| hellas.88 | 29.05.2015 18:24 |
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015 01
Ran by Zeus (administrator) on ZEUS-PC on 29-05-2015 20:16:14
Running from C:\Users\Zeus\Downloads\FRST-OlderVersion
Loaded Profiles: Zeus (Available Profiles: Zeus)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(DVDVideoSoft Ltd.) C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11860072 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [130048 2015-04-10] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Run: [GoogleChromeAutoLaunch_8C08A43057843DCE2F430EE89329B7BA] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1303872 2015-03-12] (Lavasoft)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2014-09-11]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://gr.yahoo.com/?fr=vmn&type=vmn__webcompa__1_0__ya__hp_WCYID10099_swoc_campaign_150314__yaie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {8C4AAEDA-F9FF-44d4-BA7F-DB7F55AE47D3} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
SearchScopes: HKU\S-1-5-21-65031845-1434384236-1651786591-1000 -> {B5906189-5FA6-4151-9547-065BDAE0B0B3} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Yahoo
FF Homepage: https://www.google.de/?gws_rd=ssl
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-17] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-17] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\abs@avira.com [2015-05-27]
FF Extension: Bing Search Engine - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\bingsearch.full@microsoft.com [2015-03-08]
FF Extension: Video Downloader Professional - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\ffext_basicvideoext@startpage24.xpi [2015-03-03]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-12]
FF Extension: Video DownloadHelper - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15]
FF Extension: Adblock Plus - C:\Users\Zeus\AppData\Roaming\Mozilla\Firefox\Profiles\iehuq9xm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-10]
FF HKU\S-1-5-21-65031845-1434384236-1651786591-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-06-22]
Chrome:
=======
CHR Profile: C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Brushed) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2015-04-20]
CHR Extension: (Adblock Plus) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-24]
CHR Extension: (Avira SafeSearch) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2015-05-24]
CHR Extension: (Video Downloader professional) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-05-24]
CHR Extension: (Links Checker) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh [2015-05-24]
CHR Extension: (Bookmark Manager) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-24]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-05-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-24]
CHR Extension: (No Name) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2015-05-24]
CHR Extension: (Google Wallet) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-24]
CHR Extension: (Battlelog Emblem Editor Extended) - C:\Users\Zeus\AppData\Local\Google\Chrome\User Data\Default\Extensions\noagedoiolkfaoaknohhepocfeooibjb [2015-05-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-19] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-19] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [205104 2015-04-10] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [619776 2015-01-15] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768 2015-03-12] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 WCUService_STC_FF; C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe [493384 2011-03-24] (Splashtop Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.3.0\LavasoftTcpService.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11832 2010-06-30] (Advanced Micro Devices Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
S3 AR9271; C:\Windows\System32\DRIVERS\athuwx.sys [2224160 2011-07-29] (Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-05] (Avira Operations GmbH & Co. KG)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-05-25] (Emsisoft GmbH)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-07-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [990864 2013-04-09] (Realtek Semiconductor Corporation )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-29 14:41 - 2015-05-29 20:12 - 00000000 ____D () C:\Users\Zeus\Desktop\battellog
2015-05-27 12:11 - 2015-05-27 12:11 - 00022186 _____ () C:\Users\Zeus\Downloads\AW- Kontaktformular ist eingegangen..html
2015-05-26 23:41 - 2015-05-26 23:41 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-05-26 23:41 - 2015-05-26 23:41 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-05-26 23:40 - 2015-05-26 23:40 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-26 23:14 - 2015-05-26 23:14 - 01197344 _____ () C:\Users\Zeus\Downloads\OpenOffice - CHIP-Installer.exe
2015-05-26 22:31 - 2015-05-27 12:11 - 16757701 _____ () C:\Users\Zeus\Desktop\AdwCleaner.zip
2015-05-26 21:10 - 2015-05-26 21:10 - 00003335 _____ () C:\Users\Zeus\Downloads\Abmeldung.html
2015-05-26 20:21 - 2015-05-26 20:21 - 00000000 ___SD () C:\ComboFix
2015-05-25 13:58 - 2015-05-25 13:59 - 00000000 ____D () C:\EEK
2015-05-25 13:54 - 2015-05-25 13:54 - 00006661 _____ () C:\Users\Zeus\Downloads\AW- Heirat in GRC.html
2015-05-25 13:46 - 2015-05-25 13:52 - 154486952 _____ () C:\Users\Zeus\Downloads\EmsisoftEmergencyKit.exe
2015-05-24 15:53 - 2015-05-28 11:49 - 00000000 ____D () C:\Users\Zeus\Desktop\hochzeit
2015-05-24 13:22 - 2015-05-24 13:23 - 02347384 _____ (ESET) C:\Users\Zeus\Downloads\esetsmartinstaller_deu.exe
2015-05-24 13:04 - 2015-05-29 20:16 - 00000000 ____D () C:\Users\Zeus\Downloads\FRST-OlderVersion
2015-05-22 23:47 - 2015-05-22 23:47 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ZEUS-PC-Windows-7-Ultimate-(64-bit).dat
2015-05-22 23:47 - 2015-05-22 23:47 - 00000000 ____D () C:\RegBackup
2015-05-22 23:41 - 2015-05-22 23:42 - 02720009 _____ (Thisisu) C:\Users\Zeus\Downloads\JRT.exe
2015-05-22 23:02 - 2015-05-25 14:59 - 00000000 ____D () C:\Users\Zeus\Desktop\Sicherheitsprogramme
2015-05-22 22:58 - 2015-05-24 13:11 - 00000000 ____D () C:\AdwCleaner
2015-05-22 22:35 - 2015-05-22 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-22 22:34 - 2015-05-22 22:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-22 22:34 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-22 22:34 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-22 22:31 - 2015-05-22 22:33 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Zeus\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-21 22:29 - 2015-05-21 22:29 - 00031698 _____ () C:\Users\Zeus\Downloads\docx (3)
2015-05-21 22:29 - 2015-05-21 22:29 - 00031698 _____ () C:\Users\Zeus\Downloads\docx (2)
2015-05-21 22:22 - 2015-05-21 22:22 - 00031698 _____ () C:\Users\Zeus\Downloads\docx (1)
2015-05-21 22:22 - 2015-05-21 22:22 - 00031698 _____ () C:\Users\Zeus\Downloads\docx
2015-05-21 12:22 - 2015-05-21 12:22 - 00028041 _____ () C:\ComboFix.txt
2015-05-21 11:54 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-21 11:54 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-21 11:54 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-21 11:54 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-21 11:54 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-21 11:54 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-21 11:54 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-21 11:54 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-21 11:53 - 2015-05-26 20:21 - 00000000 ____D () C:\Qoobox
2015-05-21 11:53 - 2015-05-21 12:19 - 00000000 ____D () C:\Windows\erdnt
2015-05-21 11:44 - 2015-05-21 11:52 - 05627500 ____R (Swearware) C:\Users\Zeus\Desktop\ComboFix.exe
2015-05-20 14:37 - 2015-05-20 14:37 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Zeus\Downloads\tdsskiller.exe
2015-05-20 14:36 - 2015-05-29 17:33 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-20 14:36 - 2015-05-22 23:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-20 14:36 - 2015-05-22 22:34 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-20 14:35 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-20 14:34 - 2015-05-20 14:35 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Zeus\Downloads\mbar-1.09.1.1004.exe
2015-05-20 00:05 - 2015-05-20 00:06 - 00046825 _____ () C:\Users\Zeus\Downloads\Addition.txt
2015-05-20 00:04 - 2015-05-29 20:16 - 00000000 ____D () C:\FRST
2015-05-20 00:04 - 2015-05-24 13:05 - 00030009 _____ () C:\Users\Zeus\Downloads\FRST.txt
2015-05-19 23:58 - 2015-05-24 13:04 - 02108416 _____ (Farbar) C:\Users\Zeus\Downloads\FRST64.exe
2015-05-19 21:02 - 2015-05-19 21:02 - 01219529 _____ () C:\Users\Zeus\Downloads\dmt3d.zip
2015-05-18 13:08 - 2015-05-18 13:08 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-05-17 20:01 - 2015-05-17 20:01 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\TuneUp Software
2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\Users\Zeus\AppData\Local\TuneUp Software
2015-05-17 20:01 - 2015-05-17 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2015-05-17 20:01 - 2014-07-16 10:24 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-05-17 20:01 - 2014-07-16 10:24 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-05-17 20:01 - 2014-07-16 10:24 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-05-17 20:00 - 2015-05-17 20:01 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2015-05-17 19:58 - 2015-05-17 20:09 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-05-17 19:58 - 2015-05-17 20:01 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-05-17 19:50 - 2015-05-17 19:57 - 28598072 _____ (TuneUp Software) C:\Users\Zeus\Downloads\TuneUpUtilities2014_34de-DE.exe
2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieUserList
2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieSiteList
2015-05-12 22:08 - 2015-05-12 22:08 - 00000000 __SHD () C:\Users\Zeus\AppData\Local\EmieBrowserModeList
2015-05-10 13:48 - 2015-05-10 13:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Users\Zeus\AppData\Local\TomTom
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2015-05-10 13:44 - 2015-05-10 13:44 - 00000000 ____D () C:\Program Files (x86)\MyDrive Connect
2015-05-10 13:40 - 2015-05-10 13:42 - 23308160 _____ (TomTom International B.V.) C:\Users\Zeus\Downloads\InstallMyDriveConnect.exe
2015-04-30 08:21 - 2015-04-30 08:21 - 00000025 _____ () C:\Users\Zeus\Desktop\speicher.vbs
2015-04-30 01:29 - 2015-04-30 01:29 - 00146145 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS
2015-04-30 01:29 - 2015-04-30 01:29 - 00000274 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS.part
2015-04-30 01:28 - 2015-04-30 01:28 - 00385602 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS
2015-04-30 01:28 - 2015-04-30 01:28 - 00000220 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS.part
2015-04-30 01:17 - 2015-04-30 01:19 - 00007609 _____ () C:\Users\Zeus\AppData\Local\Resmon.ResmonCfg
2015-04-30 00:26 - 2015-04-30 00:26 - 00000027 _____ () C:\Users\Zeus\Documents\vbs.txt
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-29 20:00 - 2015-03-03 15:45 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-29 19:53 - 2015-04-16 18:24 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-29 19:17 - 2014-06-23 15:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-29 17:28 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-29 14:56 - 2014-06-22 15:47 - 01237016 _____ () C:\Windows\WindowsUpdate.log
2015-05-29 14:35 - 2009-07-14 07:45 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-29 14:35 - 2009-07-14 07:45 - 00014336 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-29 14:26 - 2015-03-03 15:45 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-29 14:26 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-29 14:26 - 2009-07-14 07:51 - 00048040 _____ () C:\Windows\setupact.log
2015-05-27 00:56 - 2014-06-22 15:55 - 00064504 _____ () C:\Users\Zeus\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-27 00:55 - 2009-07-14 07:45 - 00295360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-26 23:49 - 2014-06-22 19:23 - 00000000 ____D () C:\Users\Zeus\Desktop\Programme
2015-05-26 23:40 - 2014-11-15 18:10 - 00000000 ____D () C:\Users\Zeus\AppData\Local\Adobe
2015-05-26 23:39 - 2014-11-18 17:54 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-05-26 20:15 - 2015-03-03 17:29 - 00000000 ____D () C:\Users\Zeus\Desktop\KINOFILME
2015-05-24 21:11 - 2015-03-03 15:45 - 00004116 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-24 21:11 - 2015-03-03 15:45 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-22 23:22 - 2014-06-22 17:19 - 00375762 _____ () C:\Windows\PFRO.log
2015-05-21 22:22 - 2015-03-03 17:28 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\FLV and Media Player
2015-05-21 12:22 - 2009-07-14 06:20 - 00000000 __RHD () C:\Users\Default
2015-05-21 12:10 - 2009-07-14 05:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-20 20:06 - 2014-06-22 15:50 - 00000000 ____D () C:\Users\Zeus\AppData\Local\VirtualStore
2015-05-20 17:49 - 2015-03-08 19:08 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\Skype
2015-05-19 16:43 - 2014-06-22 16:39 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-19 16:43 - 2014-06-22 16:39 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-18 23:03 - 2014-10-11 19:09 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-05-17 20:09 - 2015-03-01 20:52 - 00000000 ____D () C:\Users\Zeus\AppData\Local\Downloaded Installations
2015-05-17 20:09 - 2014-06-22 17:15 - 00000000 ___HD () C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2015-05-14 01:22 - 2014-06-22 17:54 - 00000000 ____D () C:\Users\Zeus\Desktop\Bilder
2015-05-11 22:55 - 2009-07-14 20:58 - 00696832 _____ () C:\Windows\system32\perfh007.dat
2015-05-11 22:55 - 2009-07-14 20:58 - 00148128 _____ () C:\Windows\system32\perfc007.dat
2015-05-11 22:55 - 2009-07-14 08:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-11 13:21 - 2014-06-22 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-30 09:03 - 2014-06-23 15:48 - 00000000 ___RD () C:\Users\Zeus\Desktop\musik
2015-04-30 07:39 - 2014-06-22 15:50 - 00000000 ____D () C:\Users\Zeus
2015-04-30 07:38 - 2015-03-12 22:37 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-04-30 07:38 - 2015-03-03 17:44 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\FreeFLVConverter
2015-04-30 07:38 - 2015-03-03 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-30 07:38 - 2014-06-22 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-04-30 07:38 - 2014-06-22 18:07 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-04-30 07:38 - 2014-06-22 18:05 - 00000000 ____D () C:\Users\Zeus\AppData\Roaming\DVDVideoSoft
2015-04-30 07:37 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\registration
==================== Files in the root of some directories =======
2015-04-30 01:28 - 2015-04-30 01:28 - 0385602 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS
2015-04-30 01:28 - 2015-04-30 01:28 - 0000220 _____ () C:\Users\Zeus\AppData\Local\5D515C96_stp.CIS.part
2015-04-30 01:29 - 2015-04-30 01:29 - 0146145 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS
2015-04-30 01:29 - 2015-04-30 01:29 - 0000274 _____ () C:\Users\Zeus\AppData\Local\708F4E7A_stp.CIS.part
2015-04-30 01:17 - 2015-04-30 01:19 - 0007609 _____ () C:\Users\Zeus\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Zeus\AppData\Local\Temp\avgnt.exe
C:\Users\Zeus\AppData\Local\Temp\Quarantine.exe
C:\Users\Zeus\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-24 01:17
==================== End of log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01
Ran by Zeus at 2015-05-29 20:17:05
Running from C:\Users\Zeus\Downloads\FRST-OlderVersion
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-65031845-1434384236-1651786591-500 - Administrator - Disabled)
Gast (S-1-5-21-65031845-1434384236-1651786591-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-65031845-1434384236-1651786591-1004 - Limited - Enabled)
Zeus (S-1-5-21-65031845-1434384236-1651786591-1000 - Administrator - Enabled) => C:\Users\Zeus
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Web Companion (x32 Version: 1.1.922.1860 - Lavasoft) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\AmUStor) (Version: 20.22.2217.13862 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.22.2217.13862 - Alcor Micro Corp.) Hidden
ATI Catalyst Install Manager (HKLM\...\{DDD72DB8-BB69-1AE3-9E21-BFD1CB87AEDF}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Avira (HKLM-x32\...\{d8490d5d-0f24-4000-b2e4-4b500a9a704d}) (Version: 1.1.35.25717 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.35.25717 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Avira Savings Advisor (HKLM-x32\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Easy Tune 6 B11.0704.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0704.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FLV and Media Player 4.2.1.1 (HKLM-x32\...\FLV and Media Player) (Version: 4.2.1.1 - Applian Technologies)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free FLV Converter V 7.6.2 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.2.0 - Koyote Lab Inc.)
Free M4a to MP3 Converter 8.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free YouTube Download version 3.2.55.301 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.55.301 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
LavasoftTcpService (x32 Version: 2.3.3.0 - Lavasoft) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30320 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MyDriveConnect 4.0.2.2123 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.2.2123 - TomTom)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - )
Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.19.0 - Lenovo Group Limited)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Splashtop Connect for Firefox (HKLM-x32\...\{45D49CA7-D7D8-4659-B35A-EBD98C30AF28}) (Version: 1.1.8.4 - Splashtop Inc.)
Splashtop Connect IE (HKLM-x32\...\{3B983EFD-6E37-4AD9-9A7D-8C83E61674F7}) (Version: 1.1.13.1 - Splashtop Inc.)
TP-LINK TL-WN8200ND Treiber (HKLM-x32\...\{FDA7E907-6539-42C1-9721-0239C281B336}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Web Companion (HKLM-x32\...\{902C3D36-9254-437D-98AC-913B78E60864}_WebCompanion) (Version: 1.1.922.1860 - Lavasoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
17-05-2015 19:58:59 TuneUp Utilities 2014 wird installiert
21-05-2015 11:54:09 ComboFix created restore point
26-05-2015 23:38:27 OpenOffice 4.1.1 wird installiert
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:34 - 2014-06-22 16:01 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {191367D4-F00C-44A2-A017-0FCC8371B805} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {2A6679B7-6C96-453A-B354-EA3595422F92} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {34291951-AB4F-490B-AE70-A37914A51A4C} - System32\Tasks\{DD5BC084-286B-40E6-8F3F-DD5960FAE55A} => pcalua.exe -a C:\Users\Zeus\AppData\Local\Temp\Temp1_TL-WN821N_100428_DE.zip\Setup-win7.exe
Task: {5192145D-CD85-4787-804E-5F8840185308} - System32\Tasks\{1F1D1F9D-37B7-4D69-81CE-56BD484D8CD9} => pcalua.exe -a C:\Users\Zeus\AppData\Local\Temp\Temp1_TL-WN821N_V4_Driver.zip\TL-WN821N_v4_Driver\Setup.exe
Task: {7C8CEB7D-19E5-401F-86C0-D0F2899D8C28} - System32\Tasks\Opera scheduled Autoupdate 1410268254 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)
Task: {93D4F73C-37CC-452E-948C-88D06F645F5E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {AB13EBFC-1999-4629-887C-D11C7FD608D5} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
Task: {ACFA591D-C425-4D03-B274-018A7DC8C16E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
Task: {D65BDFB8-5C77-4B48-98DC-4CDFC8DF5D08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-09-11 12:42 - 2013-04-09 11:55 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2011-06-07 23:11 - 2011-06-07 23:11 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-09-11 12:42 - 2013-04-09 11:55 - 01401856 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\nicLan.dll
2014-09-11 12:42 - 2013-04-09 11:55 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\DC_WFF.dll
2014-09-11 12:42 - 2013-04-09 11:55 - 00297472 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\WJRtl.dll
2015-05-26 05:02 - 2015-05-22 23:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 05:02 - 2015-05-22 23:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 17:46 - 2012-02-22 17:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 23:40 - 2012-01-05 23:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2015-05-26 05:02 - 2015-05-22 23:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll
2014-06-22 18:07 - 2015-03-01 18:39 - 00113320 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\zlib1.dll
2014-06-22 18:07 - 2015-03-01 18:39 - 00301224 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\stat.dll
2015-03-14 19:12 - 2015-03-01 18:39 - 00106664 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\boost_filesystem-vc120-mt-1_56.dll
2015-03-14 19:12 - 2015-03-01 18:39 - 00022696 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\boost_system-vc120-mt-1_56.dll
2015-03-14 19:12 - 2015-03-01 18:39 - 00046760 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\boost_date_time-vc120-mt-1_56.dll
2014-06-22 18:07 - 2015-03-01 18:34 - 00085672 _____ () C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\suhvadapter.dll
2014-06-22 18:07 - 2015-03-01 18:39 - 00041640 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\jansson.dll
2015-03-14 19:12 - 2015-03-01 18:39 - 00088744 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_thread-vc120-mt-1_56.dll
2015-03-14 19:12 - 2015-03-01 18:39 - 00030888 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_chrono-vc120-mt-1_56.dll
2014-06-22 18:07 - 2015-03-01 18:33 - 00062120 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mmconv-pinv.dll
2014-06-22 18:07 - 2015-03-01 18:34 - 00027304 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\mminfo-pinv.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-65031845-1434384236-1651786591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Zeus\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{8C7A61EE-7833-4F77-9377-B7C4A7B7609E}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{96490CE0-1C32-40D3-971F-E0992116D9B2}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{FDB93697-5175-4B8E-A6F5-058E434A44B9}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{94BB7645-CF74-4264-886D-CBED8032B54F}] => (Allow) LPort=2869
FirewallRules: [{DC6B9843-FA71-4362-8713-EC6FB7F66F9C}] => (Allow) LPort=1900
FirewallRules: [{6C98B2AC-47C1-4345-9AFE-E005F502A36B}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{36D112A2-FF2C-4134-8A2C-565C6E67AD92}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{FD7EFE41-AB56-4E3A-B540-C8D59C0EC4A5}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{CE95C921-9B90-40AD-B5BA-B58D2E52F6EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3110DA2-4795-41B2-ADEE-7E09309EE610}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{09FFFB11-B658-4E1A-9A89-44A226A23717}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
FirewallRules: [{8BED0B5D-1EFA-45B2-BD68-285FEB45C7C2}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
FirewallRules: [{D3ED4C06-1BCA-40B2-A3BC-233C0B81FBC0}] => (Allow) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
FirewallRules: [TCP Query User{4647FFA1-838C-4126-8952-D7FBC5BDD6A9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{47D1648E-A8E8-4DD6-8373-F3F572AC3895}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9FF0DC4A-C1D3-4A33-8DB9-526FEF98EF7D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7F278949-5A85-4856-8E32-657FD17F3F25}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{35F63927-47FB-49C7-8E0E-AA70C5401B25}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{2DFC8961-8C5F-402C-A389-B0D28515A3B7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/26/2015 11:38:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (05/26/2015 11:38:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
.
Error: (05/26/2015 00:46:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/24/2015 05:43:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TWCU.exe, Version: 0.0.0.0, Zeitstempel: 0x516270de
Name des fehlerhaften Moduls: RtlLib.dll, Version: 700.1067.330.2011, Zeitstempel: 0x4d93eea6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001df9
ID des fehlerhaften Prozesses: 0xa3c
Startzeit der fehlerhaften Anwendung: 0xTWCU.exe0
Pfad der fehlerhaften Anwendung: TWCU.exe1
Pfad des fehlerhaften Moduls: TWCU.exe2
Berichtskennung: TWCU.exe3
Error: (05/24/2015 02:55:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/24/2015 02:52:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/24/2015 01:28:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (05/14/2015 07:17:13 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen
Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0x80072EFD) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.
Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails.
hr=0x80072EFD
System errors:
=============
Error: (05/29/2015 07:51:46 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/29/2015 06:55:31 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:
Error: (05/29/2015 02:26:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/29/2015 00:41:08 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (05/28/2015 10:57:01 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/28/2015 10:52:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (05/28/2015 09:59:04 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (05/28/2015 08:05:04 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/28/2015 08:04:35 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (05/28/2015 08:04:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1070
Microsoft Office:
=========================
Error: (05/26/2015 11:38:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
Error: (05/26/2015 11:38:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : GetNextFileMapContent() failed.
System Error:
Falscher Parameter.
Error: (05/26/2015 00:46:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\Zeus\downloads\esetsmartinstaller_deu.exe
Error: (05/24/2015 05:43:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TWCU.exe0.0.0.0516270deRtlLib.dll700.1067.330.20114d93eea6c000000500001df9a3c01d0962f2901dfddC:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exeC:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\RtlLib.dll31d3070f-0223-11e5-aace-50e5495b3fda
Error: (05/24/2015 02:55:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (05/24/2015 02:52:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Zeus\Downloads\esetsmartinstaller_deu.exe
Error: (05/24/2015 01:28:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Zeus\Downloads\esetsmartinstaller_deu.exe
Error: (05/14/2015 07:17:13 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen
Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0x80072EFD66c92734-d682-4d71-983e-d6ec3f16059f
Error: (04/23/2015 05:40:06 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: hr=0x80072EFD00010001(0x00000000, 17:39:55:366 - hxxp://go.microsoft.com/fwlink/?LinkId=151642)
00020001(0x00000000, 17:39:55:367)
00030001(0x00000000, 17:39:55:368 - hxxp://go.microsoft.com)
00030002(0x00000000, 17:39:55:368 - 0)
00040001(0x00000000, 17:39:55:368 - hxxp://go.microsoft.com)
00040002(0x00000000, 17:39:55:374 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 17:40:02:449 - <NULL>)
00040006(0x00000000, 17:40:02:449 - 1, hxxp://go.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 17:40:02:449 - 0)
0002000C(0x00000000, 17:40:02:677 - 302)
0002000E(0x00000000, 17:40:02:677 - https://validation.sls.microsoft.com/SLWGA/slwga.asmx)
00020001(0x00000000, 17:40:02:677)
00030001(0x00000000, 17:40:02:677 - https://validation.sls.microsoft.com)
00030002(0x00000000, 17:40:02:677 - 0)
00040001(0x00000000, 17:40:02:677 - https://validation.sls.microsoft.com)
00040002(0x00000000, 17:40:02:697 - 1, <NULL>, <NULL>, <NULL>)
00040004(0x80072F94, 17:40:05:259 - <NULL>)
00040006(0x00000000, 17:40:05:259 - 1, https://validation.sls.microsoft.com, <NULL>, <local>)
00020005(0x00000000, 17:40:05:259 - 0)
00020008(0x80072EFD, 17:40:06:262 - SOAPAction: "hxxp://microsoft.com/SL/GenuineAdvantageService/IssueToken"
Content-Type: text/xml; charset=utf-8
, <soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:soapenc="hxxp://schemas.xmlsoap.org/soap/encoding/"><soap:Body><RequestSecurityToken xmlns="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust"><TokenType>SLWGA</TokenType><RequestType>hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust/Issue</RequestType><UseKey><Values xsi:nil="1"/></UseKey><Claims><Values xmlns:q1="hxxp://schemas.xmlsoap.org/ws/2004/04/security/trust" soapenc:arrayType="q1:TokenEntry[5]"><TokenEntry><Name>GenuineAdvantagePhase</Name><Value>GenuineAdvantagePhase1</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageVersion</Name><Value>1.0</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageTemplateId</Name><Value>66c92734-d682-4d71-983e-d6ec3f16059f</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageClientTransactionId</Name><Value>237bd71b-b3a2-4f1d-bb78-df7f8aec3f5b</Value></TokenEntry><TokenEntry><Name>GenuineAdvantageClientToken</Name><Value><clienttoken><token><name>ClientEvent</name><type>EventType</type><value>0x00000012</value></token><token><name>ADMIN:FirstValidation</name><type>Info</type><value>1</value></token><token><name>ADMIN:MachineId</name><type>Info</type><value>68nHrEQXmoShpceO+X1EdeJxmRUHvz6NYBgo82FT/lk=</value></token><token><name>ADMIN:NumberTimesNonGenuine</name><type>Info</type><value>0</value></token><token><name>ADMIN:RemainingRearmCount</name><type>Info</type><value>4</value></token><token><name>ADMIN:TimeNonGenuine</name><type>Info</type><value>0</value></token><token><name>ADMIN:TotalValidations</name><type>Info</type><value>0</value></token><token><name>ADMIN:UGUID</name><type>Info</type><value>83194d9d-2864-4f51-b5d9-95d1c2a6cd16</value></token><token><name>AUOptionsLocal</name><type>Info</type><value>2</value></token><token><name>ActiveSkuDescription</name><type>Info</type><value>Windows Operating System - Windows(R) 7, OEM_SLP channel</value></token><token><name>ActiveSkuId</name><type>Info</type><value>7cfd4696-69a9-4af7-af36-ff3d12b6b6c8</value></token><token><name>CodeSigning</name><type>Info</type><value>SIGNED_INFO_PRS_SIGNED</value></token><token><name>DomainJoined</name><type>Info</type><value>false</value></token><token><name>EditionId</name><type>Info</type><value>Ultimate</value></token><token><name>HROffline</name><type>Info</type><value>0x00000000</value></token><token><name>OSVersion</name><type>Info</type><value>6.1.7601.2.00010100.1.0.001</value></token><token><name>OfflineGenuineBlob</name><type>Info</type><value>zv4KvSFwbZ7G46SSImjYQ6rG1rd1/lGD8wrqsSKhsMl6kammAbskXR69a9a60dy//TozcFAMykAEB3wjtSnCo24E6G5hwCWclngHjpEVA/Qyz4j5w35IrK9L3HQLik6F69icRX+LuLm/hRPi89Euc/ywiaYCrXvUACd9xnUANik1xaUYQmfnMeWaidsaYNEExEu/FR6YdtpWtUnNiz19uX8AoIePXwtcqzCwrF8wST4jIkp81qriwvZPu6XkeaaZE3E095vrqqktCqSnzfRfR+kNHzvmvRu7kojviuCvkhRf+q9Ey3yD5cgbuPzQoWHYp8/6Fqc8B+D3fOJN0Rml2P1a7yh6KSqzweqPWtJa++fFC5la+davQRCtq9VNaMGLuZdvwnrKETrlM41ToaTG//76kjGCwPE78EeBBY/em9QUHkGN6gQQYugdFSPn1BBe66MfENEEjXnQc2Nd5Ar92+rxSxNIt063vQDndYUNzMy6Nt9l8D8xbWSM1t7gLQVgVtRIuKvMNwJUztQKekPHsLOSOWV7wFPxQpqUh02MtpCN16dpy96hNWANARwmZ+tW/s2rDFkK5r3aq/qU84+IlWvfm5mOrzT3t5M1fB7WhkaHK/xCCUIMfuT3ukrgxzQCugq1JyYOKuAlrGtBSy55jwpOcbh7WTVnTgkCSFMeXkVAs7vrGzFUx1cGQVkO37HTBYgnX1FpaluMaM0pNLjwQ3QEs/7vF5kGKh9cztVSl5QPt0iKq4GUekCrkn/Y1Fk+it8H1UrRP7nzjkEYu1x5fBaXx8fqTksB36xT+xk+STlUJky326/KKwT1UUqpHEImh0qPsfINE/16gw8nVCluPtiCibcvvGxq/Itf9HNZY89W50csLRrfxZKKae2m+ISQq7w+gLSiJjSjqQ+3bb56F0s+VywGABsi6X4zlhzGj2xa+yRHuvt8qr+rTO8zVPRWr7jrSsXGRwaT1rv1gVl/aMu2Owu95AdWMQGIaHCCuyezhw2E7Pp/qaBvVCRC2hKqcQD5FvjEKj8T38E2f26N+oMCwIxJacZxclHln0Df3gYtdh5cHDJ+ecKCZvRV/gUgygW7AUG7JQga35A7D5PlM0yhng6oMNVQLgFes2dkxeghGMErauAqTlZoicOATO09iQ7gpkWNyK3/7W3BqFaQt2pRkiqKlwveNpji/VXes+dRqUf5y9o+qsA/t4bIA0s7vtu1El1gzY7+hyy9US6FXf89CP+VZoVtWfSaFaYYvOIm2R1fvjG8VOJaDrlvNMXTptXO5yzgGZyLTw77xGuFT4Qox8IHE8LCLx+V1n4+aHdi0ATHIK3YBDgidIk2RfTZHDyIJ0S4OKrdXzrAT/PK/U+nP4YdkfA95+ohSuAuho3MgGuAKeBcyhScXsQShPfOVp9QCyYpagOL0uO1UxMsWYw/hrwvZeUwzepQDe/RKjcq3sW5GpUrRYrpD1KS8PP4h6XbF7x2yt70Fu+VnuLyKcBJ/5n6y0c8NDtPu+F+NKOl+Hj2LVR/NK2OdJ61+pZCFCtyyQQJbq1YqcfUO8hobZtESiA+Ffi5/p3xkDlQB16iCYkKGOFYr9DWzmkzu5QVr4dYcsgznXOPh7kIqlS3iClEZ0EhVHxk95NdhmoFQ/5XrQ93vSOM3vcPqxr0ffMLC5xgVm0N8rdBH1o84eEddfeYGygsR+r4asjD6RgK82gM+ZmFRJd6nnzKI9yi6qhs2uty62lYsXF594pPi/fnefptcra+EVY+z1cIcoXi40HUvFsJeD8jOjCbmefvEZIibBvVq8+30Z+hYHmYpISs/v4Y19T9OdiD8xRpaDSu9kjL6PsbxdJx54dQZ3neGX43B5LAvRb0pQHP1kG0VCosLm74tuSueJdK/kjOiKCdLj0zkYsd2wNX1IbLQ+y+gHYd7CpfwJl033pKXxyolCsS+9chliPpazoH/AORGvvUAb43PG+jnjrnLTK2B9uj5bati+xAniY32ZQtEVsMm5ikIm5bZAownhdQUBiKJzvRfmjNO87VdcXzu8mvLNBSMjMufH8dWtYbuGy/Kl2VDcefpbzRIm7XuukI5NDbTMoBVTXQKgg8ypmev+6UrcVTwabXvxnhso8J+igFKwrmCBwZARW1UT4NtDjG2yC/43wavBp2C2TCbe4hz0bny58mHHHgoMO/78KwdwLgYwlhkViKKRo2ov/JMegCkU+f/1r64SaIV09TSqiyCKPKify69DraZjozv1Y3MSN/6f7cZaltYX/jH2pW4J1yjyvPXnGjp0iTVoMF53YTlurycuFs+JZFbbGggEnw5D823I1kWpc3X22BxiJsp2LKZPIhpij/Ad4FKQki2JcN4s5HAfbxXo+iqdDY7VfFSjxidgm10baGh6IaO0hW4YA0cg6NHn5191aBS9Q4xpgBWCEpnzULNS5re76HbgoW7iJPWnmX7Ps0vZYdto41GFN1wxlI6jq/pN5Sl0N+uy0M8pCx0oo1pkgLTHmMkPp+dGzgjg5DQnc37pYZtLcclowN80ofXsNubMre0XYair2pbgckymXWKatT5AzKexo4V8zSRXbXKC4YF91sfPnDDLJrT02EFJkyGbSo4JVRgoPngEzYdw5M6nYThhgww7HBgkuHzehBsJjXxM6rbj1cw6553WbDhJTUM3gFOPD3vlggCb+7aJUeROAbxB7Yikx5uJwYe+micnajJW2OEKinqzDwvratS/x9weZ49N2zJJRYYel0cteRF4sV14XY/0CiD8wGvfgLOn8hfV0zGpmN15uRLGZmzlvvWRrSs/Doa/AdZw/CfqPTtcf1NYTnWnuy9VKMIEBVzkePK7gztmUIGFTtrAK42CcnaQZ/6aUOGDP4/OwWhIHNQD6Sis8dEALTqYyFIdrLY77j5y9/9XPbL0Lmsh0oKAfhoWduBFr6wK/3V4vF8m0V8LjgOCosV9ynxHGGIxezcbax31d/26KhLoK0cKJwnNMaWpoTZsT7C8UGGs4vZwve5Pv5</value></token><token><name>OfflineInstallationId</name><type>Info</type><value>006134351525108221474195581264706331605336839035988556</value></token><token><name>PackageFlavor</name><type>Info</type><value>Windows</value></token><token><name>PackageVersion</name><type>Info</type><value>7.1.7600.16395</value></token><token><name>PartnerId</name><type>Info</type><value>Windows</value></token><token><name>ProcessorArchitecture</name><type>Info</type><value>x64</value></token><token><name>ProductLCID</name><type>Info</type><value>1031</value></token><token><name>ProductName</name><type>Info</type><value>Windows 7 Ultimate</value></token><token><name>ProductUniquenessGroups</name><type>Info</type><value>66c92734-d682-4d71-983e-d6ec3f16059f</value></token><token><name>ServiceAvailable</name><type>Info</type><value>true</value></token><token><name>SystemLCID</name><type>Info</type><value>1031</value></token><token><name>UserLCID</name><type>Info</type><value>1031</value></token><token><name>WMI:Win32_ComputerSystem:Manufacturer</name><type>Info</type><value>Gigabyte Technology Co., Ltd.</value></token><token><name>WMI:Win32_ComputerSystem:Model</name><type>Info</type><value>GA-A75M-S2V</value></token><token><name>WMI:Win32_OperatingSystem:InstallDate</name><type>Info</type><value>20140622155009.000000+180</value></token></clienttoken></Value></TokenEntry></Values></Claims></RequestSecurityToken></soap:Body></soap:Envelope>)
00010002(0x80072EFD, 17:40:06:271 - <NULL>)
00010003(0x80072EFD, 17:40:06:271)
CodeIntegrity Errors:
===================================
Date: 2015-05-21 12:02:14.718
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-05-21 12:02:14.671
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 16:12:52.056
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Zeus\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 16:12:52.056
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Zeus\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 16:12:45.207
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-22 16:12:45.207
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD A6-3670 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 73%
Total physical RAM: 3581.37 MB
Available physical RAM: 941.67 MB
Total Pagefile: 7160.93 MB
Available Pagefile: 3090.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:381.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F32986E2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of log ============================
also der computer lauft in letzter zeit ganz gut :) |
