| |
| |||||||
Log-Analyse und Auswertung: ZoneAlarm Antivirus deaktiviert sich ständig und Werbeprobleme im BrowserWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.08.2014, 15:03
| #1 |
| |  ZoneAlarm Antivirus deaktiviert sich ständig und Werbeprobleme im Browser Hallo, seit neuestem bekomme ich von meinem Wartungscenter immer die Nachricht, dass ich mein ZoneAlarm Antivirus aktivieren soll. Wenn ich das jedoch mache, kommt nach kurzer Zeit wieder diese Meldung. Ich kann meinen Echschutz nicht mehr einschalten. Das Programm zeigt mir an, dass es mit einem anderen Programm im Konflikt steht. Dabei habe ich in letzter Zeit weder ein neues Programm runtergeladen noch irgendetwas geändert. Noch dazu öffnen sich in Firefox manchmal ungewollte Werbungen. Mit MBAM habe ich nach Viren gescannt und sie auch aus der Quarantäne entfernt. Problem ist jedoch geblieben... Hier sind die Logfiles MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 13.08.2014 Scan Time: 13:56:12 Logfile: log.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.08.13.03 Rootkit Database: v2014.08.04.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x86 File System: NTFS User: Anna Scan Type: Threat Scan Result: Completed Objects Scanned: 282728 Time Elapsed: 7 min, 36 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 2 PUP.Optional.SWBooster.A, HKLM\SOFTWARE\SW-Booster, Quarantined, [898ebf076f0c52e4fe3fa14623dfbd43], PUP.Optional.Booster.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5F189DF5-2D05-472B-9091-84D9848AE48B}{c67abfdb}, Quarantined, [00178b3ba6d5b383d22b8e55ec16ee12], Registry Values: 0 (No malicious items detected) Registry Data: 2 PUP.Optional.CalcIt.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://websearch.calcitapp.info/, Good: (www.google.com), Bad: (hxxp://websearch.calcitapp.info/),Replaced,[9e793f87215abc7a2e90853d9a6a18e8] PUP.Optional.CalcIt.A, HKU\S-1-5-21-3320326018-2059240452-1392367381-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://websearch.calcitapp.info/, Good: (www.google.com), Bad: (hxxp://websearch.calcitapp.info/),Replaced,[dd3a369014675adc7e41ab17a55fbc44] Folders: 5 PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\SW-Booster, Quarantined, [76a1794da1dab6802d2b8e3fe31ff808], PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\SW-Booster\792098896, Quarantined, [76a1794da1dab6802d2b8e3fe31ff808], PUP.Optional.Booster.A, C:\Program Files\SW-Booster, Quarantined, [b166cdf9afcc20161cfe507ee71b827e], PUP.Optional.MultiPlug.A, C:\ProgramData\pricechopp, Quarantined, [60b7d3f3196237ff66dbe2eeaa586d93], PUP.Optional.MultiPlug.A, C:\Program Files\pricechopp, Quarantined, [090e7d49b3c87bbb9ba7e7e9a161bd43], Files: 6 PUP.Optional.Booster.A, C:\Windows\Tasks\SW-Booster-S-792098896.job, Quarantined, [0b0c92343a411f17035a647d9b67a060], PUP.Optional.Booster.A, C:\Windows\System32\Tasks\SW-Booster-S-792098896, Quarantined, [3bdc66600d6eeb4b2a3407da10f2c43c], PUP.Optional.Booster.A, C:\ProgramData\Trusted Publisher\SW-Booster\792098896.ini, Quarantined, [76a1794da1dab6802d2b8e3fe31ff808], PUP.Optional.MultiPlug.A, C:\ProgramData\pricechopp\Bs7zZ.dat, Quarantined, [60b7d3f3196237ff66dbe2eeaa586d93], PUP.Optional.MultiPlug.A, C:\Program Files\pricechopp\9NGy.dat, Quarantined, [090e7d49b3c87bbb9ba7e7e9a161bd43], PUP.Optional.MultiPlug.A, C:\Program Files\pricechopp\9NGy.tlb, Quarantined, [090e7d49b3c87bbb9ba7e7e9a161bd43], Physical Sectors: 0 (No malicious items detected) (end) Lg Won |
|
13.08.2014, 15:52
| #2 |
| /// the machine /// TB-Ausbilder    |  ZoneAlarm Antivirus deaktiviert sich ständig und Werbeprobleme im Browser hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
13.08.2014, 16:01
| #3 |
| | ZoneAlarm Antivirus deaktiviert sich ständig und Werbeprobleme im Browser FRST.txt :
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:13-08-2014
Ran by Anna (administrator) on ANNA-PC on 13-08-2014 16:56:09
Running from C:\Users\Anna\Downloads
Platform: Microsoft Windows 7 Home Basic Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Paltiosoft Inc.) C:\Program Files\SoftDenchi\UCManSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATILEE.EXE
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-3320326018-2059240452-1392367381-1000\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-3320326018-2059240452-1392367381-1000\...\Run: [Google+ Auto Backup] => "C:\Users\Anna\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
HKU\S-1-5-21-3320326018-2059240452-1392367381-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATILEE.EXE [260160 2013-04-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3320326018-2059240452-1392367381-1000\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [1753280 2014-07-16] (Valve Corporation)
HKU\S-1-5-21-3320326018-2059240452-1392367381-1000\...\MountPoints2: {7d836956-1505-11e2-9502-c8600024e5ee} - J:\LGAutoRun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKCU - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\jqxmfyx0.default-1402062062919
FF DefaultSearchEngine: Search By ZoneAlarm
FF SelectedSearchEngine: Search By ZoneAlarm
FF Homepage: https://www.bing.com/?cc=de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\jqxmfyx0.default-1402062062919\user.js
FF SearchPlugin: C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\jqxmfyx0.default-1402062062919\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Anna\AppData\Roaming\Mozilla\Firefox\Profiles\jqxmfyx0.default-1402062062919\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-06]
Chrome:
=======
CHR Extension: (Zotero Connector) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2014-08-11]
CHR Extension: (priceChuop) - C:\Users\Anna\AppData\Local\Google\Chrome\User Data\Default\Extensions\miihkbkgakmcpndacfpgfhmfcccbglim [2014-08-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-05] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [126128 2012-05-17] (Seiko Epson Corporation)
R2 UCManSvc; C:\Program Files\SoftDenchi\UCManSvc.exe [241808 2010-03-12] (Paltiosoft Inc.) [File not signed]
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-04-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [488032 2014-04-30] (Kaspersky Lab ZAO)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-06] (Avira GmbH)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [456088 2014-05-30] (Check Point Software Technologies Ltd.)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-04-30] (Kaspersky Lab ZAO)
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-13 16:56 - 2014-08-13 16:56 - 00010035 _____ () C:\Users\Anna\Downloads\FRST.txt
2014-08-13 16:55 - 2014-08-13 16:56 - 00000000 ____D () C:\FRST
2014-08-13 16:55 - 2014-08-13 16:55 - 01092096 _____ (Farbar) C:\Users\Anna\Downloads\FRST.exe
2014-08-13 15:57 - 2014-08-13 15:57 - 00000470 _____ () C:\Users\Anna\Downloads\defogger_disable.log
2014-08-13 15:57 - 2014-08-13 15:57 - 00000000 _____ () C:\Users\Anna\defogger_reenable
2014-08-13 15:55 - 2014-08-13 15:55 - 00050477 _____ () C:\Users\Anna\Downloads\Defogger.exe
2014-08-13 14:08 - 2014-08-13 14:48 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-13 14:07 - 2014-08-13 14:07 - 18616976 _____ (SUPERAntiSpyware) C:\Users\Anna\Downloads\SUPERAntiSpyware.exe
2014-08-13 00:33 - 2014-08-13 00:34 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-08-13 00:33 - 2014-04-30 11:01 - 00488032 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-08-13 00:33 - 2014-04-30 11:01 - 00074848 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-08-13 00:33 - 2014-04-30 11:00 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-08-13 00:32 - 2014-08-13 00:32 - 00000732 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-08-13 00:32 - 2014-08-13 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-08-13 00:30 - 2014-08-13 00:32 - 00000000 ____D () C:\Program Files\CheckPoint
2014-08-13 00:24 - 2014-08-13 13:27 - 00014248 _____ () C:\Windows\PFRO.log
2014-08-13 00:24 - 2014-08-13 13:27 - 00000112 _____ () C:\Windows\setupact.log
2014-08-13 00:24 - 2014-08-13 00:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-12 23:32 - 2014-08-12 23:32 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\Anna\Downloads\zaSetupWeb_132_015_000.exe
2014-08-12 21:09 - 2014-08-12 21:09 - 00222179 _____ () C:\Users\Anna\AppData\Local\recently-used.xbel
2014-08-11 13:06 - 2014-08-13 14:05 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-08-11 13:05 - 2014-08-12 22:55 - 00000000 ____D () C:\Program Files\Adblocker
2014-08-11 13:05 - 2014-08-12 19:19 - 00000000 ____D () C:\ProgramData\Adblocker
2014-08-11 13:05 - 2014-08-11 13:05 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Gast
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Anna\AppData\Local\Torch
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Anna\AppData\Local\Comodo
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Anna\AppData\Local\Chromatic Browser
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Administrator
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\ProgramData\f3c9bce3b81a6655
2014-08-11 12:52 - 2014-08-11 12:52 - 00000000 ____D () C:\Users\Anna\AppData\Local\{CDF55276-D291-4AE7-9B9A-98B10030C882}
2014-08-07 22:21 - 2014-08-07 22:21 - 00000000 ____D () C:\Users\Anna\AppData\Local\{3C70E58F-9448-4C47-A75D-22FBC1FE3FB0}
2014-08-07 12:56 - 2014-08-07 16:13 - 00000000 ____D () C:\Users\Anna\Desktop\ebay
2014-08-05 11:13 - 2014-08-06 10:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-02 10:48 - 2014-05-14 18:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 10:48 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 10:48 - 2014-05-14 18:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 10:48 - 2014-05-14 18:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 10:48 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 10:48 - 2014-05-14 18:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 10:48 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 10:47 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 10:47 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 21:42 - 2014-08-01 21:43 - 00000000 ____D () C:\Users\Anna\AppData\Local\{B2722220-2D1F-4F37-9956-6C665E53EC64}
2014-07-28 21:41 - 2014-07-28 21:41 - 00000000 ____D () C:\Users\Anna\AppData\Local\{BC020800-1370-4F26-8B42-A94E27460B71}
2014-07-26 19:24 - 2014-07-26 19:24 - 00000000 ____D () C:\Users\Anna\AppData\Local\CAPCOM
2014-07-26 19:24 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-07-26 18:22 - 2014-07-26 18:22 - 00000216 _____ () C:\Users\Anna\Desktop\Resident Evil Revelations Biohazard Revelations UE.url
2014-07-26 18:22 - 2014-07-26 18:22 - 00000000 ____D () C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-26 17:52 - 2014-08-13 13:29 - 00000000 ____D () C:\Program Files\Steam
2014-07-26 17:52 - 2014-07-26 18:02 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-07-26 17:52 - 2014-07-26 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-22 14:29 - 2014-07-22 14:29 - 28393960 _____ (DVDVideoSoft Ltd. ) C:\Users\Anna\Downloads\FreeAudioConverter.exe
2014-07-22 12:42 - 2014-07-22 12:43 - 29527272 _____ (DVDVideoSoft Ltd. ) C:\Users\Anna\Downloads\FreeYouTubeToMP3Converter.exe
2014-07-21 12:34 - 2014-07-21 12:34 - 01859152 _____ (BitTorrent Inc.) C:\Users\Anna\Downloads\uTorrent.exe
2014-07-20 12:37 - 2014-07-20 12:38 - 00000000 ____D () C:\Users\Anna\Documents\FreeTorrentDownload
2014-07-18 15:26 - 2014-07-18 15:26 - 00000000 ____D () C:\Users\Anna\AppData\Local\{825133FD-AA11-4243-AE61-B7BDF1D48CD6}
2014-07-15 19:37 - 2014-07-15 19:38 - 00000000 ____D () C:\Users\Anna\AppData\Local\{55548B6B-F5D6-45A9-8908-36EE9384A34D}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-13 16:56 - 2014-08-13 16:56 - 00010035 _____ () C:\Users\Anna\Downloads\FRST.txt
2014-08-13 16:56 - 2014-08-13 16:55 - 00000000 ____D () C:\FRST
2014-08-13 16:55 - 2014-08-13 16:55 - 01092096 _____ (Farbar) C:\Users\Anna\Downloads\FRST.exe
2014-08-13 16:31 - 2014-03-28 17:31 - 00000917 _____ () C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {5F489015-7165-442A-83F4-806239DE4AE8}.job
2014-08-13 16:31 - 2014-03-28 17:31 - 00000731 _____ () C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {5F489015-7165-442A-83F4-806239DE4AE8}.job
2014-08-13 16:31 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-13 16:30 - 2012-09-02 20:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-13 16:26 - 2014-03-28 15:05 - 01824689 _____ () C:\Windows\WindowsUpdate.log
2014-08-13 15:57 - 2014-08-13 15:57 - 00000470 _____ () C:\Users\Anna\Downloads\defogger_disable.log
2014-08-13 15:57 - 2014-08-13 15:57 - 00000000 _____ () C:\Users\Anna\defogger_reenable
2014-08-13 15:57 - 2012-09-02 19:14 - 00000000 ____D () C:\Users\Anna
2014-08-13 15:55 - 2014-08-13 15:55 - 00050477 _____ () C:\Users\Anna\Downloads\Defogger.exe
2014-08-13 14:48 - 2014-08-13 14:08 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-08-13 14:22 - 2011-06-05 19:40 - 00000000 ___RD () C:\Programme
2014-08-13 14:07 - 2014-08-13 14:07 - 18616976 _____ (SUPERAntiSpyware) C:\Users\Anna\Downloads\SUPERAntiSpyware.exe
2014-08-13 14:05 - 2014-08-11 13:06 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-08-13 13:35 - 2009-07-14 06:34 - 00014128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-13 13:35 - 2009-07-14 06:34 - 00014128 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-13 13:34 - 2012-09-02 19:22 - 01492188 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-13 13:29 - 2014-07-26 17:52 - 00000000 ____D () C:\Program Files\Steam
2014-08-13 13:27 - 2014-08-13 00:24 - 00014248 _____ () C:\Windows\PFRO.log
2014-08-13 13:27 - 2014-08-13 00:24 - 00000112 _____ () C:\Windows\setupact.log
2014-08-13 13:27 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-13 00:34 - 2014-08-13 00:33 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-08-13 00:32 - 2014-08-13 00:32 - 00000732 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-08-13 00:32 - 2014-08-13 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-08-13 00:32 - 2014-08-13 00:30 - 00000000 ____D () C:\Program Files\CheckPoint
2014-08-13 00:24 - 2014-08-13 00:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-12 23:32 - 2014-08-12 23:32 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\Anna\Downloads\zaSetupWeb_132_015_000.exe
2014-08-12 22:55 - 2014-08-11 13:05 - 00000000 ____D () C:\Program Files\Adblocker
2014-08-12 21:09 - 2014-08-12 21:09 - 00222179 _____ () C:\Users\Anna\AppData\Local\recently-used.xbel
2014-08-12 21:09 - 2014-07-13 20:38 - 00000000 ____D () C:\Users\Anna\.gimp-2.8
2014-08-12 21:09 - 2014-05-15 19:58 - 00000000 ____D () C:\Users\Anna\AppData\Local\gtk-2.0
2014-08-12 21:01 - 2014-07-04 11:08 - 00000000 ____D () C:\Users\Anna\AppData\Roaming\vlc
2014-08-12 19:19 - 2014-08-11 13:05 - 00000000 ____D () C:\ProgramData\Adblocker
2014-08-11 20:27 - 2012-10-09 11:37 - 00000000 ____D () C:\Users\Anna\Documents\DVDVideoSoft
2014-08-11 13:14 - 2014-06-14 11:39 - 00000000 ____D () C:\Users\Anna\Desktop\Chara-Projekte
2014-08-11 13:05 - 2014-08-11 13:05 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Gast\AppData\Local\Chromatic Browser
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Gast
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Anna\AppData\Local\Torch
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Anna\AppData\Local\Comodo
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Anna\AppData\Local\Chromatic Browser
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\Users\Administrator
2014-08-11 13:05 - 2014-08-11 13:05 - 00000000 ____D () C:\ProgramData\f3c9bce3b81a6655
2014-08-11 13:05 - 2012-09-02 20:07 - 00000000 ____D () C:\Users\Anna\AppData\Local\Google
2014-08-11 13:05 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-08-11 12:52 - 2014-08-11 12:52 - 00000000 ____D () C:\Users\Anna\AppData\Local\{CDF55276-D291-4AE7-9B9A-98B10030C882}
2014-08-11 12:52 - 2012-09-02 20:09 - 00000000 ___RD () C:\Users\Anna\Desktop\Bücher
2014-08-10 21:58 - 2012-09-02 20:44 - 00000000 ___RD () C:\Users\Anna\Desktop\Bilder
2014-08-10 15:16 - 2012-09-02 20:09 - 00000000 ___RD () C:\Users\Anna\Desktop\Sounds
2014-08-08 12:05 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-07 22:21 - 2014-08-07 22:21 - 00000000 ____D () C:\Users\Anna\AppData\Local\{3C70E58F-9448-4C47-A75D-22FBC1FE3FB0}
2014-08-07 16:13 - 2014-08-07 12:56 - 00000000 ____D () C:\Users\Anna\Desktop\ebay
2014-08-06 10:18 - 2014-08-05 11:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-06 10:18 - 2013-08-07 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-06 10:18 - 2013-08-07 12:09 - 00000000 ____D () C:\Program Files\Avira
2014-08-05 11:16 - 2012-09-02 19:21 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-08-05 11:15 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-05 11:14 - 2012-09-11 17:03 - 00000000 ____D () C:\Program Files\Electronic Arts
2014-08-05 11:13 - 2013-08-07 12:09 - 00000000 ____D () C:\ProgramData\Avira
2014-08-05 09:20 - 2013-08-06 15:01 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 13:29 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-08-03 11:46 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-08-02 20:36 - 2014-03-28 17:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2014-08-02 20:36 - 2014-03-28 17:33 - 00000000 ____D () C:\Program Files\EPSON Software
2014-08-02 20:36 - 2014-03-28 17:33 - 00000000 ____D () C:\Program Files\epson
2014-08-02 17:27 - 2012-09-12 20:36 - 00000000 ___HD () C:\Users\Anna\Desktop\.picasaoriginals
2014-08-01 21:43 - 2014-08-01 21:42 - 00000000 ____D () C:\Users\Anna\AppData\Local\{B2722220-2D1F-4F37-9956-6C665E53EC64}
2014-07-31 10:24 - 2012-09-02 19:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-30 18:37 - 2014-06-18 18:27 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-29 10:54 - 2014-03-28 17:48 - 00000000 ____D () C:\Users\Anna\AppData\Roaming\Epson
2014-07-29 10:54 - 2014-03-28 17:27 - 00000000 ____D () C:\ProgramData\Epson
2014-07-28 21:41 - 2014-07-28 21:41 - 00000000 ____D () C:\Users\Anna\AppData\Local\{BC020800-1370-4F26-8B42-A94E27460B71}
2014-07-26 19:24 - 2014-07-26 19:24 - 00000000 ____D () C:\Users\Anna\AppData\Local\CAPCOM
2014-07-26 18:22 - 2014-07-26 18:22 - 00000216 _____ () C:\Users\Anna\Desktop\Resident Evil Revelations Biohazard Revelations UE.url
2014-07-26 18:22 - 2014-07-26 18:22 - 00000000 ____D () C:\Users\Anna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-26 18:02 - 2014-07-26 17:52 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-07-26 17:52 - 2014-07-26 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-07-22 14:34 - 2012-09-02 19:45 - 00072400 _____ () C:\Users\Anna\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-22 14:33 - 2009-07-14 06:33 - 00313904 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-22 14:31 - 2012-09-03 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-07-22 14:31 - 2012-09-03 19:27 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-07-22 14:31 - 2012-09-03 19:27 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-07-22 14:31 - 2012-09-03 19:26 - 00000000 ____D () C:\Users\Anna\AppData\Roaming\DVDVideoSoft
2014-07-22 14:29 - 2014-07-22 14:29 - 28393960 _____ (DVDVideoSoft Ltd. ) C:\Users\Anna\Downloads\FreeAudioConverter.exe
2014-07-22 12:43 - 2014-07-22 12:42 - 29527272 _____ (DVDVideoSoft Ltd. ) C:\Users\Anna\Downloads\FreeYouTubeToMP3Converter.exe
2014-07-21 12:34 - 2014-07-21 12:34 - 01859152 _____ (BitTorrent Inc.) C:\Users\Anna\Downloads\uTorrent.exe
2014-07-20 12:38 - 2014-07-20 12:37 - 00000000 ____D () C:\Users\Anna\Documents\FreeTorrentDownload
2014-07-18 15:26 - 2014-07-18 15:26 - 00000000 ____D () C:\Users\Anna\AppData\Local\{825133FD-AA11-4243-AE61-B7BDF1D48CD6}
2014-07-15 19:38 - 2014-07-15 19:37 - 00000000 ____D () C:\Users\Anna\AppData\Local\{55548B6B-F5D6-45A9-8908-36EE9384A34D}
2014-07-15 12:44 - 2013-08-08 12:23 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
Files to move or delete:
====================
C:\Users\Anna\wlsetup-web_15.4.3555.308.exe
Some content of TEMP:
====================
C:\Users\Anna\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-07 13:58
==================== End Of Log ============================
Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:13-08-2014
Ran by Anna at 2014-08-13 16:57:02
Running from C:\Users\Anna\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Alice Madness Returns (HKLM\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Avira (HKLM\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 3.23 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Druckerdeinstallation für EPSON XP-412 413 415 Series (HKLM\...\EPSON XP-412 413 415 Series) (Version: - SEIKO EPSON Corporation)
Epson Event Manager (HKLM\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON-Handbücher (HKLM\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
FotoMix version 9.0.8 (HKLM\...\{10A0255E-0B73-4397-AB4E-E3667EDA70E4}_is1) (Version: 9.0.8 - Digital Photo Software)
Free Dailymotion Download version 1.0.27.604 (HKLM\...\Free Dailymotion Download_is1) (Version: 1.0.27.604 - DVDVideoSoft Ltd.)
Free Studio version 2014 (HKLM\...\Free Studio_is1) (Version: 6.3.5.623 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.39.604 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.39.604 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
ICQ7M (HKLM\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Resident Evil Revelations / Biohazard Revelations UE (HKLM\...\Steam App 222480) (Version: - Capcom)
SdRt4200 (HKLM\...\{140347A0-4A0C-44FC-9CA1-C8A3471899B7}) (Version: 4.2.8.0 - パルティオソフト株式会社)
Software Updater (HKLM\...\{B307472F-7BD9-4040-9255-CE6D6A1196A3}) (Version: 4.3.1 - SEIKO EPSON CORPORATION)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
ZoneAlarm Antivirus (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.2.015.000 - Check Point)
ZoneAlarm Security (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> C:\Users\Anna\Downloads\[HorribleSubs] Hamatora - 01 [1080p].mkv.exe No File
CustomCLSID: HKU\S-1-5-21-3320326018-2059240452-1392367381-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
==================== Restore Points =========================
07-08-2014 12:05:41 Geplanter Prüfpunkt
12-08-2014 22:51:03 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {3F199AF0-125B-4C22-8C49-351933CD4153} - System32\Tasks\EPSON XP-412 413 415 Series Update {5F489015-7165-442A-83F4-806239DE4AE8} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [2013-04-26] (SEIKO EPSON CORPORATION)
Task: {9276F584-FDAC-48B5-B689-218C2A3CE958} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {5F489015-7165-442A-83F4-806239DE4AE8} => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE [2013-04-26] (SEIKO EPSON CORPORATION)
Task: {AE5691B2-4096-4C96-A016-C74620CC2732} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {BF2A5925-CE47-4B6E-840B-3F3AA6A7711D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-09-24] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {5F489015-7165-442A-83F4-806239DE4AE8}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE
Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {5F489015-7165-442A-83F4-806239DE4AE8}.job => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FTSLEE.EXE
==================== Loaded Modules (whitelisted) =============
2014-07-11 16:53 - 2014-07-12 02:53 - 01116672 _____ () C:\Program Files\Steam\libavcodec-55.dll
2014-07-11 16:53 - 2014-07-12 02:53 - 00438784 _____ () C:\Program Files\Steam\libavutil-53.dll
2014-07-11 16:53 - 2014-07-12 02:53 - 00399360 _____ () C:\Program Files\Steam\libavformat-55.dll
2014-07-11 16:53 - 2014-07-12 02:53 - 00331264 _____ () C:\Program Files\Steam\libavresample-1.dll
2014-06-26 14:40 - 2014-06-27 00:40 - 00764416 _____ () C:\Program Files\Steam\SDL2.dll
2014-07-15 18:28 - 2014-07-16 04:28 - 02139328 _____ () C:\Program Files\Steam\video.dll
2014-04-28 16:37 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files\Steam\libswscale-2.dll
2014-07-15 18:28 - 2014-07-16 04:28 - 01116864 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2014-05-01 15:35 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files\Steam\bin\libcef.dll
2014-06-18 18:27 - 2014-07-30 18:37 - 03800688 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-07-09 19:30 - 2014-07-09 19:30 - 17029808 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/13/2014 01:33:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetExportedValueFromLazy[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/13/2014 01:33:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetExportedValueFromLazy[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/13/2014 01:33:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei System.Linq.Enumerable.First[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>)
bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(System.String)
bei System.Linq.Enumerable.Any[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(System.Collections.Generic.List`1<System.String>)
bei Avira.OE.BrowserExtensionConnector.SafeSearchProductInfo.IsInstalled(Avira.OE.WinCore.Browser)
bei Avira.OE.WinCore.BrowserInfo.GetBrowsersData(System.Func`2<Avira.OE.WinCore.Browser,Boolean>)
bei Avira.OE.BrowserExtensionConnector.AviraSafeSearchStatusConnector.GetBrowserInfo()
bei Avira.OE.ServiceHost.ComputerAndServicesInfo.SetPayloadForSafeSearch(Avira.OE.WinCore.Interface.DevCheckUpdatePayload)
bei Avira.OE.ServiceHost.ComputerAndServicesInfo.CreateMessagePayload()
bei Avira.OE.ServiceHost.ServiceHost.DispatchAnonymousSyncStatus(Avira.OE.Communicator.Interface.ICommunicator)
bei Avira.OE.ServiceHost.ServiceHost+<>c__DisplayClass2.<Initialize>b__0(System.Object, System.EventArgs)
bei System.EventHandler`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Invoke(System.Object, System.__Canon)
bei Avira.OE.ServiceHost.ServiceStatusProviderContainer.DeviceStatusProvider_DeviceStatusChanged(System.Object, System.EventArgs)
bei Avira.OE.AvConnector.AvConnector.FireDeviceStatusChanged()
bei Avira.OE.AvConnector.AvConnector.RefreshDeviceState()
bei Avira.OE.AvConnector.AvConnector.OnEventDatabaseFileChanged(System.Object, System.EventArgs)
bei Avira.OE.AvConnector.AvFileMonitor.FileWatcher_Changed(System.Object, System.IO.FileSystemEventArgs)
bei System.IO.FileSystemWatcher.OnChanged(System.IO.FileSystemEventArgs)
bei System.IO.FileSystemWatcher.NotifyFileSystemEventArgs(Int32, System.String)
bei System.IO.FileSystemWatcher.CompletionStatusChanged(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.IOCompletionCallback_Context(System.Object)
bei System.Threading.ExecutionContext.runTryCode(System.Object)
bei System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (08/13/2014 01:28:54 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.InvalidOperationException: Die Sequenz enthält keine Elemente.
bei System.Linq.Enumerable.First[TSource](IEnumerable`1 source)
bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(String extensionId)
bei System.Linq.Enumerable.Any[TSource](IEnumerable`1 source, Func`2 predicate)
bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(List`1 extensionIds)
bei Avira.OE.BrowserExtensionConnector.ExtensionStatusMonitor.StartWatching(TimeSpan timeSpan)
bei Avira.OE.BrowserExtensionConnector.AviraBrowserSafetyStatusConnector.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, IntPtr eventData)
Error: (08/13/2014 00:25:49 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetExportedValueFromLazy[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/13/2014 00:25:37 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetExportedValueFromLazy[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/13/2014 00:25:27 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/13/2014 00:25:27 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/13/2014 00:25:27 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/13/2014 00:25:27 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
System errors:
=============
Error: (08/13/2014 01:33:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (08/13/2014 01:33:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/13/2014 01:33:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/13/2014 01:27:36 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (08/13/2014 01:27:36 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (08/13/2014 00:25:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (08/13/2014 00:25:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/13/2014 00:25:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/13/2014 00:25:27 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (08/13/2014 00:25:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (08/13/2014 01:33:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetExportedValueFromLazy[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/13/2014 01:33:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetExportedValueFromLazy[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/13/2014 01:33:00 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei System.Linq.Enumerable.First[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>)
bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(System.String)
bei System.Linq.Enumerable.Any[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(System.Collections.Generic.List`1<System.String>)
bei Avira.OE.BrowserExtensionConnector.SafeSearchProductInfo.IsInstalled(Avira.OE.WinCore.Browser)
bei Avira.OE.WinCore.BrowserInfo.GetBrowsersData(System.Func`2<Avira.OE.WinCore.Browser,Boolean>)
bei Avira.OE.BrowserExtensionConnector.AviraSafeSearchStatusConnector.GetBrowserInfo()
bei Avira.OE.ServiceHost.ComputerAndServicesInfo.SetPayloadForSafeSearch(Avira.OE.WinCore.Interface.DevCheckUpdatePayload)
bei Avira.OE.ServiceHost.ComputerAndServicesInfo.CreateMessagePayload()
bei Avira.OE.ServiceHost.ServiceHost.DispatchAnonymousSyncStatus(Avira.OE.Communicator.Interface.ICommunicator)
bei Avira.OE.ServiceHost.ServiceHost+<>c__DisplayClass2.<Initialize>b__0(System.Object, System.EventArgs)
bei System.EventHandler`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Invoke(System.Object, System.__Canon)
bei Avira.OE.ServiceHost.ServiceStatusProviderContainer.DeviceStatusProvider_DeviceStatusChanged(System.Object, System.EventArgs)
bei Avira.OE.AvConnector.AvConnector.FireDeviceStatusChanged()
bei Avira.OE.AvConnector.AvConnector.RefreshDeviceState()
bei Avira.OE.AvConnector.AvConnector.OnEventDatabaseFileChanged(System.Object, System.EventArgs)
bei Avira.OE.AvConnector.AvFileMonitor.FileWatcher_Changed(System.Object, System.IO.FileSystemEventArgs)
bei System.IO.FileSystemWatcher.OnChanged(System.IO.FileSystemEventArgs)
bei System.IO.FileSystemWatcher.NotifyFileSystemEventArgs(Int32, System.String)
bei System.IO.FileSystemWatcher.CompletionStatusChanged(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.IOCompletionCallback_Context(System.Object)
bei System.Threading.ExecutionContext.runTryCode(System.Object)
bei System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (08/13/2014 01:28:54 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.InvalidOperationException: Die Sequenz enthält keine Elemente.
bei System.Linq.Enumerable.First[TSource](IEnumerable`1 source)
bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(String extensionId)
bei System.Linq.Enumerable.Any[TSource](IEnumerable`1 source, Func`2 predicate)
bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(List`1 extensionIds)
bei Avira.OE.BrowserExtensionConnector.ExtensionStatusMonitor.StartWatching(TimeSpan timeSpan)
bei Avira.OE.BrowserExtensionConnector.AviraBrowserSafetyStatusConnector.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, IntPtr eventData)
Error: (08/13/2014 00:25:49 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetExportedValueFromLazy[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/13/2014 00:25:37 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetExportedValueFromLazy[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/13/2014 00:25:27 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/13/2014 00:25:27 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/13/2014 00:25:27 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/13/2014 00:25:27 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
CodeIntegrity Errors:
===================================
Date: 2014-08-12 21:33:05.018
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-12 21:21:07.022
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-12 21:09:16.627
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-12 19:17:17.932
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-12 18:48:51.913
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-11 19:50:02.297
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-11 19:39:01.997
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-11 17:52:22.330
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-11 15:56:04.443
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-11 15:42:08.944
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X3 455 Processor
Percentage of memory in use: 52%
Total physical RAM: 3326.12 MB
Available physical RAM: 1578.85 MB
Total Pagefile: 6650.52 MB
Available Pagefile: 4836.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.43 MB
==================== Drives ================================
Drive c: (WindowsXP) (Fixed) (Total:465.75 GB) (Free:329.58 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 95160AB2)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
14.08.2014, 08:20
| #4 |
| /// the machine /// TB-Ausbilder | ZoneAlarm Antivirus deaktiviert sich ständig und Werbeprobleme im Browser hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.08.2014, 10:33
| #5 |
| | ZoneAlarm Antivirus deaktiviert sich ständig und Werbeprobleme im Browser Hallo, nach dem Windows-Update (dass mein Computer immer automatisch ausführt) funktioniert mein Zonealarm wieder einwandfrei. Auch die Werbung ist verschwunden. Sollte ich trotzdem den Scan mit Combofix durchführen? Oder war das Update vielleicht die Ursache? |
|
14.08.2014, 22:31
| #6 |
| /// the machine /// TB-Ausbilder | ZoneAlarm Antivirus deaktiviert sich ständig und Werbeprobleme im Browser mach bitte den Scan 
__________________ --> ZoneAlarm Antivirus deaktiviert sich ständig und Werbeprobleme im Browser |
|
| Themen zu ZoneAlarm Antivirus deaktiviert sich ständig und Werbeprobleme im Browser |
| advertisement, browser, c:\windows, deaktiviert, detected, explorer, internet, internet explorer, malwarebytes, mbam, nicht mehr, programm, pup.optional.booster.a, pup.optional.calcit.a, pup.optional.multiplug.a, pup.optional.swbooster.a, software, system32, ungewollte, zonealarm or antivir |
WARNUNG an die MITLESER: 
Linear-Darstellung
