAT 2013-08-15 22:38 - 2013-08-14 13:47 - 00006132 _____ C:\Windows\PFRO.log 2013-08-15 22:37 - 2013-08-15 21:31 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2013-08-15 22:36 - 2009-07-14 04:34 - 00000514 _____ C:\Windows\win.ini 2013-08-15 21:40 - 2013-08-15 21:40 - 00003288 ____N C:\bootsqm.dat 2013-08-15 21:30 - 2013-08-15 21:30 - 00000000 ____D C:\Users\**** 2\Desktop\tweaking.com_windows_repair_aio 2013-08-15 21:27 - 2013-08-15 21:27 - 03268369 _____ C:\Users\**** 2\Desktop\tweaking.com_windows_repair_aio.zip 2013-08-15 20:51 - 2013-08-15 20:51 - 00001028 _____ C:\Users\**** 2\Desktop\checkup.txt 2013-08-15 20:44 - 2012-02-29 11:14 - 00000000 ____D C:\Users\**** 2\Documents\OpenTTD 2013-08-15 19:30 - 2013-08-15 19:30 - 00357085 _____ (Farbar) C:\Users\**** 2\Desktop\FSS.exe 2013-08-15 19:26 - 2013-08-15 19:26 - 00891115 _____ C:\Users\**** 2\Desktop\SecurityCheck.exe 2013-08-15 14:17 - 2013-08-15 14:17 - 00000000 ____D C:\Program Files (x86)\ESET 2013-08-15 14:13 - 2013-08-15 14:13 - 02347384 _____ (ESET) C:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe 2013-08-14 23:48 - 2013-08-14 23:48 - 00000085 _____ C:\Windows\wininit.ini 2013-08-14 23:44 - 2013-08-14 18:13 - 00000000 ____D C:\Program Files (x86)\Trojancheck 6 2013-08-14 23:24 - 2013-08-13 22:47 - 00000000 ____D C:\ProgramData\SecTaskMan 2013-08-14 23:02 - 2013-08-14 23:02 - 00000000 ____D C:\ProgramData\boost_interprocess 2013-08-14 22:54 - 2013-08-14 22:54 - 00048175 _____ C:\Users\**** 2\Desktop\FRST1.txt 2013-08-14 22:40 - 2013-08-14 22:40 - 00001521 _____ C:\Users\**** 2\Desktop\JRT.txt 2013-08-14 22:38 - 2013-08-14 22:38 - 00001521 _____ C:\Users\****\Desktop\JRT.txt 2013-08-14 22:33 - 2013-08-14 22:33 - 00000000 ____D C:\Windows\ERUNT 2013-08-14 22:28 - 2013-08-14 22:28 - 00001950 _____ C:\Users\**** 2\Desktop\AdwCleaner[0].txt 2013-08-14 22:26 - 2013-08-14 22:15 - 00000000 ____D C:\AdwCleaner 2013-08-14 22:13 - 2013-08-14 22:13 - 01158897 _____ (Thisisu) C:\Users\**** 2\Desktop\JRT.exe 2013-08-14 22:12 - 2013-08-14 22:12 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Malwarebytes 2013-08-14 22:04 - 2013-08-14 22:04 - 00800594 _____ C:\Users\**** 2\Desktop\adwcleaner.exe 2013-08-14 21:44 - 2013-08-14 21:44 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\Users\****\AppData\Roaming\Malwarebytes 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-08-14 21:44 - 2013-08-14 21:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-08-14 19:03 - 2013-08-14 18:16 - 00000000 ____D C:\Users\JRN~1\AppData\Local\CrashDumps 2013-08-14 19:01 - 2011-05-01 18:56 - 00000000 ____D C:\Users\**** 2\AppData\Local\CrashDumps 2013-08-14 18:25 - 2013-08-14 18:20 - 00000680 __RSH C:\Users\**** 2\ntuser.pol 2013-08-14 18:25 - 2011-01-31 00:08 - 00000000 ____D C:\Users\**** 2 2013-08-14 18:20 - 2011-03-13 23:01 - 00000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2013-08-14 18:20 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy 2013-08-14 17:58 - 2013-08-14 17:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2013-08-14 17:57 - 2013-08-14 17:57 - 00000000 ____D C:\Users\****\Documents\ProcAlyzer Dumps 2013-08-14 17:52 - 2013-08-14 17:52 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking 2013-08-14 17:40 - 2011-10-28 17:31 - 00007919 _____ C:\Users\**** 2\AppData\Roaming\.freeciv-client-rc-2.3 2013-08-14 16:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2013-08-14 15:00 - 2011-03-14 01:26 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\.freeciv 2013-08-14 14:58 - 2011-10-28 17:30 - 00000000 ____D C:\Users\**** 2\AppData\Local\Freeciv-2.3.0-gtk2 2013-08-14 13:43 - 2013-08-14 13:43 - 00021804 _____ C:\Users\**** 2\Desktop\Combofix.txt 2013-08-14 13:40 - 2013-08-14 13:40 - 00021805 _____ C:\ComboFix.txt 2013-08-14 13:40 - 2013-08-14 13:25 - 00000000 ____D C:\ComboFix 2013-08-14 13:40 - 2013-08-14 13:21 - 00000000 ____D C:\Qoobox 2013-08-14 13:39 - 2013-08-14 13:20 - 00000000 ____D C:\Windows\erdnt 2013-08-14 13:37 - 2009-07-14 04:34 - 00000231 _____ C:\Windows\system.ini 2013-08-14 13:19 - 2013-08-14 13:20 - 05104695 ____R (Swearware) C:\Users\**** 2\Desktop\ComboFix.exe 2013-08-14 13:18 - 2011-02-15 09:32 - 00000000 ____D C:\Users\JRN~1\AppData\Local\Adobe 2013-08-14 11:12 - 2013-08-14 09:18 - 00010916 _____ C:\Users\**** 2\Desktop\Gmer.txt 2013-08-14 11:11 - 2013-08-14 11:09 - 00000241 _____ C:\Users\**** 2\Desktop\Windows Defender.txt 2013-08-14 10:57 - 2013-08-14 08:53 - 00025101 _____ C:\Users\**** 2\Desktop\Addition.txt 2013-08-14 09:49 - 2013-08-14 09:49 - 00015618 _____ C:\Users\**** 2\Desktop\Upd-2013-08-14-09-48-38.log 2013-08-14 09:25 - 2013-08-14 09:25 - 00000000 _____ C:\Windows\setuperr.log 2013-08-14 09:17 - 2013-08-14 09:17 - 00010916 _____ C:\Users\****\Desktop\Gmer.txt 2013-08-14 08:57 - 2013-08-14 08:57 - 00377856 _____ C:\Users\**** 2\Desktop\gmer_2.1.19163.exe 2013-08-14 08:51 - 2013-08-14 08:51 - 00000000 ____D C:\FRST 2013-08-14 08:49 - 2013-08-14 08:28 - 00013070 _____ C:\Users\**** 2\Desktop\hijackthis.log 2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Desktop\FRST64.exe 2013-08-14 08:47 - 2013-08-14 08:47 - 00000470 _____ C:\Users\**** 2\Desktop\defogger_disable.log 2013-08-14 08:47 - 2013-08-14 08:47 - 00000000 _____ C:\Users\****\defogger_reenable 2013-08-14 08:47 - 2011-01-29 18:01 - 00000000 ____D C:\Users\**** 2013-08-14 08:43 - 2013-08-14 08:46 - 00050477 _____ C:\Users\**** 2\Desktop\Defogger.exe 2013-08-14 08:27 - 2013-08-14 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\**** 2\Desktop\HiJackThis204.exe 2013-08-14 08:20 - 2013-08-14 08:20 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Avira 2013-08-14 07:58 - 2013-08-14 07:58 - 19500928 _____ C:\Users\****\Downloads\QuickTimeInstaller.exe.part 2013-08-14 07:46 - 2012-02-29 10:53 - 00000000 ____D C:\Users\****\Documents\OpenTTD 2013-08-14 07:28 - 2013-08-14 07:28 - 00000000 ____D C:\Users\****\Documents\Warzone 2100 2.3 2013-08-14 07:23 - 2011-01-30 23:32 - 00003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC372759-2740-4048-B35C-C3CD4DCC66F6} 2013-08-14 00:14 - 2013-08-14 00:14 - 00000000 ____D C:\Users\****\AppData\Roaming\Avira 2013-08-14 00:13 - 2011-01-29 21:22 - 00000000 ____D C:\Users\****\Tracing 2013-08-14 00:09 - 2013-08-14 00:09 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk 2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 ____D C:\Program Files (x86)\Avira 2013-08-14 00:09 - 2013-08-13 22:05 - 00000000 ____D C:\ProgramData\Avira 2013-08-14 00:07 - 2013-08-14 00:04 - 110344048 _____ C:\Users\****\Downloads\avira_free_antivirus85_de.exe 2013-08-13 23:56 - 2012-02-29 12:33 - 00000000 ___RD C:\Users\****\Virtual Machines 2013-08-13 23:56 - 2011-01-29 18:02 - 00125544 _____ C:\Users\JRN~1\AppData\Local\GDIPFONTCACHEV1.DAT 2013-08-13 23:56 - 2011-01-29 18:02 - 00000000 ___RD C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-08-13 23:56 - 2011-01-29 18:02 - 00000000 ___RD C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2013-08-13 23:30 - 2013-08-13 23:30 - 00981567 _____ C:\Users\****\Downloads\EFRC32Setup.exe 2013-08-13 23:30 - 2013-08-13 23:30 - 00001053 _____ C:\Users\***\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\****\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\Gast\Desktop\Eusing Free Registry Cleaner.lnk 2013-08-13 23:29 - 2013-08-13 23:29 - 00981612 _____ C:\Users\****\Downloads\EFRCSetup.exe 2013-08-13 23:25 - 2010-09-16 01:34 - 00000000 ____D C:\Program Files (x86)\NewTech Infosystems 2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Users\**** 2\AppData\Local\O&O 2013-08-13 23:15 - 2011-08-14 16:21 - 00000000 ___RD C:\Users\**** 2\Virtual Machines 2013-08-13 22:40 - 2010-09-16 01:38 - 00000000 ____D C:\ProgramData\McAfee 2013-08-13 22:40 - 2010-09-16 01:38 - 00000000 ____D C:\Program Files (x86)\McAfee 2013-08-13 22:35 - 2013-02-09 17:52 - 00000000 ____D C:\Program Files (x86)\Steinberg 2013-08-13 22:32 - 2010-09-16 01:41 - 00000000 ____D C:\Program Files (x86)\Acer GameZone 2013-08-13 22:25 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries 2013-08-13 21:57 - 2012-10-12 15:10 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Dropbox 2013-08-13 21:54 - 2012-10-23 17:40 - 00000000 ___RD C:\Users\**** 2\Dropbox 2013-08-13 21:53 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-08-13 21:52 - 2012-12-10 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-08-13 21:48 - 2011-02-09 13:21 - 00000000 ___RD C:\Program Files (x86)\Skype 2013-08-13 21:37 - 2013-07-27 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-08-13 21:37 - 2011-01-29 19:05 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2013-08-13 21:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2013-08-10 20:46 - 2013-08-10 16:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype 2013-08-10 16:46 - 2011-02-09 13:11 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk 2013-08-10 16:46 - 2011-02-03 00:06 - 00000000 ____D C:\Users\****\AppData\Roaming\Skype 2013-08-10 16:46 - 2011-02-01 01:35 - 00000000 ____D C:\ProgramData\Skype 2013-07-27 14:43 - 2012-10-21 15:36 - 00000000 ____D C:\Users\***\Documents\Schule 2013-07-27 14:42 - 2012-12-16 16:44 - 00000000 ____D C:\Users\***\Documents\Bewerbungsfotos 2013-07-27 14:40 - 2012-11-15 20:38 - 00000000 ____D C:\Users\**** 2\Documents\*** 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe 2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla 2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla 2013-07-27 14:01 - 2013-07-27 14:01 - 00125544 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ___RD C:\Users\***\Virtual Machines 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer 2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Local\EgisTec IPS 2013-07-27 14:01 - 2013-07-27 14:00 - 00000000 ____D C:\Users\*** 2013-07-27 14:00 - 2013-07-27 14:00 - 00000020 ___SH C:\Users\***\ntuser.ini 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Vorlagen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Startmenü 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Netzwerkumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Lokale Einstellungen 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Eigene Dateien 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Druckumgebung 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Musik 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Bilder 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Verlauf 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Anwendungsdaten 2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore 2013-07-27 13:46 - 2011-01-29 21:09 - 00000000 ____D C:\Users\JRN~1\AppData\Local\Windows Live 2013-07-26 17:40 - 2011-03-01 11:09 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-07-26 17:40 - 2011-03-01 11:09 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-07-18 08:02 - 2013-08-14 00:09 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-07-18 08:02 - 2013-08-14 00:09 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys Files to move or delete: ==================== C:\Users\**** 2\jagex_runescape_preferences.dat C:\Users\**** 2\jagex_runescape_preferences2.dat ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-08-14 12:36 ==================== End Of Log ============================ Firefox Plugins: https://www.mozilla.org/de/plugincheck/ -> Möglicherweise angreifbare Plugins: -QuickTime Plugin 7.7.2 -Shockwave Flash Veraltete Plugins: -Google Earth Plugin -Unity Player -Adope Acrobat Versuch von Aktualisierung -> Weiterleitung an: Adobe Flash Player 11.8.800.94 -> jetzt herunterladen -> Datei Speichern -> Doppelklick auf Datei -> Per Admin ausführen -> Datei verschwindet, kein Installationsfenster kommt Versuch von Aktualisierung von Shockwave -> Weiterleitung an: Adobe Flash Player 11.8.800.94. Gleiches Ergebnis. Updateversuch Windows Defender: Suche nach Updates -> Balken bleibt bei 1/4 für 8,5min stehen -> Fehlermeldung: Code:
ATTFilter Status: Die Suche des Programms nach Definitionsaktualisierung ist nicht möglich. Fehler 0x80072efe. Die Serververbindung wurde aufgrund eines Fehlers beendet. Startzeit: 23:57 Verstrichene Zeit: 00:08:31
|
|
16.08.2013, 08:42
| #14 |
| /// the machine /// TB-Ausbilder | Download/Installation von Updates nicht möglich Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.08.2013, 10:02
| #15 |
| | Download/Installation von Updates nicht möglichCode:
ATTFilter MiniToolBox by Farbar Version: 13-07-2013
Ran by **** (administrator) on 16-08-2013 at 11:00:02
Running from "C:\Users\**** 2\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Atheros AR5B97 Wireless Network Adapter = Drahtlosnetzwerkverbindung (Connected)
Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64 = LAN-Verbindung 2 (Hardware not present)
Broadcom NetLink (TM) Gigabit Ethernet = LAN-Verbindung (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Drahtlosnetzwerkverbindung 2 (Media disconnected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
set interface interface="LAN-Verbindung 2" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : JP1
Prim„res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : vpn.uni-hamburg.de
vpn.uni-hamburg.de
vpn-intern.uni-hamburg.de.local
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 2:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physikalische Adresse . . . . . . : 2A-7C-8F-46-BA-6E
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physikalische Adresse . . . . . . : 20-6A-8A-23-78-C9
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Atheros AR5B97 Wireless Network Adapter
Physikalische Adresse . . . . . . : 20-7C-8F-46-BA-6E
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::f9e8:e253:e49d:356b%10(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.0.194(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Freitag, 16. August 2013 10:53:15
Lease l„uft ab. . . . . . . . . . : Samstag, 17. August 2013 10:53:14
Standardgateway . . . . . . . . . : 192.168.0.1
DHCP-Server . . . . . . . . . . . : 192.168.0.1
DHCPv6-IAID . . . . . . . . . . . : 287341711
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-14-7D-B3-DC-20-7C-8F-46-BA-6E
DNS-Server . . . . . . . . . . . : 192.168.0.1
NetBIOS ber TCP/IP . . . . . . . : Aktiviert
Tunneladapter isatap.{35992339-524B-4B6B-9DE5-F8B6CEF33433}:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter Teredo Tunneling Pseudo-Interface:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2001:0:9d38:6ab8:20ca:504:3f57:ff3d(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::20ca:504:3f57:ff3d%18(Bevorzugt)
Standardgateway . . . . . . . . . : ::
NetBIOS ber TCP/IP . . . . . . . : Deaktiviert
Server: UnKnown
Address: 192.168.0.1
Name: google.com
Addresses: 2a00:1450:4001:c02::8b
173.194.70.102
173.194.70.138
173.194.70.100
173.194.70.101
173.194.70.113
173.194.70.139
Ping wird ausgefhrt fr google.com [173.194.70.101] mit 32 Bytes Daten:
Antwort von 173.194.70.101: Bytes=32 Zeit=27ms TTL=47
Antwort von 173.194.70.101: Bytes=32 Zeit=44ms TTL=47
Ping-Statistik fr 173.194.70.101:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 27ms, Maximum = 44ms, Mittelwert = 35ms
Server: UnKnown
Address: 192.168.0.1
Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109
Ping wird ausgefhrt fr yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Antwort von 206.190.36.45: Bytes=32 Zeit=200ms TTL=47
Antwort von 206.190.36.45: Bytes=32 Zeit=200ms TTL=47
Ping-Statistik fr 206.190.36.45:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 200ms, Maximum = 200ms, Mittelwert = 200ms
Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit=8ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit=4ms TTL=128
Ping-Statistik fr 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 4ms, Maximum = 8ms, Mittelwert = 6ms
===========================================================================
Schnittstellenliste
13...2a 7c 8f 46 ba 6e ......Microsoft Virtual WiFi Miniport Adapter
11...20 6a 8a 23 78 c9 ......Broadcom NetLink (TM) Gigabit Ethernet
10...20 7c 8f 46 ba 6e ......Atheros AR5B97 Wireless Network Adapter
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.194 25
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.0.0 255.255.255.0 Auf Verbindung 192.168.0.194 281
192.168.0.194 255.255.255.255 Auf Verbindung 192.168.0.194 281
192.168.0.255 255.255.255.255 Auf Verbindung 192.168.0.194 281
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.0.194 281
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.0.194 281
===========================================================================
St„ndige Routen:
Keine
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
18 58 ::/0 Auf Verbindung
1 306 ::1/128 Auf Verbindung
18 58 2001::/32 Auf Verbindung
18 306 2001:0:9d38:6ab8:20ca:504:3f57:ff3d/128
Auf Verbindung
10 281 fe80::/64 Auf Verbindung
18 306 fe80::/64 Auf Verbindung
18 306 fe80::20ca:504:3f57:ff3d/128
Auf Verbindung
10 281 fe80::f9e8:e253:e49d:356b/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
18 306 ff00::/8 Auf Verbindung
10 281 ff00::/8 Auf Verbindung
===========================================================================
St„ndige Routen:
Keine
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 \Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 \Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 \Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 \Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 \Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 \Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (08/15/2013 02:21:47 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/15/2013 02:21:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/15/2013 02:21:44 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/15/2013 02:19:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/15/2013 02:19:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/15/2013 02:19:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/15/2013 02:17:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/15/2013 02:17:46 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/15/2013 02:17:46 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/15/2013 02:17:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (08/16/2013 10:53:50 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/16/2013 10:52:58 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/15/2013 10:40:58 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/15/2013 10:38:47 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/15/2013 09:41:32 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/15/2013 09:40:55 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/15/2013 02:16:34 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (08/15/2013 02:16:34 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (08/15/2013 02:16:34 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (08/15/2013 02:16:34 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Microsoft Office Sessions:
=========================
Error: (08/15/2013 02:21:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe
Error: (08/15/2013 02:21:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe
Error: (08/15/2013 02:21:44 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe
Error: (08/15/2013 02:19:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe
Error: (08/15/2013 02:19:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe
Error: (08/15/2013 02:19:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe
Error: (08/15/2013 02:17:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe
Error: (08/15/2013 02:17:46 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe
Error: (08/15/2013 02:17:46 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe
Error: (08/15/2013 02:17:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\**** 2\Desktop\esetsmartinstaller_enu.exe
CodeIntegrity Errors:
===================================
Date: 2013-08-14 13:37:11.521
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-08-14 13:37:11.401
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
=========================== Installed Programs ============================
4Story 3.4.1
Acer Backup Manager (Version: 2.0.0.68)
Acer Crystal Eye webcam Ver:1.1.194.1021 (Version: 1.1.194.1021)
Acer ePower Management (Version: 5.00.3005)
Acer eRecovery Management (Version: 4.05.3013)
Acer Registration (Version: 1.03.3003)
Acer ScreenSaver (Version: 1.1.0423.2010)
Acer Updater (Version: 1.02.3001)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (Version: 10.2.159.1)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 Plugin (Version: 11.3.300.268)
Adobe Photoshop Lightroom 3.6 64-bit (Version: 3.6.1)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
AirRivals
Akamai NetSession Interface
Alcor Micro USB Card Reader (Version: 1.9.17.06019)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.786.0)
Avira Free Antivirus (Version: 13.0.0.3885)
Backup Manager Basic (Version: 2.0.0.68)
Battlecruiser Millennium FREEWARE (Version: 1.09.03)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 14.2.4.2)
capella-scan 7.0 (Version: 7.0.22)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0828.2240.38829)
Catalyst Control Center InstallProxy (Version: 2010.0828.2240.38829)
Catalyst Control Center Localization All (Version: 2010.0828.2240.38829)
CCC Help Chinese Standard (Version: 2010.0828.2239.38829)
CCC Help Chinese Traditional (Version: 2010.0828.2239.38829)
CCC Help Czech (Version: 2010.0828.2239.38829)
CCC Help Danish (Version: 2010.0828.2239.38829)
CCC Help Dutch (Version: 2010.0828.2239.38829)
CCC Help English (Version: 2010.0828.2239.38829)
CCC Help Finnish (Version: 2010.0828.2239.38829)
CCC Help French (Version: 2010.0828.2239.38829)
CCC Help German (Version: 2010.0828.2239.38829)
CCC Help Greek (Version: 2010.0828.2239.38829)
CCC Help Hungarian (Version: 2010.0828.2239.38829)
CCC Help Italian (Version: 2010.0828.2239.38829)
CCC Help Japanese (Version: 2010.0828.2239.38829)
CCC Help Korean (Version: 2010.0828.2239.38829)
CCC Help Norwegian (Version: 2010.0828.2239.38829)
CCC Help Polish (Version: 2010.0828.2239.38829)
CCC Help Portuguese (Version: 2010.0828.2239.38829)
CCC Help Russian (Version: 2010.0828.2239.38829)
CCC Help Spanish (Version: 2010.0828.2239.38829)
CCC Help Swedish (Version: 2010.0828.2239.38829)
CCC Help Thai (Version: 2010.0828.2239.38829)
CCC Help Turkish (Version: 2010.0828.2239.38829)
ccc-core-static (Version: 2010.0828.2240.38829)
ccc-utility64 (Version: 2010.0828.2240.38829)
CCleaner (Version: 3.15)
CD goes MP3 (Version: 2.1)
Cisco AnyConnect VPN Client (Version: 2.5.2014)
CyberLink PowerDVD 9 (Version: 9.0.3814.50)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.07)
Derive 6 (Version: 6.1)
DivX-Setup (Version: 2.6.1.8)
Drachenkrieg (with media and plugins), version 1.1.29
Elfenwelt - Abenteuer im Elfenland
Enable Viacam 1.4 (Version: 1.4)
eSobi v2 (Version: 2.0.4.000274)
Eusing Free Registry Cleaner
Fotogalerie (Version: 16.4.3505.0912)
Free Video to iPod Converter version 4.3.3.804
Free YouTube to MP3 Converter version 3.10.17.221 (Version: 3.10.17.221)
Freeciv 2.2.4 (GTK+ client)
Freemake Video Converter Version 3.0.2 (Version: 3.0.2)
GIMP 2.6.8
Google Earth (Version: 6.0.1.2032)
Google Update Helper (Version: 1.3.21.153)
HyperCam 2 (Version: 2.25.01)
iCloud (Version: 1.1.0.40)
Identity Card (Version: 1.00.3003)
Intel(R) Management Engine Components (Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (Version: 9.6.0.1014)
Intel(R) Turbo Boost Technology Driver (Version: 01.00.01.1002)
Internet-TV für Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 10.6.3.25)
Java(TM) 7 Update 3 (64-bit) (Version: 7.0.30)
Junk Mail filter update (Version: 16.4.3505.0912)
Launch Manager (Version: 4.0.14)
Lern-o-Mat
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Movie Maker (Version: 16.4.3505.0912)
Mozilla Firefox 23.0 (x86 de) (Version: 23.0)
Mozilla Maintenance Service (Version: 23.0)
Mozilla Thunderbird 9.0.1 (x86 de) (Version: 9.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSVCRT110 (Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MTX (Version: 1.0.0)
my moments (Version: 2.5.1.0)
MyWinLocker (Version: 3.1.212.0)
MyWinLocker Suite (Version: 3.1.212.0)
NTI Backup Now 5 (Version: 5.1.2.630)
NTI Backup Now Standard (Version: 5.1.2.630)
NTI Media Maker 8 (Version: 8.0.12.6636)
OpenAL
OpenTTD 1.1.5 (Version: 1.1.5)
Photo Gallery (Version: 16.4.3505.0912)
PX Profile Update (Version: 1.00.1.)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.6167)
Recuva (Version: 1.39)
Shredder (Version: 2.0.8.3)
Skype™ 6.7 (Version: 6.7.102)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
Syncrosoft Lizenz Kontrolle
TrueCrypt (Version: 7.0a)
Überwachungstool für die Intel® Turbo-Boost-Technik (Version: 1.0.186.6)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 8.0 CRT (x86) WinSXS MSM (Version: 8.0.50727.762)
Warzone 2100-2.3.9 (Version: 2.3.9)
Warzone 2100-3.1_beta10 (Version: 3.1_beta10)
Welcome Center (Version: 1.02.3004)
Wild Creatures
Wildlife Park
Windows Live Communications Platform (Version: 16.4.3505.0912)
Windows Live Essentials (Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (Version: 16.4.3505.0912)
Windows Live Mail (Version: 16.4.3505.0912)
Windows Live Messenger (Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (Version: 16.4.3505.0912)
Windows Live PIMT Platform (Version: 16.4.3505.0912)
Windows Live SOXE (Version: 16.4.3505.0912)
Windows Live SOXE Definitions (Version: 16.4.3505.0912)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912)
Windows Live Writer (Version: 16.4.3505.0912)
Windows Live Writer Resources (Version: 16.4.3505.0912)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Windows Speech Recognition Macros (Version: 1.0.6862.19)
Wing Commander Saga 1.0.2.7795 (Version: 1.0.2.7795)
WinRAR 4.11 (32-Bit) (Version: 4.11.0)
========================= Memory info: ===================================
Percentage of memory in use: 45%
Total physical RAM: 3956.5 MB
Available physical RAM: 2170.46 MB
Total Pagefile: 7911.18 MB
Available Pagefile: 5828.34 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.38 MB
========================= Partitions: =====================================
1 Drive c: (ACER) (Fixed) (Total:451.99 GB) (Free:242.64 GB) NTFS
========================= Users: ========================================
Benutzerkonten fr \\JP1
Administrator Gast ***
**** **** 2
Der Befehl wurde erfolgreich ausgefhrt.
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
Geändert von B e n n i (16.08.2013 um 10:07 Uhr) |
|
| Themen zu Download/Installation von Updates nicht möglich |
| 4d36e972-e325-11ce-bfc1-08002be10318, akamai, antivirus, avira, bluestacks, bonjour, branding, browser, cubase, desktop, device driver, error, excel, farbar, farbar recovery scan tool, fehler 5, firefox, flash player, hijack, home, homepage, iexplore.exe, launch, mp3, msiinstaller, nicht möglich, plug-in, popup, proxyeinstellungen, realtek, registry, richtlinie, security, software, system error, updates, virtualbox, vista, windows, windows updates |
Linear-Darstellung
