| |
| |||||||
Log-Analyse und Auswertung: Windows 7 : Task Manager zeigt mehrmals update.exe an. 100 % CPU Auslastung bei Interneteinwahl.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.12.2014, 12:37
| #1 |
| |  Windows 7 : Task Manager zeigt mehrmals update.exe an. 100 % CPU Auslastung bei Interneteinwahl. Hallo liebes Trojaner Board Team. Ich habe seit kurzem eine 100 % CPU Auslastung sobald ich mich ins Internet einwähle. Im Task Manager unter Prozesse befinden sich mehrere Einträge einer update.exe Von defogger bekam ich keine Fehlermeldung. Ein Systemscan mit FRST und GMER wurde durchgeführt. Anbei sind die Logfiles defogger_disable.txt, FRST.txt mit Additions.txt, Gmer.txt Erbitte um Hilfestellung. Vielen Dank. defogger_disable.txt Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:59 on 18/12/2014 (Varim)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014 Ran by Varim (administrator) on VARIM-PC on 18-12-2014 12:01:37 Running from C:\Users\Varim\Desktop\Apps Loaded Profile: Varim (Available profiles: Varim) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe () C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-4200889192-1629483929-4223567121-1000\...\RunOnce: [Adobe Speed Launcher] => 1418898613 HKU\S-1-5-18\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [7611640 2014-12-11] (Avira Operations GmbH & Co. KG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\forteManager.lnk ShortcutTarget: forteManager.lnk -> C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe () Startup: C:\Users\Varim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-4200889192-1629483929-4223567121-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-4200889192-1629483929-4223567121-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4200889192-1629483929-4223567121-1000 -> {59DA59F3-6AFE-494E-9221-9CF4910A40C5} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{72289FA8-B5E8-47FE-9740-676C793458EE}: [NameServer] 217.0.43.161 217.0.43.177 FireFox: ======== FF ProfilePath: C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140 FF DefaultSearchEngine: Avira SafeSearch FF Homepage: hxxp://www.google.com/ FF NetworkProxy: "ftp", "95.172.68.150" FF NetworkProxy: "ftp_port", 80 FF NetworkProxy: "http", "www-proxy.t-online.de" FF NetworkProxy: "http_port", 80 FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co" FF NetworkProxy: "share_proxy_settings", true FF NetworkProxy: "socks", "95.172.68.150" FF NetworkProxy: "socks_port", 80 FF NetworkProxy: "ssl", "95.172.68.150" FF NetworkProxy: "ssl_port", 80 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4200889192-1629483929-4223567121-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\searchplugins\avira-safesearch.xml FF Extension: FoxyProxy Standard - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\foxyproxy@eric.h.jung [2014-09-06] FF Extension: Avira SafeSearch - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\safesearch@avira.com [2014-12-17] FF Extension: ArchiveFacebook - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA6} [2014-06-26] FF Extension: FT DeepDark - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2014-09-21] FF Extension: WOT - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-12-17] FF Extension: DownloadHelper - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-12-17] FF Extension: Ghostery - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\firefox@ghostery.com.xpi [2014-12-17] FF Extension: NASA Night Launch - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\nasanightlaunch@example.com.xpi [2012-10-12] FF Extension: Stylish - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-11-16] FF Extension: NoScript - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-06-22] FF Extension: Adblock Plus - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-10-12] FF Extension: DownThemAll! - C:\Users\Varim\AppData\Roaming\Mozilla\Firefox\Profiles\ovk9s0lw.default-1350059165140\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-12-17] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-12-01] Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-07] (Adobe Systems) [File not signed] R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] () R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] () R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L) S3 DAUpdaterSvc; G:\Games\DeadSpace\Dragon Age Origins Ultimate Edition\\bin_ship\daupdatersvc.service.exe [25832 2011-05-17] (BioWare) R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [129648 2011-05-26] (Portrait Displays, Inc.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-16] (NVIDIA Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-16] (NVIDIA Corporation) S3 Origin Client Service; G:\Games\EA Origins\Origin\OriginClientService.exe [1900400 2014-11-25] (Electronic Arts) R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) S2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG) U4 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG) R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2010-02-09] (C-Media Inc) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [30112 2013-04-10] (REALiX(tm)) S3 LGDDCDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys [14336 2009-04-24] () [File not signed] S3 LGII2CDevice; C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys [18432 2009-04-24] () [File not signed] R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-18] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-10-16] (NVIDIA Corporation) R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20592 2011-05-05] (Portrait Displays, Inc.) S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] () S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation) S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation) S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation) S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation) S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation) R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-03] (Anchorfree Inc.) S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation) R3 zebrceb; C:\Windows\System32\DRIVERS\zebrceb.sys [81280 2008-01-15] (MCCI) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-18 12:01 - 2014-12-18 12:01 - 00000000 ____D () C:\FRST 2014-12-18 11:59 - 2014-12-18 11:59 - 00000000 _____ () C:\Users\Varim\defogger_reenable 2014-12-18 11:37 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-18 11:37 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-12-17 23:59 - 2014-12-17 23:59 - 00001129 _____ () C:\Users\Public\Desktop\Avira System Speedup.lnk 2014-12-17 23:58 - 2014-12-17 23:58 - 00003320 _____ () C:\Windows\System32\Tasks\AviraSpeedup 2014-12-17 22:58 - 2014-12-17 23:11 - 495374708 ____R () C:\Users\Varim\Downloads\bb_lucy_wilde_red_lingerie_sex_480p.mp4 2014-12-17 22:30 - 2014-12-17 22:30 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\Avira 2014-12-17 22:27 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-12-17 22:25 - 2014-12-17 23:58 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-12-17 22:25 - 2014-12-17 22:25 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\Varim\Desktop\avira_de_av_5722079209__ws.exe 2014-12-17 22:12 - 2014-12-18 11:29 - 00000840 _____ () C:\Windows\setupact.log 2014-12-17 22:12 - 2014-12-17 22:31 - 00136044 _____ () C:\Windows\PFRO.log 2014-12-17 22:12 - 2014-12-17 22:12 - 00000000 _____ () C:\Windows\setuperr.log 2014-12-17 22:00 - 2014-12-17 22:25 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-12-17 21:44 - 2014-12-17 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup 2014-12-17 21:43 - 2014-12-17 22:11 - 00000000 ____D () C:\Users\Varim\Desktop\AntiVir 2014-12-17 21:14 - 2014-12-17 21:14 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-12-17 21:14 - 2014-12-17 21:14 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-12-17 21:14 - 2014-12-17 21:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-17 21:13 - 2014-12-17 21:13 - 00244264 _____ () C:\Users\Varim\Desktop\Firefox Setup Stub 34.0.5.exe 2014-12-17 18:39 - 2014-12-17 18:39 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-12-17 18:23 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-12-17 18:23 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-12-17 18:12 - 2014-12-17 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-12-17 18:12 - 2014-12-17 22:25 - 00000000 ____D () C:\ProgramData\Avira 2014-12-17 18:09 - 2014-12-17 18:09 - 02166272 _____ () C:\Users\Varim\Downloads\adwcleaner_4.105.exe 2014-12-17 18:09 - 2014-12-17 18:09 - 02166272 _____ () C:\Users\Varim\Desktop\adwcleaner_4.105.exe 2014-12-17 17:28 - 2014-12-17 17:32 - 00000000 ____D () C:\Users\Varim\Documents\moborobo 2014-12-17 17:28 - 2014-07-31 16:56 - 00013304 _____ () C:\Windows\SysWOW64\Drivers\MoborobAssDriver64.sys 2014-12-17 17:02 - 2014-12-17 17:03 - 11424898 _____ () C:\Users\Varim\Mobizen_TV_Commercial.mp4 2014-12-17 06:29 - 2014-12-17 06:29 - 00000000 ____D () C:\Users\Varim\Downloads\The Last Tour On Earth 2014-12-17 06:28 - 2014-12-17 06:29 - 00000000 ____D () C:\Users\Varim\Downloads\Marylin Manson-HolyWood-G515 2014-12-17 06:28 - 2014-12-17 06:28 - 00000000 ____D () C:\Users\Varim\Downloads\Mechanical Animals 2014-12-16 22:01 - 2014-12-16 22:01 - 00000587 _____ () C:\Users\Varim\Documents\Arbeitstage.txt 2014-12-16 20:29 - 2014-12-16 21:58 - 419948628 _____ () C:\Users\Varim\ffc581cd26ec80b2778cd53bcd31051408.flv 2014-12-16 14:52 - 2014-12-17 17:55 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\Rsupport 2014-12-16 14:52 - 2014-12-16 14:52 - 00000000 ____D () C:\Users\Varim\Documents\Mobizen 2014-12-15 14:57 - 2014-12-16 20:45 - 00000000 ____D () C:\Users\Varim\Desktop\Bilder Dagmar und Kinder 2014-12-14 12:49 - 2014-12-14 12:49 - 00000000 ____D () C:\Users\Varim\AppData\Local\PDF24 2014-12-14 12:47 - 2014-12-14 12:47 - 16342352 _____ (Geek Software GmbH ) C:\Users\Varim\Desktop\pdf24-creator-6.9.2.exe 2014-12-13 19:57 - 2014-12-13 20:19 - 00000000 ____D () C:\Users\Varim\Downloads\Subway To Sally - Mitgift (2014) [Gorgatz] 2014-12-13 19:57 - 2014-12-13 20:06 - 00000000 ____D () C:\Users\Varim\Downloads\Subway to Sally- Schwarz in Schwarz- (Limited Edition)- [2011]- Mp3ViLLe 2014-12-13 19:57 - 2014-12-13 20:02 - 00000000 ____D () C:\Users\Varim\Downloads\Subway To Sally 2014-12-13 15:02 - 2014-12-13 15:04 - 00000000 ____D () C:\Users\Varim\Downloads\Tomorrowland 2012 02 2014-12-13 14:17 - 2014-12-13 14:17 - 00000211 _____ () C:\Users\Varim\Desktop\Far Cry 3.url 2014-12-13 11:35 - 2014-12-13 11:35 - 00000000 ____D () C:\Program Files\SAMSUNG 2014-12-13 11:35 - 2014-10-13 06:57 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-12-13 11:35 - 2014-10-13 06:57 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2014-12-11 19:03 - 2014-12-11 19:10 - 00000000 ____D () C:\Users\Varim\Downloads\Pantera - The Best Of Pantera Far Beyond The Great Southern Cowboys' Vulgar Hits! (2003) 320 vtwin88cube 2014-12-11 19:01 - 2014-12-14 22:44 - 00000000 ____D () C:\Users\Varim\Downloads\Slayer - Greatest Hits [2CD Digipack Edition] 2014-12-11 18:59 - 2014-12-11 18:59 - 00000000 ____D () C:\Users\Varim\Downloads\Manowar - Hell of Steel (The Best of Manowar) 2014-12-11 18:56 - 2014-12-11 18:58 - 00000000 ____D () C:\Users\Varim\Downloads\Motorhead - The Best Of Greatest Hits [Bubanee] 2014-12-11 18:13 - 2014-12-11 18:26 - 323285456 _____ () C:\Users\Varim\Downloads\bex_jasmine_madison_ap101314_480p_1000.mp4 2014-12-11 17:33 - 2014-10-11 13:29 - 00917112 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2014-12-11 17:33 - 2014-10-11 13:27 - 00129168 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2014-12-11 06:40 - 2014-12-11 18:56 - 00000000 ____D () C:\Users\Varim\Downloads\Running Wild 2014-12-11 06:35 - 2014-12-11 06:41 - 00000000 ____D () C:\Users\Varim\Downloads\Black Sabbath - Greatest Hits 2009 [MP3 @ 320] (oan) 2014-12-11 06:34 - 2014-12-11 06:34 - 00000000 ____D () C:\Users\Varim\Downloads\Iron Maiden-Greatest Hits[www.lokotorrents.com][mp3] 2014-12-11 06:27 - 2014-12-11 06:27 - 00000000 ____D () C:\Users\Varim\Desktop\Neuer Ordner 2014-12-11 03:19 - 2014-12-11 03:19 - 00000000 ____D () C:\Windows\system32\appraiser 2014-12-11 00:13 - 2014-12-11 21:08 - 00000000 ____D () C:\Users\Varim\VirtualBox VMs 2014-12-11 00:13 - 2014-12-11 17:47 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy 2014-12-11 00:13 - 2014-12-11 17:39 - 00000000 ____D () C:\Users\Varim\.VirtualBox 2014-12-11 00:05 - 2014-12-11 21:08 - 00000000 ____D () C:\Program Files\Andy 2014-12-10 16:36 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-10 16:36 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-12-10 16:36 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-10 16:36 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-10 16:36 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-10 16:36 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-10 16:36 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-10 16:36 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-10 16:36 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-10 16:36 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-10 16:36 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-10 16:36 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-10 16:36 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-10 16:36 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-10 16:36 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-10 16:36 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-10 16:36 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-10 16:36 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-12-10 16:36 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-10 16:36 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-12-10 16:36 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-12-10 16:36 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-10 16:36 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-10 16:36 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-12-10 16:36 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-12-10 16:36 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-12-10 16:36 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-10 16:36 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-12-10 16:36 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-12-10 16:36 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-12-10 16:36 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-12-10 16:36 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-12-10 16:36 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-12-10 16:36 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-10 16:36 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-10 16:36 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-10 16:36 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-10 16:36 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-12-10 16:36 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-10 16:36 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-12-10 16:36 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-12-10 16:36 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-12-10 16:36 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-12-10 16:36 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-12-10 16:36 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-10 16:36 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-12-10 16:36 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-12-10 16:36 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-12-10 16:36 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-10 16:36 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-12-10 16:36 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-10 16:36 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-12-10 16:36 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-12-10 16:36 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-12-10 16:30 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2014-12-10 16:30 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2014-12-10 16:30 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-12-10 16:30 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-12-10 16:30 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-12-10 16:30 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-12-10 16:30 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-12-10 16:30 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2014-12-10 16:24 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-12-10 16:24 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-12-10 16:24 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-12-10 16:19 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-10 16:19 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-12-10 16:19 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe 2014-12-10 16:19 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe 2014-12-10 16:19 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-12-10 16:19 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll 2014-12-10 16:19 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2014-12-10 16:19 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2014-12-10 16:19 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe 2014-12-10 16:19 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2014-12-10 16:19 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll 2014-12-10 16:19 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2014-12-10 16:19 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2014-12-10 16:19 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe 2014-12-10 06:45 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-12-10 06:45 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-12-09 20:14 - 2014-12-09 20:14 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\Sun 2014-12-09 20:08 - 2014-12-09 20:08 - 00000000 ____D () C:\Users\Varim\Desktop\Real APK Leecher v1.3.5 2014-12-09 20:06 - 2014-12-09 20:06 - 03913734 _____ () C:\Users\Varim\Desktop\Real APK Leecher v1.3.5.zip 2014-12-08 17:42 - 2014-12-08 17:42 - 00042152 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys 2014-12-08 17:28 - 2014-12-08 17:32 - 00000438 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-12-08 13:44 - 2014-12-08 13:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf 2014-12-08 13:25 - 2014-12-08 13:25 - 00000000 ____D () C:\Users\Varim\AppData\Local\Chris_Pietschmann_(http__ 2014-12-04 22:02 - 2014-12-04 22:02 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log 2014-12-04 22:02 - 2014-06-16 07:01 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2014-12-04 22:02 - 2014-06-16 07:01 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll 2014-12-04 22:00 - 2014-12-17 17:53 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\Samsung 2014-12-04 22:00 - 2014-12-17 17:53 - 00000000 ____D () C:\Users\Varim\AppData\Local\Samsung 2014-12-04 22:00 - 2014-12-04 22:00 - 00000000 ____D () C:\Users\Varim\Documents\samsung 2014-12-04 22:00 - 2014-12-04 22:00 - 00000000 ____D () C:\Program Files (x86)\MarkAny 2014-12-04 21:56 - 2014-12-04 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec 2014-12-04 21:56 - 2014-12-04 21:56 - 00000000 ____D () C:\Program Files (x86)\MyFree Codec 2014-12-04 21:36 - 2014-12-17 17:53 - 00000000 ____D () C:\ProgramData\Samsung 2014-12-04 21:36 - 2014-12-17 17:53 - 00000000 ____D () C:\Program Files (x86)\Samsung 2014-12-04 21:36 - 2014-04-30 19:43 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll 2014-12-04 21:36 - 2014-04-30 19:43 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll 2014-12-04 20:04 - 2014-12-04 20:06 - 75714480 _____ (Samsung Electronics Co., Ltd.) C:\Users\Varim\Desktop\KiesSetup.exe 2014-12-04 19:45 - 2014-12-04 19:45 - 00000211 _____ () C:\Users\Varim\Desktop\Wasteland 2.url 2014-12-04 14:49 - 2014-12-04 14:50 - 00000000 ____D () C:\Users\Varim\Downloads\Tomorrowland Music Will Unite Us Forever (2014) (3CD) (VBR) (AciDToX8) 2014-12-01 22:03 - 2014-12-17 21:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-26 19:56 - 2014-11-26 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-26 19:56 - 2014-11-26 19:55 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-11-26 19:56 - 2014-11-26 19:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-11-26 19:56 - 2014-11-26 19:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-11-26 19:56 - 2014-11-26 19:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-11-25 13:54 - 2014-11-25 13:57 - 77988328 _____ () C:\Users\Varim\Desktop\Mein Film.mp4 2014-11-23 15:49 - 2014-12-03 16:48 - 00000000 ____D () C:\Users\Varim\Desktop\Supernatural Staffel 9 2014-11-23 10:25 - 2014-11-23 10:25 - 00000209 _____ () C:\Users\Varim\Documents\Geschenkideen.txt 2014-11-21 23:02 - 2014-11-22 19:16 - 00000968 _____ () C:\Users\Public\Desktop\Dragon Age Inquisition.lnk 2014-11-21 23:02 - 2014-11-21 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Age Inquisition 2014-11-21 19:32 - 2014-12-03 18:30 - 00000000 ____D () C:\Users\Varim\Desktop\Walking Dead Staffel 5 2014-11-21 10:55 - 2014-11-21 10:55 - 00002882 _____ () C:\Users\Varim\AppData\Local\recently-used.xbel 2014-11-20 06:17 - 2014-11-20 06:17 - 00003264 _____ () C:\Users\Varim\Documents\cc_20141120_061752.reg 2014-11-19 22:02 - 2014-11-19 22:02 - 00001250 _____ () C:\Users\Varim\Desktop\Auslogics Disk Defrag.lnk 2014-11-19 22:02 - 2014-11-19 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics 2014-11-19 22:02 - 2014-11-19 22:02 - 00000000 ____D () C:\Program Files (x86)\Auslogics 2014-11-19 21:55 - 2014-11-19 21:55 - 00000000 ____D () C:\Users\Varim\Downloads\CC Cleaner 2014-11-19 21:53 - 2014-11-19 21:53 - 00000000 ____D () C:\Users\Varim\locales 2014-11-19 21:47 - 2014-11-19 21:47 - 00000000 ____D () C:\ProgramData\Auslogics 2014-11-19 21:32 - 2014-11-19 21:32 - 12096324 _____ () C:\Users\Varim\Documents\Bags.reg 2014-11-19 21:32 - 2014-11-19 21:32 - 07092094 _____ () C:\Users\Varim\Documents\BagMRU.reg 2014-11-19 21:19 - 2014-11-19 21:19 - 00025756 _____ () C:\Users\Varim\Documents\cc_20141119_211900.reg 2014-11-19 21:17 - 2014-11-19 21:17 - 00000000 ____D () C:\Users\Varim\Desktop\Skyrim 2014-11-19 18:49 - 2014-12-04 08:41 - 00000000 ____D () C:\Users\Varim\Desktop\Meine neue KFZ Versicherung bei der Huk Coburg Vertragsdaten 2014-11-19 16:02 - 2014-12-16 06:38 - 00015537 _____ () C:\Users\Varim\Documents\Monatliche Kosten Stand 01.12.2014.odt 2014-11-18 20:54 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-18 20:54 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-18 20:54 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-18 20:54 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-18 12:01 - 2013-04-22 17:11 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\NetSpeedMonitor 2014-12-18 11:59 - 2012-01-07 17:10 - 00000000 ____D () C:\Users\Varim 2014-12-18 11:50 - 2009-07-14 05:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-18 11:50 - 2009-07-14 05:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-18 11:47 - 2014-07-12 15:39 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-12-18 11:46 - 2012-01-07 23:59 - 01292688 _____ () C:\Windows\WindowsUpdate.log 2014-12-18 11:43 - 2012-04-07 17:12 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-18 11:35 - 2009-07-14 18:58 - 00711446 _____ () C:\Windows\system32\perfh007.dat 2014-12-18 11:35 - 2009-07-14 18:58 - 00155564 _____ () C:\Windows\system32\perfc007.dat 2014-12-18 11:35 - 2009-07-14 06:13 - 01655098 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-18 11:29 - 2012-07-17 09:06 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-12-18 11:29 - 2012-04-05 18:52 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-12-18 11:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-18 01:06 - 2009-07-14 05:45 - 00298712 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-18 00:33 - 2014-09-02 19:36 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\BitTorrent 2014-12-17 23:59 - 2012-01-07 20:03 - 00066400 _____ () C:\Users\Varim\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-17 22:25 - 2014-08-08 13:39 - 00000000 ____D () C:\ProgramData\Package Cache 2014-12-17 21:54 - 2014-09-06 00:33 - 00000000 ____D () C:\AdwCleaner 2014-12-17 21:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2014-12-17 21:11 - 2014-03-10 19:03 - 00000000 ____D () C:\Users\Varim\AppData\Local\Google 2014-12-17 21:11 - 2014-03-10 19:03 - 00000000 ____D () C:\Program Files (x86)\Google 2014-12-17 18:39 - 2014-07-12 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-12-17 18:39 - 2014-07-12 15:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-12-17 17:53 - 2012-01-07 18:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-12-14 12:46 - 2013-04-14 12:39 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-12-13 03:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-12-12 13:30 - 2012-01-07 19:51 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\Adobe 2014-12-11 20:03 - 2014-07-04 21:48 - 00000000 ____D () C:\Users\Varim\Diana 2014-12-11 03:19 - 2014-05-07 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-12-11 03:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-11 03:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat 2014-12-11 03:04 - 2013-07-12 19:55 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-11 03:01 - 2012-01-07 19:52 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-12-11 00:41 - 2012-08-01 20:01 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\vlc 2014-12-09 18:43 - 2012-04-07 17:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-09 18:43 - 2012-04-07 17:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-09 18:43 - 2012-04-07 17:12 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-04 23:05 - 2012-01-18 20:13 - 00000000 ____D () C:\Users\Varim\Documents\My Games 2014-12-04 21:35 - 2012-08-04 09:47 - 00000000 ____D () C:\Users\Varim\AppData\Local\Downloaded Installations 2014-12-04 20:27 - 2013-02-08 10:30 - 00000000 ____D () C:\ProgramData\Origin 2014-12-03 18:31 - 2014-11-13 16:29 - 00000000 ____D () C:\Users\Varim\Desktop\Sons of Anarchy Staffel 5 2014-12-03 16:51 - 2014-10-10 14:11 - 00000000 ____D () C:\Users\Varim\Desktop\Sons of Anarchy Staffel 4 2014-11-26 19:56 - 2013-10-18 21:28 - 00000000 ____D () C:\ProgramData\Oracle 2014-11-26 19:55 - 2013-06-26 03:11 - 00000000 ____D () C:\Program Files (x86)\Java 2014-11-25 02:22 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-24 21:31 - 2012-10-28 14:08 - 00000000 ____D () C:\Users\Varim\dwhelper 2014-11-24 14:04 - 2012-01-07 19:33 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-11-21 23:11 - 2014-01-08 08:42 - 00000000 ____D () C:\Users\Varim\Documents\BioWare 2014-11-21 23:02 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-11-21 10:55 - 2012-06-06 16:57 - 00000000 ____D () C:\Users\Varim\.gimp-2.8 2014-11-21 06:14 - 2014-07-12 15:39 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-21 06:14 - 2014-07-12 15:39 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-21 06:14 - 2014-03-15 17:33 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-20 06:17 - 2013-07-14 12:14 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\FEZ 2014-11-20 06:17 - 2012-02-19 10:05 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\.minecraft 2014-11-19 21:53 - 2012-11-29 23:03 - 00000000 ____D () C:\Program Files\CCleaner 2014-11-19 21:38 - 2014-03-12 19:05 - 00000000 ___RD () C:\_RestoredFiles 2014-11-19 21:15 - 2012-11-24 14:25 - 00000000 ____D () C:\Users\Varim\Desktop\Team Speak 2014-11-19 20:50 - 2013-07-07 18:14 - 00000000 ____D () C:\Users\Varim\Documents\Rente 2014-11-19 20:07 - 2012-01-07 19:51 - 00000000 ____D () C:\Users\Varim\Downloads\Grafikkartentreiber 2014-11-19 19:29 - 2012-06-16 10:38 - 00000000 ____D () C:\Users\Varim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam Some content of TEMP: ==================== C:\Users\Varim\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-15 06:30 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by Varim at 2014-12-18 12:02:16
Running from C:\Users\Varim\Desktop\Apps
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer eDisplay Management (HKLM-x32\...\{A586DC50-B18D-48FB-B7CC-A598200457C2}) (Version: 1.36.003 - Portrait Displays, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.2.8900 - Adobe Systems Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.34 - ASUSTeK Computer Inc.)
Amazon Music (HKU\S-1-5-21-4200889192-1629483929-4223567121-1000\...\Amazon Amazon Music) (Version: 3.1.0.570 - Amazon Services LLC)
Andy OS (HKLM-x32\...\Andy OS) (Version: 0.41 - Andy OS, Inc)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.6 - Auslogics Software Pty Ltd)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira System Speedup 1.5 (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.5 - 2000 - 2014 Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.2.0.7 - )
BitTorrent (HKU\S-1-5-21-4200889192-1629483929-4223567121-1000\...\BitTorrent) (Version: 7.9.2.35704 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - )
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios)
DivxToDVD 0.5.2b (HKLM-x32\...\VSO DivxToDVD_is1) (Version: 0.5.2b - VSO-Software SARL)
Dragon Age Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.1 - Electronic Arts)
EA Installer (HKLM-x32\...\EA Installer.2069723897) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.62 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FormatFactory 2.80 (HKLM-x32\...\FormatFactory) (Version: 2.80 - Free Time)
forteManager (HKLM-x32\...\{DA6FAB8D-E87A-4E8E-A3D3-B7B9F479C725}) (Version: 3.18 - LG Soft India)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
FreeRIP MP3 Converter 4.5.2 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.5.2 - GreenTree Applications SRL)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HWiNFO64 Version 4.16 (HKLM\...\HWiNFO64_is1) (Version: 4.16 - Martin Malík - REALiX)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
IZArc 4.1.6 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.)
Legend of Grimrock 2 (HKLM-x32\...\Steam App 251730) (Version: - Almost Human Games)
Lords Of The Fallen (HKLM-x32\...\Steam App 265300) (Version: - CI Games)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{92a68ee6-690a-4c60-b5ac-4292593cb68c}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyFreeCodec (HKU\S-1-5-21-4200889192-1629483929-4223567121-1000\...\MyFreeCodec) (Version: - )
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 3.0.4 - Vitalwerks Internet Solutions LLC)
NVIDIA 3D Vision Controller-Treiber 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.48 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
PC Suite for Sony Ericsson (HKLM-x32\...\{E1252473-6306-4d5d-904D-B06AA7F38161}) (Version: 1.6.0 - )
PC Suite for Sony Ericsson (x32 Version: 1.6.0 - Sony Ericsson) Hidden
PC Suite for Sony Ericsson x64 (Version: 1.6.0 - Sony Ericsson) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pivot Pro Plugin (x32 Version: 9.50.110 - Portrait Displays, Inc.) Hidden
Razer Surround Driver Installer version 1.5 (HKLM-x32\...\{11B11FA5-41ED-43C1-AB4B-905DDEDC72A2}_is1) (Version: 1.5 - inXile Entertainment)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sansa Updater (HKU\S-1-5-21-4200889192-1629483929-4223567121-1000\...\Sansa Updater) (Version: 1.313 - SanDisk Corporation)
SDK (x32 Version: 2.27.002 - Portrait Displays, Inc.) Hidden
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
SlimDX Redistributable for .NET 4.0 (March 2011) (HKLM-x32\...\{DA899085-5492-4320-98BF-4F3ACEB23E01}) (Version: 4.0.11.43 - SlimDX Group)
Sony Ericsson Symbian 9 Drivers (HKLM\...\Sony Ericsson) (Version: - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Lord of the Rings Online™ (HKLM-x32\...\Steam App 212500) (Version: - )
The Lord of the Rings Online™ v03.08.00.8025 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.08.00.8025 - Turbine, Inc.)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
TheLastRipper 1.4 (HKLM-x32\...\TheLastRipper) (Version: 1.4 - TheLastRipper developer team)
Trust 5.1 Soundcard 14319 (HKLM\...\C-Media PCI Audio Driver) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version: - inXile Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.3 - Wrye & Wrye Bash Development Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
17-12-2014 02:29:13 Windows Update
17-12-2014 17:52:04 Removed Samsung Kies
17-12-2014 17:58:50 Removed Apple Software Update
17-12-2014 17:59:06 Removed Apple Mobile Device Support
17-12-2014 17:59:37 Removed Apple Application Support
17-12-2014 21:44:41 Avira System Speedup(1.3.1.9930)
17-12-2014 23:59:03 Avira System Speedup 1.5
18-12-2014 11:45:03 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {098DA853-EE85-4751-AA29-A28FAF17CFDA} - System32\Tasks\{C2D82E38-4B76-4060-9A46-17075CEBD1F1} => pcalua.exe -a "G:\Programm Steam\steam.exe" -c steam://uninstall/206290
Task: {1088D890-FDC5-4576-A88C-7CEF1512CD6E} - System32\Tasks\ASUS\i-Setup172132 => C:\Windows\Chipset\AsusSetup.exe [2010-08-12] (ASUSTeK Computer Inc.)
Task: {115EE081-E601-4FC4-86BE-F2BEBEC2779B} - System32\Tasks\{7807A96F-BC91-4580-A44B-4DAE0468827B} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {16DC3D55-6123-429C-A79C-28A71E33FE73} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {1C7B40DD-242D-4C76-8367-6966659E21A4} - System32\Tasks\{1ACAA613-8FC1-4BB0-B3FC-E86171D07E64} => G:\Games\UFO\UFO.exe
Task: {25D6BB8F-1998-48E8-ADF0-FD3F5E081AFC} - System32\Tasks\{65358A62-82FB-44B5-9EDD-8CB101210630} => G:\Games\UFO\UFO.exe
Task: {2820B82F-1655-432F-9AE5-C77ACA2420A8} - System32\Tasks\{730C84B7-61FA-4FE5-B8BD-4B4CBF14FF35} => G:\Programm Steam\SteamApps\common\the walking dead\WalkingDead101.exe
Task: {285E3B84-33DF-4EA2-AD16-3D3F282567BE} - System32\Tasks\{BFA9C499-FDBA-4ADA-98E6-132BCD4714F2} => C:\Users\Varim\Downloads\nl_2011_mon_64.exe [2013-04-07] ()
Task: {2C070385-E5F7-46CF-BD97-FE6D0C767DA7} - System32\Tasks\{26F81597-4D79-489C-A00E-2EA7C1AAAD6D} => pcalua.exe -a "C:\Program Files\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe" -d "C:\Program Files\TeamSpeak 3 Client\plugins\ts3overlay\" -c 10000
Task: {2C841557-96C9-40B8-971E-CFB9C70CB713} - System32\Tasks\{539AF193-5C02-45CD-A8E3-97B7D39B530A} => G:\Programm Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
Task: {3B272BB4-F705-434B-9099-75A27EF40929} - System32\Tasks\{36C67D16-145B-4359-BA7F-990E212CEEF9} => G:\Programm Steam\SteamApps\common\the walking dead\WalkingDead101.exe
Task: {3C8C5D85-6F10-4F57-99C5-CEB43AFE6E2A} - System32\Tasks\{54E30F20-8979-4B6E-845C-2DFF7216C733} => pcalua.exe -a "C:\Users\Varim\Downloads\Giga F Tasten\setup.exe" -d "C:\Users\Varim\Downloads\Giga F Tasten"
Task: {462AEFF4-4895-46E4-BB2D-CE17596A0072} - System32\Tasks\{E6EC0106-DD98-4377-9081-29837AC8C909} => G:\Programm Steam\SteamApps\common\the walking dead\WalkingDead101.exe
Task: {4F64B2C0-A026-4281-B81E-3247D7B56368} - System32\Tasks\{E10769A7-98E5-4055-A96F-C07DA64B3313} => G:\Programm Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
Task: {5B556F1A-4EDB-4A24-AAAD-29E068DC9226} - System32\Tasks\{7B4A058A-CB0F-4B7F-B42A-E4B5D5A05492} => G:\Programm Steam\SteamApps\common\king's bounty - the legend\kb.exe
Task: {6947F0D1-77CF-4386-91E0-15F832F663F0} - System32\Tasks\{5DB3CBF1-E963-41F8-8D66-7B2B5326F253} => G:\Games\UFO\UFO.exe
Task: {6BAF110F-C054-4484-A7B2-0EDFD98C0A54} - System32\Tasks\{31DB9B5F-6111-42A9-9BAF-639B2A4E49CF} => G:\Games\UFO\UFO.exe
Task: {720FC47F-C2AB-42E9-B30A-283DEC6AA816} - System32\Tasks\{EEBD7601-F4B0-415D-8420-9DDD09613A3F} => pcalua.exe -a C:\Users\Varim\Desktop\HiJackThis204.exe -d C:\Users\Varim\Desktop
Task: {7AC5B884-25DC-43E0-A3DE-5F37238D504D} - System32\Tasks\{98360B80-EE9B-4C63-BBD3-D43EDB49BDBE} => G:\Games\UFO\UFO.exe
Task: {90CB2AF4-2037-438F-AF70-9AC29141BC86} - System32\Tasks\{EF7C48A0-08D4-4C42-84BC-BFE4D338044E} => pcalua.exe -a C:\Users\Varim\Desktop\sonyericssonpcsuite2.10.46.exe -d C:\Users\Varim\Desktop
Task: {97A14422-CC24-45C0-B90A-0E9A11A66B6F} - System32\Tasks\{D134496D-2C11-4B32-9352-163D3DCF189F} => G:\Games\UFO\UFO.exe
Task: {9CC10BAE-ABFF-4C86-9803-3D59E6C51512} - System32\Tasks\{7EC7BEC8-8076-4188-B540-0EEAFA22B04E} => pcalua.exe -a "C:\Users\Varim\Desktop\Programme Allgemein\HiJackThis204.exe" -d "C:\Users\Varim\Desktop\Programme Allgemein"
Task: {A10B7B6D-0C4F-40FD-B012-D03A17E866DC} - System32\Tasks\{83EF3BE8-D6F6-4F4F-B1AF-6A88FA7514A8} => G:\Games\UFO\UFO.exe
Task: {A5F5BD5C-9E95-420B-8923-90E1B9F41A47} - System32\Tasks\{C1CF29B0-E8C8-4927-8CBB-E2AB77DD8FB2} => G:\Programm Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
Task: {ABDBAFCC-B591-4445-BD14-C4C7D19C04D4} - System32\Tasks\{98F8E5A9-5000-4AEB-953B-A2F66386E1B6} => G:\Games\UFO\UFO.exe
Task: {AD6BF760-24B7-49F3-A7C7-DC10341294CA} - System32\Tasks\{91E7A90B-F7B5-407C-8924-ADE4A9732B80} => G:\Games\UFO\UFO.exe
Task: {B46818BE-03B6-4BB1-BFEE-8725D987A84B} - System32\Tasks\{48373D0B-8E3B-48E6-B56D-C410CAF65E70} => G:\Programm Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
Task: {C02EEE8A-9AB8-41E4-9E3C-9B168E76E53E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {C4E317CB-ED8A-4793-BDB7-336FF1AB20D1} - System32\Tasks\{6EE31714-BD9A-48B4-A476-BE506458645E} => G:\Programm Steam\SteamApps\common\king's bounty - the legend\kb.exe
Task: {C7CB2360-71BD-451C-9C11-0245A81C7B14} - System32\Tasks\{3A907643-022F-4E03-BBEC-A480CAE2E3EC} => pcalua.exe -a "C:\Program Files (x86)\VikingWorks\AOC UI Installer 3.1.0\AOC UI Installer.exe" -d "C:\Program Files (x86)\VikingWorks\AOC UI Installer 3.1.0\"
Task: {C9EC5672-EDC4-460C-8888-05291A52FCB8} - System32\Tasks\{1CB79120-1AFD-4131-B749-64290F5A6766} => G:\Games\UFO\UFO.exe
Task: {CAB2AB1E-1863-4D5A-BE38-AEFFBE131ACD} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2014-12-11] (Avira Operations GmbH & Co. KG)
Task: {E18FC07A-CE3F-4586-AB71-68B9754504EA} - System32\Tasks\{05EC61DD-17B5-458C-9A13-366ED19C00D3} => G:\Programm Steam\SteamApps\common\king's bounty - the legend\kb.exe
Task: {EBA11D6B-E5D6-4B19-AA60-7E8D196A1FC4} - System32\Tasks\{B72CF22D-FDA8-4295-A9C9-86ED8D7C54C1} => G:\Programm Steam\SteamApps\common\the walking dead\WalkingDead101.exe
Task: {F337518B-4662-4047-A03B-8CFD10982E48} - System32\Tasks\{FDDBB920-447E-44E7-89A2-498220A609BA} => G:\Programm Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
Task: {F99A780D-B8E9-4AC6-A3A8-CE47E0BD8AE5} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {FFE34344-707C-4D1A-B383-C6328BDDB5A2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-03-02 14:25 - 2014-10-16 15:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-08 01:59 - 2011-02-28 08:39 - 00211456 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll
2010-11-03 10:30 - 2010-11-03 10:30 - 00918144 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2010-12-02 03:15 - 2010-12-02 03:15 - 00915584 ____N () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2012-01-07 23:58 - 2010-10-21 10:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2012-12-08 14:17 - 2009-04-24 17:01 - 01683456 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\Monitor.exe
2012-01-07 23:49 - 2014-12-18 11:29 - 00023552 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2012-01-07 23:49 - 2010-06-29 03:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2012-01-08 14:49 - 2011-02-24 10:19 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2012-01-08 14:49 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2012-01-08 14:49 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2012-01-08 14:49 - 2011-05-06 16:53 - 01036800 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2012-01-08 14:49 - 2011-05-16 17:35 - 00965632 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2012-01-08 14:51 - 2010-12-03 16:12 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2012-01-08 14:49 - 2011-05-20 09:12 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2012-01-08 14:49 - 2011-04-07 17:33 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2012-01-08 14:49 - 2011-01-07 16:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2012-01-08 14:49 - 2010-08-06 18:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2012-01-08 14:49 - 2010-08-06 18:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2012-01-07 23:49 - 2010-08-23 03:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2012-01-08 14:49 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2012-12-08 14:17 - 2009-04-24 16:03 - 00090112 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\ACRHOOK.dll
2012-12-08 14:17 - 2009-04-24 16:03 - 00122880 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\ApplicationManager.dll
2012-12-08 14:17 - 2009-04-24 16:03 - 00053248 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\ErrorHandler.dll
2012-12-08 14:17 - 2009-04-24 16:03 - 00159744 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\DeviceManager.dll
2012-12-08 14:17 - 2009-04-24 16:03 - 00073728 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\ProtocolEngine.dll
2012-12-08 14:17 - 2009-04-24 16:03 - 00073728 _____ () C:\Program Files (x86)\LG Soft India\forteManager\bin\MonitorGerRes.dll
2014-12-17 21:14 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-13 21:01 - 2014-06-13 21:01 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-13 21:01 - 2014-06-13 21:01 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-13 21:01 - 2014-06-13 21:01 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2011-01-17 16:19 - 2012-01-08 16:19 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2010-11-19 18:45 - 2012-01-08 16:19 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:6378B6B8
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\startupfolder: C:^Users^Varim^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Varim\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
MSCONFIG\startupreg: DT ACR => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR
MSCONFIG\startupreg: EADM => "G:\Games\EA Origins\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: ISUSPM Startup => c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes Anti-Malware => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
MSCONFIG\startupreg: mRouterConfig => "C:\Program Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PC Suite for Smartphones => "C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10
MSCONFIG\startupreg: SansaDispatch => C:\Users\Varim\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "G:\Programm Steam\steam.exe" -silent
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
========================= Accounts: ==========================
Administrator (S-1-5-21-4200889192-1629483929-4223567121-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4200889192-1629483929-4223567121-1007 - Limited - Enabled)
fbwuser (S-1-5-21-4200889192-1629483929-4223567121-1013 - Limited - Enabled)
Gast (S-1-5-21-4200889192-1629483929-4223567121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4200889192-1629483929-4223567121-1002 - Limited - Enabled)
Varim (S-1-5-21-4200889192-1629483929-4223567121-1000 - Administrator - Enabled) => C:\Users\Varim
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/18/2014 11:51:47 AM) (Source: ESENT) (EventID: 439) (User: )
Description: avguard (1716) GaviDB_0: Die Shadowkopfzeile für Datei C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk konnte nicht geschrieben werden. Fehler -1032.
Error: (12/18/2014 11:51:47 AM) (Source: ESENT) (EventID: 490) (User: )
Description: avguard (1716) GaviDB_0: Versuch, Datei "C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (12/17/2014 11:25:55 PM) (Source: ESENT) (EventID: 439) (User: )
Description: avguard (1732) GaviDB_0: Die Shadowkopfzeile für Datei C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk konnte nicht geschrieben werden. Fehler -1032.
Error: (12/17/2014 11:25:55 PM) (Source: ESENT) (EventID: 490) (User: )
Description: avguard (1732) GaviDB_0: Versuch, Datei "C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (12/17/2014 10:45:47 PM) (Source: ESENT) (EventID: 439) (User: )
Description: avguard (1732) GaviDB_0: Die Shadowkopfzeile für Datei C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk konnte nicht geschrieben werden. Fehler -1032.
Error: (12/17/2014 10:45:47 PM) (Source: ESENT) (EventID: 490) (User: )
Description: avguard (1732) GaviDB_0: Versuch, Datei "C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (12/17/2014 10:01:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.27.25527, Zeitstempel: 0x546de85e
Name des fehlerhaften Moduls: ccgrdw.dll, Version: 14.0.7.462, Zeitstempel: 0x546f1aa2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011f1
ID des fehlerhaften Prozesses: 0x314
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3
Error: (12/17/2014 10:01:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei Avira.OE.AvConnector.AvConnectorNativeMethods.CreateInstance(System.Guid, System.String)
bei Avira.OE.AvConnector.AvConnectorNativeFactory`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CreateInstance(System.String)
bei Avira.OE.AvConnector.AvStatusReporter..ctor(System.String)
bei Avira.OE.AvConnector.AvStatusReporterFactory.Create()
bei Avira.OE.AvConnector.AvConnector.GetAvStatusData(Boolean)
bei Avira.OE.AvConnector.AvConnector.get_AvServiceStatusData()
bei Avira.OE.ServiceHost.ComputerAndServicesInfoFactory.SetPayloadForAntivirus(Avira.OE.ServiceHost.ComputerAndServicesInfo)
bei Avira.OE.ServiceHost.ComputerAndServicesInfoFactory.CreateComputerAndServicesInfo()
bei Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.UpdateCurrentComputerAndServiceInfo()
bei Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.get_CurrentComputerAndServiceInfo()
bei Avira.OE.Communicator.Communicator.SendAnonymousSyncStatus()
bei Avira.OE.Communicator.Communicator.SendMessageWithoutAuthentication(System.String)
bei Avira.OE.Communicator.CommunicatorService.SendMessageWithoutAuthentication(System.String)
bei DynamicClass.SyncInvokeSendMessageWithoutAuthentication(System.Object, System.Object[], System.Object[])
bei System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(System.Object, System.Object[], System.Object[] ByRef)
bei System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage41(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage4(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage3(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
bei System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
bei System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
bei System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
bei System.ServiceModel.Dispatcher.ChannelHandler.OnAsyncReceiveComplete(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.TransportDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
bei System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
bei System.ServiceModel.Channels.StreamConnection.OnRead(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Net.LazyAsyncResult.Complete(IntPtr)
bei System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
bei System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
bei System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
bei System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
bei System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
bei System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.ConnectionStream+IOAsyncResult.OnAsyncIOComplete(System.Object)
bei System.ServiceModel.Channels.PipeConnection.OnAsyncReadComplete(Boolean, Int32, Int32)
bei System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (12/17/2014 10:00:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe, Version: 1.1.27.25527, Zeitstempel: 0x546de85e
Name des fehlerhaften Moduls: ccgrdw.dll, Version: 14.0.7.462, Zeitstempel: 0x546f1aa2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011f1
ID des fehlerhaften Prozesses: 0x9b8
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.ServiceHost.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.ServiceHost.exe1
Pfad des fehlerhaften Moduls: Avira.OE.ServiceHost.exe2
Berichtskennung: Avira.OE.ServiceHost.exe3
Error: (12/17/2014 10:00:34 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei Avira.OE.AvConnector.AvConnectorNativeMethods.CreateInstance(System.Guid, System.String)
bei Avira.OE.AvConnector.AvConnectorNativeFactory`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CreateInstance(System.String)
bei Avira.OE.AvConnector.AvStatusReporter..ctor(System.String)
bei Avira.OE.AvConnector.AvStatusReporterFactory.Create()
bei Avira.OE.AvConnector.AvConnector.GetAvStatusData(Boolean)
bei Avira.OE.AvConnector.AvConnector.get_AvServiceStatusData()
bei Avira.OE.ServiceHost.ComputerAndServicesInfoFactory.SetPayloadForAntivirus(Avira.OE.ServiceHost.ComputerAndServicesInfo)
bei Avira.OE.ServiceHost.ComputerAndServicesInfoFactory.CreateComputerAndServicesInfo()
bei Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.UpdateCurrentComputerAndServiceInfo()
bei Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.get_CurrentComputerAndServiceInfo()
bei Avira.OE.Communicator.Communicator.SendAnonymousSyncStatus()
bei Avira.OE.Communicator.Communicator.SendMessageWithoutAuthentication(System.String)
bei Avira.OE.Communicator.CommunicatorService.SendMessageWithoutAuthentication(System.String)
bei DynamicClass.SyncInvokeSendMessageWithoutAuthentication(System.Object, System.Object[], System.Object[])
bei System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(System.Object, System.Object[], System.Object[] ByRef)
bei System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage41(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage4(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage3(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
bei System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
bei System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
bei System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
bei System.ServiceModel.Dispatcher.ChannelHandler.OnAsyncReceiveComplete(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.TransportDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
bei System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
bei System.ServiceModel.Channels.StreamConnection.OnRead(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Net.LazyAsyncResult.Complete(IntPtr)
bei System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
bei System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
bei System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
bei System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
bei System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
bei System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.ConnectionStream+IOAsyncResult.OnAsyncIOComplete(System.Object)
bei System.ServiceModel.Channels.PipeConnection.OnAsyncReadComplete(Boolean, Int32, Int32)
bei System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
System errors:
=============
Error: (12/18/2014 11:29:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobizen plugin" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/18/2014 06:46:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobizen plugin" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/18/2014 01:06:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobizen plugin" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/17/2014 10:31:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobizen plugin" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/17/2014 10:13:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobizen plugin" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/17/2014 10:13:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/17/2014 10:12:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/17/2014 10:01:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (12/17/2014 10:00:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/17/2014 10:00:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (12/18/2014 11:51:47 AM) (Source: ESENT) (EventID: 439) (User: )
Description: avguard1716GaviDB_0: C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk-1032
Error: (12/18/2014 11:51:47 AM) (Source: ESENT) (EventID: 490) (User: )
Description: avguard1716GaviDB_0: C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert
Error: (12/17/2014 11:25:55 PM) (Source: ESENT) (EventID: 439) (User: )
Description: avguard1732GaviDB_0: C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk-1032
Error: (12/17/2014 11:25:55 PM) (Source: ESENT) (EventID: 490) (User: )
Description: avguard1732GaviDB_0: C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert
Error: (12/17/2014 10:45:47 PM) (Source: ESENT) (EventID: 439) (User: )
Description: avguard1732GaviDB_0: C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk-1032
Error: (12/17/2014 10:45:47 PM) (Source: ESENT) (EventID: 490) (User: )
Description: avguard1732GaviDB_0: C:\ProgramData\Avira\AntiVir Desktop\EVENTDB\edb.chk-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert
Error: (12/17/2014 10:01:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.ServiceHost.exe1.1.27.25527546de85eccgrdw.dll14.0.7.462546f1aa2c0000005000011f131401d01a3c864b4d63C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exeC:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dlleef79d9a-862f-11e4-aae8-14dae9299161
Error: (12/17/2014 10:01:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei Avira.OE.AvConnector.AvConnectorNativeMethods.CreateInstance(System.Guid, System.String)
bei Avira.OE.AvConnector.AvConnectorNativeFactory`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CreateInstance(System.String)
bei Avira.OE.AvConnector.AvStatusReporter..ctor(System.String)
bei Avira.OE.AvConnector.AvStatusReporterFactory.Create()
bei Avira.OE.AvConnector.AvConnector.GetAvStatusData(Boolean)
bei Avira.OE.AvConnector.AvConnector.get_AvServiceStatusData()
bei Avira.OE.ServiceHost.ComputerAndServicesInfoFactory.SetPayloadForAntivirus(Avira.OE.ServiceHost.ComputerAndServicesInfo)
bei Avira.OE.ServiceHost.ComputerAndServicesInfoFactory.CreateComputerAndServicesInfo()
bei Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.UpdateCurrentComputerAndServiceInfo()
bei Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.get_CurrentComputerAndServiceInfo()
bei Avira.OE.Communicator.Communicator.SendAnonymousSyncStatus()
bei Avira.OE.Communicator.Communicator.SendMessageWithoutAuthentication(System.String)
bei Avira.OE.Communicator.CommunicatorService.SendMessageWithoutAuthentication(System.String)
bei DynamicClass.SyncInvokeSendMessageWithoutAuthentication(System.Object, System.Object[], System.Object[])
bei System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(System.Object, System.Object[], System.Object[] ByRef)
bei System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage41(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage4(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage3(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
bei System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
bei System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
bei System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
bei System.ServiceModel.Dispatcher.ChannelHandler.OnAsyncReceiveComplete(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.TransportDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
bei System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
bei System.ServiceModel.Channels.StreamConnection.OnRead(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Net.LazyAsyncResult.Complete(IntPtr)
bei System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
bei System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
bei System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
bei System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
bei System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
bei System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.ConnectionStream+IOAsyncResult.OnAsyncIOComplete(System.Object)
bei System.ServiceModel.Channels.PipeConnection.OnAsyncReadComplete(Boolean, Int32, Int32)
bei System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
Error: (12/17/2014 10:00:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.ServiceHost.exe1.1.27.25527546de85eccgrdw.dll14.0.7.462546f1aa2c0000005000011f19b801d01a3c74fef2ccC:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exeC:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dllbdf434c1-862f-11e4-aae8-14dae9299161
Error: (12/17/2014 10:00:34 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei Avira.OE.AvConnector.AvConnectorNativeMethods.CreateInstance(System.Guid, System.String)
bei Avira.OE.AvConnector.AvConnectorNativeFactory`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CreateInstance(System.String)
bei Avira.OE.AvConnector.AvStatusReporter..ctor(System.String)
bei Avira.OE.AvConnector.AvStatusReporterFactory.Create()
bei Avira.OE.AvConnector.AvConnector.GetAvStatusData(Boolean)
bei Avira.OE.AvConnector.AvConnector.get_AvServiceStatusData()
bei Avira.OE.ServiceHost.ComputerAndServicesInfoFactory.SetPayloadForAntivirus(Avira.OE.ServiceHost.ComputerAndServicesInfo)
bei Avira.OE.ServiceHost.ComputerAndServicesInfoFactory.CreateComputerAndServicesInfo()
bei Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.UpdateCurrentComputerAndServiceInfo()
bei Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.get_CurrentComputerAndServiceInfo()
bei Avira.OE.Communicator.Communicator.SendAnonymousSyncStatus()
bei Avira.OE.Communicator.Communicator.SendMessageWithoutAuthentication(System.String)
bei Avira.OE.Communicator.CommunicatorService.SendMessageWithoutAuthentication(System.String)
bei DynamicClass.SyncInvokeSendMessageWithoutAuthentication(System.Object, System.Object[], System.Object[])
bei System.ServiceModel.Dispatcher.SyncMethodInvoker.Invoke(System.Object, System.Object[], System.Object[] ByRef)
bei System.ServiceModel.Dispatcher.DispatchOperationRuntime.InvokeBegin(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage5(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage41(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage4(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage31(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage3(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage2(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage11(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.ImmutableDispatchRuntime.ProcessMessage1(System.ServiceModel.Dispatcher.MessageRpc ByRef)
bei System.ServiceModel.Dispatcher.MessageRpc.Process(Boolean)
bei System.ServiceModel.Dispatcher.ChannelHandler.DispatchAndReleasePump(System.ServiceModel.Channels.RequestContext, Boolean, System.ServiceModel.OperationContext)
bei System.ServiceModel.Dispatcher.ChannelHandler.HandleRequest(System.ServiceModel.Channels.RequestContext, System.ServiceModel.OperationContext)
bei System.ServiceModel.Dispatcher.ChannelHandler.AsyncMessagePump(System.IAsyncResult)
bei System.ServiceModel.Dispatcher.ChannelHandler.OnAsyncReceiveComplete(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.TransportDuplexSessionChannel+TryReceiveAsyncResult.OnReceive(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.SynchronizedMessageSource+ReceiveAsyncResult.OnReceiveComplete(System.Object)
bei System.ServiceModel.Channels.SessionConnectionReader.OnAsyncReadComplete(System.Object)
bei System.ServiceModel.Channels.StreamConnection.OnRead(System.IAsyncResult)
bei System.Runtime.Fx+AsyncThunk.UnhandledExceptionFrame(System.IAsyncResult)
bei System.Net.LazyAsyncResult.Complete(IntPtr)
bei System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
bei System.Net.Security.NegotiateStream.ProcessFrameBody(Int32, Byte[], Int32, Int32, System.Net.AsyncProtocolRequest)
bei System.Net.Security.NegotiateStream.ReadCallback(System.Net.AsyncProtocolRequest)
bei System.Net.AsyncProtocolRequest.CompleteRequest(Int32)
bei System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32)
bei System.Net.FixedSizeReader.ReadCallback(System.IAsyncResult)
bei System.Runtime.AsyncResult.Complete(Boolean)
bei System.ServiceModel.Channels.ConnectionStream+IOAsyncResult.OnAsyncIOComplete(System.Object)
bei System.ServiceModel.Channels.PipeConnection.OnAsyncReadComplete(Boolean, Int32, Int32)
bei System.ServiceModel.Channels.OverlappedContext.CompleteCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Runtime.Fx+IOCompletionThunk.UnhandledExceptionFrame(UInt32, UInt32, System.Threading.NativeOverlapped*)
bei System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)
CodeIntegrity Errors:
===================================
Date: 2014-12-17 17:29:46.192
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-17 17:29:46.161
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-17 17:29:33.826
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-17 17:29:33.796
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-17 17:29:05.212
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-17 17:29:05.182
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-17 17:28:52.042
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-17 17:28:52.010
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-17 17:28:29.243
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-17 17:28:29.206
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\MoboRobo\MoboroboAssDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 32%
Total physical RAM: 8168.83 MB
Available physical RAM: 5485.79 MB
Total Pagefile: 16335.84 MB
Available Pagefile: 13353.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:470.04 GB) (Free:301.94 GB) NTFS
Drive g: (Volume) (Fixed) (Total:461.37 GB) (Free:119.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 12974C8D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=470 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=461.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
18.12.2014, 18:26
| #2 | |
| /// the machine /// TB-Ausbilder    | Windows 7 : Task Manager zeigt mehrmals update.exe an. 100 % CPU Auslastung bei Interneteinwahl. Hi,
__________________meinst Du die hier: Zitat:
__________________ |
|
18.12.2014, 18:53
| #3 |
| | Windows 7 : Task Manager zeigt mehrmals update.exe an. 100 % CPU Auslastung bei Interneteinwahl. Hallo schrauber.
__________________Ich glaube es waren andere update.exe Prozesse. Derzeit scheint aber wieder alles ok zu sein. Jedenfalls habe ich keine 100 % CPU Auslastung mehr wenn ich mich ins Internet einwähle. Und keine 10 - 15 update.exe Einträge im Task-Manager. |
|
18.12.2014, 21:31
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7 : Task Manager zeigt mehrmals update.exe an. 100 % CPU Auslastung bei Interneteinwahl. Beobachte das mal, wenn es wieder kommt direkt nen frischen FRST scan machen und hier posten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7 : Task Manager zeigt mehrmals update.exe an. 100 % CPU Auslastung bei Interneteinwahl. |
| antivir, antivirus, auslastung, avira, bonjour, canon, combofix, computer, converter, cyberghost, desktop, dvdvideosoft ltd., firefox, flash player, google, helper, hijack, hijackthis, homepage, iexplore.exe, refresh, registry, security, software, super, svchost.exe, trojaner, trojaner board, virtualbox, windows, zugriff verweigert |
Linear-Darstellung
