| |
| |||||||
Log-Analyse und Auswertung: Download/Installation von Updates nicht möglichWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
14.08.2013, 10:22
| #1 |
 |  Download/Installation von Updates nicht möglich Hallo, Nachdem ich meinen Laptop während meines Auslandsaufenthalts meiner Schwester für ein Jahr zur Benutzung überlassen habe, war es mir nicht möglich Avira, Windows Defender, Firefox Plugins und Windows Updates zu aktualisieren. Bisher unternommene Maßnahme: Deinstellation von Avira -> CCleaner -> Neuinstallation. Keine Veränderung. Vielen Dank schonmal im Vorraus für die Hilfe ---------------------------- Die Protokolle: Avira Report: Code:
ATTFilter Avira Free Antivirus Updater
Vollständiges Produktupdate
Erstellungszeitpunkt: Mittwoch, 14. August 2013 09:48:39
Betriebssystem:
Windows 7 Home Premium (Service Pack 1) [6.1.7601] 64 bit
Produktinformationen:
Produktversion: 13.0.0.3885
Updater: C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe 13.6.14.1550
Updaterresource: C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll 13.6.0.1550
Bibliothek: C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll 1.0.0.9
Plugin: C:\Program Files (x86)\Avira\AntiVir Desktop\updext.dll 13.6.0.1626
GUI: C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll 13.6.3.1626
Temporäres Verzeichnis: C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\
Backupverzeichnis: C:\ProgramData\Avira\AntiVir Desktop\BACKUP\
Installationsverzeichnis: C:\Program Files (x86)\Avira\AntiVir Desktop\
Updaterverzeichnis: C:\Program Files (x86)\Avira\AntiVir Desktop\
AppData Verzeichnis: C:\ProgramData\Avira\AntiVir Desktop\
Verbindungseinstellungen:
- Verbindungsart: Webserver
- Übertragungstyp: Vorhandene Verbindung
- Proxyeinstellungen: Verwende Systemeinstellungen
09:48:39 [UPD] [INFO] Prüfe ob neuere Dateien zur Verfügung stehen.
09:48:39 [UPD] [INFO] Wähle Updateserver 'hxxp://80.190.148.75/update'.
09:48:39 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.75/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:39 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:39 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:39 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.75/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:39 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:39 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:39 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.75/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:39 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:39 [UPD] [INFO] Wähle Updateserver 'hxxp://89.105.213.17/update'.
09:48:39 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.17/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:39 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:39 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:39 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.17/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.17/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPD] [INFO] Wähle Updateserver 'hxxp://89.105.213.18/update'.
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.18/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.18/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://89.105.213.18/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPD] [INFO] Wähle Updateserver 'hxxp://80.190.148.74/update'.
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.74/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.74/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://80.190.148.74/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPD] [INFO] Wähle Updateserver 'hxxp://208.111.128.7/update'.
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://208.111.128.7/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://208.111.128.7/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://208.111.128.7/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPD] [INFO] Wähle Updateserver 'hxxp://68.142.118.254/update'.
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://68.142.118.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://68.142.118.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:40 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:40 [UPDLIB] [ERROR] Erneuter Versuch...
09:48:40 [UPD] [INFO] Herunterladen von 'hxxp://68.142.118.254/update/idx/master.idx' nach 'C:\ProgramData\Avira\AntiVir Desktop\TEMP\UPDATE\idx\master.idx'.
09:48:41 [UPDLIB] [ERROR] Download-Bibliothek hat einen Fehler zurückgegeben: Failure when receiving data from the peer
09:48:41 [UPDLIB] [ERROR] Kein anderer Server, Aktualisierung abgebrochen
09:48:41 [UPD] [ERROR] Erzeugen der Updatestruktur ist fehlgeschlagen. Die UpdateLib liefert den Fehler 537.
Zusammenfassung:
****************
0 Dateien heruntergeladen
0 Dateien installiert
Mittwoch, 14. August 2013 09:48:41
Das Update ist fehlgeschlagen!
Code:
ATTFilter Aktualisierungsstatus
Status: Die Suche des Programms nach Definitionsaktualisierung ist nicht möglich. Fehler: 0x80072efe.
Die Serververbindung wurde aufgrund eines Fehlers beendet.
Startzeit: 11:00
Verstrichene Zeit: 00:08:28
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 08:47 on 14/08/2013 (****)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-08-2013
Ran by **** (administrator) on 14-08-2013 08:52:35
Running from C:\Users\**** 2\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
(NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Akamai Technologies, Inc.) C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Akamai Technologies, Inc.) C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-06-10] (Alcor Micro Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-29] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [206208 2010-11-23] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [x]
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-11] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-18] (Avira Operations GmbH & Co. KG)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-01-15] ()
HKU\***\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_268_Plugin.exe [686792 2012-07-30] (Adobe Systems Incorporated)
Startup: C:\Users\**** 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKCU - DefaultScope {F96AC87D-7D37-4755-A9C0-27B4C0AFECD2} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {F96AC87D-7D37-4755-A9C0-27B4C0AFECD2} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: WOT - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: testpilot - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\testpilot@labs.mozilla.com.xpi
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\gl6l1ccy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-12] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-18] (Avira Operations GmbH & Co. KG)
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4159984 2010-12-08] (INCA Internet Co., Ltd.)
R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-07-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.)
S1 prodrv06; C:\Windows\SysWow64\drivers\prodrv06.sys [77184 2004-03-09] (Protection Technology)
S0 prohlp02; C:\Windows\SysWow64\drivers\prohlp02.sys [65504 2004-03-09] (Protection Technology)
S0 prosync1; C:\Windows\SysWow64\drivers\prosync1.sys [6944 2003-09-06] (Protection Technology)
S0 sfhlp01; C:\Windows\SysWow64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [31248 2006-11-16] (SIA Syncrosoft)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R2 WinRing0_1_2_0; C:\Users\**** 2\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0x64.sys [14544 2011-02-17] (OpenLibSys.org)
S3 dump_wmimmc; \??\C:\Program Files (x86)\Gameforge4D\CABAL Online\GameGuard\dump_wmimmc.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [x]
S0 prohlp02; System32\drivers\prohlp02.sys [x]
S0 prosync1; System32\drivers\prosync1.sys [x]
S0 sfhlp01; System32\drivers\sfhlp01.sys [x]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Downloads\FRST64.exe
2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Desktop\FRST64.exe
2013-08-14 08:47 - 2013-08-14 08:47 - 00000470 _____ C:\Users\**** 2\Desktop\defogger_disable.log
2013-08-14 08:47 - 2013-08-14 08:47 - 00000000 _____ C:\Users\****\defogger_reenable
2013-08-14 08:46 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Desktop\Defogger.exe
2013-08-14 08:43 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Downloads\Defogger.exe
2013-08-14 08:28 - 2013-08-14 08:49 - 00013070 _____ C:\Users\**** 2\Desktop\hijackthis.log
2013-08-14 08:27 - 2013-08-14 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\**** 2\Desktop\HiJackThis204.exe
2013-08-14 08:27 - 2013-08-14 08:27 - 00012372 _____ C:\Users\**** 2\Downloads\hijackthis.log
2013-08-14 08:20 - 2013-08-14 08:20 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Avira
2013-08-14 07:58 - 2013-08-14 07:58 - 19500928 _____ C:\Users\****\Downloads\QuickTimeInstaller.exe.part
2013-08-14 07:28 - 2013-08-14 07:28 - 00000000 ____D C:\Users\****\Documents\Warzone 2100 2.3
2013-08-14 00:14 - 2013-08-14 00:14 - 00000000 ____D C:\Users\****\AppData\Roaming\Avira
2013-08-14 00:09 - 2013-08-14 00:09 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 _____ C:\Users\****\Documents\APNSetup1.exe
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 _____ C:\Users\****\Documents\APNSetup.exe
2013-08-14 00:09 - 2013-07-18 08:02 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-14 00:09 - 2013-07-18 08:02 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-14 00:09 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-14 00:04 - 2013-08-14 00:07 - 110344048 _____ C:\Users\****\Downloads\avira_free_antivirus85_de.exe
2013-08-13 23:35 - 2013-08-13 23:43 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de(1).exe
2013-08-13 23:30 - 2013-08-13 23:30 - 00981567 _____ C:\Users\****\Downloads\EFRC32Setup.exe
2013-08-13 23:30 - 2013-08-13 23:30 - 00001053 _____ C:\Users\***\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:29 - 2013-08-13 23:29 - 00981612 _____ C:\Users\****\Downloads\EFRCSetup.exe
2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Users\**** 2\AppData\Local\O&O
2013-08-13 23:18 - 2013-08-13 23:18 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus(1).exe
2013-08-13 23:07 - 2013-08-13 23:07 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus.exe
2013-08-13 22:47 - 2013-08-14 08:12 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-08-13 22:47 - 2013-08-13 22:47 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2013-08-13 22:46 - 2013-08-13 22:46 - 02094432 _____ C:\Users\**** 2\Downloads\SecurityTaskManager_Setup-1.8d.exe
2013-08-13 22:05 - 2013-08-14 00:09 - 00000000 ____D C:\ProgramData\Avira
2013-08-13 22:01 - 2013-08-13 22:03 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de.exe
2013-08-13 21:50 - 2013-08-13 21:50 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security(1).exe
2013-08-13 21:39 - 2013-08-13 21:39 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security.exe
2013-08-13 21:34 - 2013-08-13 21:35 - 22268584 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup 23.0.exe
2013-08-13 21:34 - 2012-11-09 07:45 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-08-13 21:34 - 2012-11-09 06:43 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-08-13 21:33 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-08-13 21:33 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-08-13 21:33 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-08-13 21:33 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-08-13 21:33 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-08-13 21:33 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-08-13 21:33 - 2012-11-09 07:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-13 21:33 - 2012-11-09 06:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-13 21:32 - 2013-08-13 21:32 - 00282112 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup Stub 23.0.exe
2013-08-13 21:32 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-08-13 21:32 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-08-13 21:32 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-08-13 21:32 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-08-13 21:32 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-08-13 21:32 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-08-13 21:32 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-08-13 21:32 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-08-13 21:32 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-08-13 21:32 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-08-13 21:32 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-08-13 21:32 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2013-08-13 21:31 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-08-10 16:46 - 2013-08-10 20:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2013-08-07 16:08 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-08-07 16:08 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-08-07 16:08 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-29 13:53 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-29 13:53 - 2012-11-01 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-07-29 13:53 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-29 13:53 - 2012-11-01 06:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-27 14:36 - 2013-08-13 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia
2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-07-27 14:01 - 2013-07-27 14:01 - 00125544 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ___RD C:\Users\***\Virtual Machines
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Local\EgisTec IPS
2013-07-27 14:00 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***
2013-07-27 14:00 - 2013-07-27 14:00 - 00000020 ___SH C:\Users\***\ntuser.ini
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Vorlagen
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Startmenü
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Netzwerkumgebung
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Lokale Einstellungen
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Eigene Dateien
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Druckumgebung
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Musik
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Bilder
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Verlauf
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Anwendungsdaten
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Anwendungsdaten
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore
2013-07-27 14:00 - 2011-11-08 03:40 - 00000000 ____D C:\Users\***\AppData\Local\Microsoft Help
2013-07-23 13:54 - 2013-04-10 05:30 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
2013-08-14 08:51 - 2013-08-14 08:51 - 00000000 ____D C:\FRST
2013-08-14 08:49 - 2013-08-14 08:28 - 00013070 _____ C:\Users\**** 2\Desktop\hijackthis.log
2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Downloads\FRST64.exe
2013-08-14 08:48 - 2013-08-14 08:48 - 01575544 _____ (Farbar) C:\Users\**** 2\Desktop\FRST64.exe
2013-08-14 08:47 - 2013-08-14 08:47 - 00000470 _____ C:\Users\**** 2\Desktop\defogger_disable.log
2013-08-14 08:47 - 2013-08-14 08:47 - 00000000 _____ C:\Users\****\defogger_reenable
2013-08-14 08:47 - 2011-01-29 18:01 - 00000000 ____D C:\Users\****
2013-08-14 08:45 - 2011-03-01 11:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-14 08:44 - 2011-02-15 09:32 - 00000000 ____D C:\Users\JRN~1\AppData\Local\Adobe
2013-08-14 08:43 - 2013-08-14 08:46 - 00050477 _____ C:\Users\**** 2\Desktop\Defogger.exe
2013-08-14 08:43 - 2013-08-14 08:43 - 00050477 _____ C:\Users\**** 2\Downloads\Defogger.exe
2013-08-14 08:27 - 2013-08-14 08:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\**** 2\Desktop\HiJackThis204.exe
2013-08-14 08:27 - 2013-08-14 08:27 - 00012372 _____ C:\Users\**** 2\Downloads\hijackthis.log
2013-08-14 08:20 - 2013-08-14 08:20 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Avira
2013-08-14 08:19 - 2011-05-01 18:56 - 00000000 ____D C:\Users\**** 2\AppData\Local\CrashDumps
2013-08-14 08:15 - 2011-03-01 11:09 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-14 08:12 - 2013-08-13 22:47 - 00000000 ____D C:\ProgramData\SecTaskMan
2013-08-14 08:03 - 2010-11-23 19:39 - 01335823 _____ C:\Windows\WindowsUpdate.log
2013-08-14 07:58 - 2013-08-14 07:58 - 19500928 _____ C:\Users\****\Downloads\QuickTimeInstaller.exe.part
2013-08-14 07:46 - 2012-02-29 10:53 - 00000000 ____D C:\Users\****\Documents\OpenTTD
2013-08-14 07:28 - 2013-08-14 07:28 - 00000000 ____D C:\Users\****\Documents\Warzone 2100 2.3
2013-08-14 07:28 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-14 07:28 - 2009-07-14 06:45 - 00017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-14 07:23 - 2011-01-30 23:32 - 00003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{FC372759-2740-4048-B35C-C3CD4DCC66F6}
2013-08-14 07:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-14 00:14 - 2013-08-14 00:14 - 00000000 ____D C:\Users\****\AppData\Roaming\Avira
2013-08-14 00:13 - 2011-01-29 21:22 - 00000000 ____D C:\Users\****\Tracing
2013-08-14 00:09 - 2013-08-14 00:09 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 ____D C:\Program Files (x86)\Avira
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 _____ C:\Users\****\Documents\APNSetup1.exe
2013-08-14 00:09 - 2013-08-14 00:09 - 00000000 _____ C:\Users\****\Documents\APNSetup.exe
2013-08-14 00:09 - 2013-08-13 22:05 - 00000000 ____D C:\ProgramData\Avira
2013-08-14 00:07 - 2013-08-14 00:04 - 110344048 _____ C:\Users\****\Downloads\avira_free_antivirus85_de.exe
2013-08-13 23:56 - 2012-02-29 12:33 - 00000000 ___RD C:\Users\****\Virtual Machines
2013-08-13 23:56 - 2011-01-29 18:02 - 00125544 _____ C:\Users\JRN~1\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-13 23:56 - 2011-01-29 18:02 - 00000000 ___RD C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-13 23:56 - 2011-01-29 18:02 - 00000000 ___RD C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-08-13 23:54 - 2012-02-29 11:14 - 00000000 ____D C:\Users\**** 2\Documents\OpenTTD
2013-08-13 23:43 - 2013-08-13 23:35 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de(1).exe
2013-08-13 23:32 - 2011-05-22 15:31 - 00000000 ____D C:\Program Files (x86)\Eusing Free Registry Cleaner
2013-08-13 23:30 - 2013-08-13 23:30 - 00981567 _____ C:\Users\****\Downloads\EFRC32Setup.exe
2013-08-13 23:30 - 2013-08-13 23:30 - 00001053 _____ C:\Users\***\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\****\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\**** 3\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\**** 2\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:30 - 2011-05-22 15:31 - 00001053 _____ C:\Users\Gast\Desktop\Eusing Free Registry Cleaner.lnk
2013-08-13 23:29 - 2013-08-13 23:29 - 00981612 _____ C:\Users\****\Downloads\EFRCSetup.exe
2013-08-13 23:25 - 2010-09-16 01:34 - 00000000 ____D C:\Program Files (x86)\NewTech Infosystems
2013-08-13 23:23 - 2013-08-13 23:23 - 00000000 ____D C:\Users\**** 2\AppData\Local\O&O
2013-08-13 23:21 - 2011-03-21 20:13 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-08-13 23:20 - 2010-11-24 04:28 - 00656294 _____ C:\Windows\system32\perfh007.dat
2013-08-13 23:20 - 2010-11-24 04:28 - 00130894 _____ C:\Windows\system32\perfc007.dat
2013-08-13 23:20 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-13 23:18 - 2013-08-13 23:18 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus(1).exe
2013-08-13 23:15 - 2011-08-14 16:21 - 00000000 ___RD C:\Users\**** 2\Virtual Machines
2013-08-13 23:07 - 2013-08-13 23:07 - 02092792 _____ C:\Users\**** 2\Downloads\avira_free_antivirus.exe
2013-08-13 22:47 - 2013-08-13 22:47 - 00000000 ____D C:\Program Files (x86)\Security Task Manager
2013-08-13 22:46 - 2013-08-13 22:46 - 02094432 _____ C:\Users\**** 2\Downloads\SecurityTaskManager_Setup-1.8d.exe
2013-08-13 22:40 - 2010-09-16 01:38 - 00000000 ____D C:\ProgramData\McAfee
2013-08-13 22:40 - 2010-09-16 01:38 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-08-13 22:35 - 2013-02-09 17:52 - 00000000 ____D C:\Program Files (x86)\Steinberg
2013-08-13 22:32 - 2010-09-16 01:41 - 00000000 ____D C:\Program Files (x86)\Acer GameZone
2013-08-13 22:25 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-08-13 22:03 - 2013-08-13 22:01 - 110344048 _____ C:\Users\**** 2\Downloads\avira_free_antivirus85_de.exe
2013-08-13 21:57 - 2012-10-12 15:10 - 00000000 ____D C:\Users\**** 2\AppData\Roaming\Dropbox
2013-08-13 21:54 - 2012-10-23 17:40 - 00000000 ___RD C:\Users\**** 2\Dropbox
2013-08-13 21:53 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-13 21:52 - 2012-12-10 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-13 21:50 - 2013-08-13 21:50 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security(1).exe
2013-08-13 21:48 - 2011-02-09 13:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-13 21:39 - 2013-08-13 21:39 - 02092776 _____ C:\Users\**** 2\Downloads\avira_internet_security.exe
2013-08-13 21:37 - 2013-07-27 14:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-13 21:37 - 2011-01-29 19:05 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-08-13 21:35 - 2013-08-13 21:34 - 22268584 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup 23.0.exe
2013-08-13 21:32 - 2013-08-13 21:32 - 00282112 _____ (Mozilla) C:\Users\**** 2\Downloads\Firefox Setup Stub 23.0.exe
2013-08-13 21:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-10 20:46 - 2013-08-10 16:46 - 00000000 ____D C:\Users\***\AppData\Roaming\Skype
2013-08-10 16:46 - 2011-02-09 13:11 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-08-10 16:46 - 2011-02-03 00:06 - 00000000 ____D C:\Users\****\AppData\Roaming\Skype
2013-08-10 16:46 - 2011-02-01 01:35 - 00000000 ____D C:\ProgramData\Skype
2013-07-27 14:43 - 2012-10-21 15:36 - 00000000 ____D C:\Users\***\Documents\Schule
2013-07-27 14:42 - 2012-12-16 16:44 - 00000000 ____D C:\Users\***\Documents\Bewerbungsfotos
2013-07-27 14:40 - 2012-11-15 20:38 - 00000000 ____D C:\Users\**** 2\Documents\***
2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Roaming\Adobe
2013-07-27 14:11 - 2013-07-27 14:11 - 00000000 ____D C:\Users\***\AppData\Local\Macromedia
2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-27 14:09 - 2013-07-27 14:09 - 00000000 ____D C:\Users\***\AppData\Local\Mozilla
2013-07-27 14:01 - 2013-07-27 14:01 - 00125544 _____ C:\Users\***\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ___RD C:\Users\***\Virtual Machines
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Apple Computer
2013-07-27 14:01 - 2013-07-27 14:01 - 00000000 ____D C:\Users\***\AppData\Local\EgisTec IPS
2013-07-27 14:01 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***
2013-07-27 14:00 - 2013-07-27 14:00 - 00000020 ___SH C:\Users\***\ntuser.ini
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Vorlagen
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Startmenü
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Netzwerkumgebung
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Lokale Einstellungen
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Eigene Dateien
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Druckumgebung
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Musik
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Documents\Eigene Bilder
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Verlauf
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\AppData\Local\Anwendungsdaten
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 _SHDL C:\Users\***\Anwendungsdaten
2013-07-27 14:00 - 2013-07-27 14:00 - 00000000 ____D C:\Users\***\AppData\Local\VirtualStore
2013-07-27 13:46 - 2011-01-29 21:09 - 00000000 ____D C:\Users\JRN~1\AppData\Local\Windows Live
2013-07-26 19:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-07-26 17:40 - 2011-03-01 11:09 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-26 17:40 - 2011-03-01 11:09 - 00003850 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-24 18:15 - 2009-07-14 06:45 - 00444664 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-18 08:02 - 2013-08-14 00:09 - 00130016 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-07-18 08:02 - 2013-08-14 00:09 - 00100712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
Files to move or delete:
====================
C:\Users\**** 2\jagex_runescape_preferences.dat
C:\Users\**** 2\jagex_runescape_preferences2.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-07-26 19:01
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2013
Ran by **** at 2013-08-14 08:53:30
Running from C:\Users\**** 2\Desktop
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
4Story 3.4.1 (x32)
Acer Backup Manager (x32 Version: 2.0.0.68)
Acer Crystal Eye webcam Ver:1.1.194.1021 (x32 Version: 1.1.194.1021)
Acer ePower Management (x32 Version: 5.00.3005)
Acer eRecovery Management (x32 Version: 4.05.3013)
Acer Registration (x32 Version: 1.03.3003)
Acer ScreenSaver (x32 Version: 1.1.0423.2010)
Acer Updater (x32 Version: 1.02.3001)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 10 ActiveX (x32 Version: 10.2.159.1)
Adobe Flash Player 11 Plugin (x32 Version: 11.3.300.268)
Adobe Photoshop Lightroom 3.6 64-bit (Version: 3.6.1)
Adobe Reader X (10.1.4) - Deutsch (x32 Version: 10.1.4)
AirRivals (x32)
Akamai NetSession Interface (x32)
Alcor Micro USB Card Reader (x32 Version: 1.9.17.06019)
Apple Application Support (x32 Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (x32 Version: 2.1.3.127)
ATI Catalyst Install Manager (Version: 3.0.786.0)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Backup Manager Basic (x32 Version: 2.0.0.68)
Battlecruiser Millennium FREEWARE (x32 Version: 1.09.03)
be Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 14.2.4.2)
capella-scan 7.0 (x32 Version: 7.0.22)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0828.2240.38829)
Catalyst Control Center InstallProxy (x32 Version: 2010.0828.2240.38829)
Catalyst Control Center Localization All (x32 Version: 2010.0828.2240.38829)
CCC Help Chinese Standard (x32 Version: 2010.0828.2239.38829)
CCC Help Chinese Traditional (x32 Version: 2010.0828.2239.38829)
CCC Help Czech (x32 Version: 2010.0828.2239.38829)
CCC Help Danish (x32 Version: 2010.0828.2239.38829)
CCC Help Dutch (x32 Version: 2010.0828.2239.38829)
CCC Help English (x32 Version: 2010.0828.2239.38829)
CCC Help Finnish (x32 Version: 2010.0828.2239.38829)
CCC Help French (x32 Version: 2010.0828.2239.38829)
CCC Help German (x32 Version: 2010.0828.2239.38829)
CCC Help Greek (x32 Version: 2010.0828.2239.38829)
CCC Help Hungarian (x32 Version: 2010.0828.2239.38829)
CCC Help Italian (x32 Version: 2010.0828.2239.38829)
CCC Help Japanese (x32 Version: 2010.0828.2239.38829)
CCC Help Korean (x32 Version: 2010.0828.2239.38829)
CCC Help Norwegian (x32 Version: 2010.0828.2239.38829)
CCC Help Polish (x32 Version: 2010.0828.2239.38829)
CCC Help Portuguese (x32 Version: 2010.0828.2239.38829)
CCC Help Russian (x32 Version: 2010.0828.2239.38829)
CCC Help Spanish (x32 Version: 2010.0828.2239.38829)
CCC Help Swedish (x32 Version: 2010.0828.2239.38829)
CCC Help Thai (x32 Version: 2010.0828.2239.38829)
CCC Help Turkish (x32 Version: 2010.0828.2239.38829)
ccc-core-static (x32 Version: 2010.0828.2240.38829)
ccc-utility64 (Version: 2010.0828.2240.38829)
CCleaner (Version: 3.15)
CD goes MP3 (x32 Version: 2.1)
Cisco AnyConnect VPN Client (x32 Version: 2.5.2014)
CyberLink PowerDVD 9 (x32 Version: 9.0.3814.50)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Defraggler (Version: 2.07)
Derive 6 (x32 Version: 6.1)
DivX-Setup (x32 Version: 2.6.1.8)
Drachenkrieg (with media and plugins), version 1.1.29 (x32)
Elfenwelt - Abenteuer im Elfenland (x32)
Enable Viacam 1.4 (x32 Version: 1.4)
eSobi v2 (x32 Version: 2.0.4.000274)
Eusing Free Registry Cleaner (x32)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free Video to iPod Converter version 4.3.3.804 (x32)
Free YouTube to MP3 Converter version 3.10.17.221 (x32 Version: 3.10.17.221)
Freeciv 2.2.4 (GTK+ client) (HKCU)
Freemake Video Converter Version 3.0.2 (x32 Version: 3.0.2)
GIMP 2.6.8
Google Earth (x32 Version: 6.0.1.2032)
Google Update Helper (x32 Version: 1.3.21.153)
HyperCam 2 (Version: 2.25.01)
HyperCam 2 (x32)
iCloud (Version: 1.1.0.40)
Identity Card (x32 Version: 1.00.3003)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.00.01.1002)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
iTunes (Version: 10.6.3.25)
Java(TM) 7 Update 3 (64-bit) (Version: 7.0.30)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Launch Manager (x32 Version: 4.0.14)
Lern-o-Mat (x32)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (x32 Version: 14.0.5120.5000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 23.0 (x86 de) (x32 Version: 23.0)
Mozilla Maintenance Service (x32 Version: 23.0)
Mozilla Thunderbird 9.0.1 (x86 de) (x32 Version: 9.0.1)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MTX (x32 Version: 1.0.0)
my moments (HKCU Version: 2.5.1.0)
MyWinLocker (x32 Version: 3.1.212.0)
MyWinLocker Suite (x32 Version: 3.1.212.0)
NTI Backup Now 5 (x32 Version: 5.1.2.630)
NTI Backup Now Standard (x32 Version: 5.1.2.630)
NTI Media Maker 8 (x32 Version: 8.0.12.6636)
OpenAL (x32)
OpenTTD 1.1.5 (x32 Version: 1.1.5)
Photo Gallery (x32 Version: 16.4.3505.0912)
PX Profile Update (x32 Version: 1.00.1.)
QuickTime (x32 Version: 7.72.80.56)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6167)
Recuva (Version: 1.39)
Security Task Manager 1.8d (x32 Version: 1.8d)
Shredder (Version: 2.0.8.3)
Shredder (x32 Version: 2.0.8.3)
Skype™ 6.7 (x32 Version: 6.7.102)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
Syncrosoft Lizenz Kontrolle (x32)
TrueCrypt (x32 Version: 7.0a)
Überwachungstool für die Intel® Turbo-Boost-Technik (Version: 1.0.186.6)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553092) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
Visual C++ 8.0 CRT (x86) WinSXS MSM (x32 Version: 8.0.50727.762)
Warzone 2100-2.3.9 (x32 Version: 2.3.9)
Warzone 2100-3.1_beta10 (x32 Version: 3.1_beta10)
Welcome Center (x32 Version: 1.02.3004)
Wild Creatures (x32)
Wildlife Park (x32)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live Family Safety (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0)
Windows Speech Recognition Macros (x32 Version: 1.0.6862.19)
Wing Commander Saga 1.0.2.7795 (Version: 1.0.2.7795)
WinRAR 4.11 (32-Bit) (x32 Version: 4.11.0)
==================== Restore Points =========================
22-06-2013 11:13:12 Windows Update
22-06-2013 18:20:31 Windows Update
23-07-2013 13:33:31 Windows Update
30-07-2013 08:32:59 Windows Update
07-08-2013 16:39:46 Windows Update
13-08-2013 19:45:05 Removed Skype Click to Call
13-08-2013 19:47:43 Removed Skype Click to Call
13-08-2013 20:22:48 Removed BlueStacks Notification Center
13-08-2013 20:34:44 Removed Steinberg Cubase LE 4
13-08-2013 21:08:37 Windows Update
13-08-2013 21:22:08 O&O Defrag Free Edition wurde entfernt.
13-08-2013 21:23:30 Removed Oracle VM VirtualBox 4.1.0
13-08-2013 21:24:52 Configured Backup Manager Basic
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {4C79F9F7-AC4B-495D-8681-E5F6BE84CCAE} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {4E02C21D-1B27-478D-BFD0-E4DA908F3F3F} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {50E78190-CF50-4143-AFD6-CEAD88F5022C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {69FCED66-FBD2-4B46-B2EC-D095B188FBB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8C09D1FF-401A-4111-9E02-9777FE46EC1D} - System32\Tasks\{8FBFAD8D-B04E-4EB6-AA87-3DC1BA0C625B} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2013-07-31] (Mozilla Corporation)
Task: {9607534B-3EA2-4A5D-A623-197D0C6E95B6} - System32\Tasks\Games\UpdateCheck_S-1-5-21-260301430-403971504-409968616-1001
Task: {A0062C2C-8B80-4A2F-B305-9C38A034838C} - System32\Tasks\User_Feed_Synchronization-{FC372759-2740-4048-B35C-C3CD4DCC66F6} => C:\Windows\system32\msfeedssync.exe [2011-04-21] (Microsoft Corporation)
Task: {C050E51A-BC2D-4F3D-9800-EC540A79BB5D} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {DA3AE28F-6460-4AD3-ACB4-42A9266923A5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {DF7B18EF-B0FE-4587-971D-3229E5D17AD0} - System32\Tasks\{66CE549C-71E9-40F6-8205-0326404CB12A} => C:\Program Files (x86)\Wildlife Park\Int\Win32\Program\VC6\WLPAdd1.exe No File
Task: {DF88A619-ED66-4B99-97D1-225CFF8FAC39} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-01] (Google Inc.)
Task: {E16F09F7-F7A8-44DF-983D-B40FFCA0566C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-01] (Google Inc.)
Task: {F8C9BB01-5C1A-4740-97FB-FEC92836A6BB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/14/2013 08:49:07 AM) (Source: Application Hang) (User: )
Description: Programm FRST64.exe, Version 3.3.8.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 12d8
Startzeit: 01ce98ba4d7dedff
Endzeit: 0
Anwendungspfad: C:\Users\**** 2\Downloads\FRST64.exe
Berichts-ID: 997ec877-04ad-11e3-a8e8-206a8a2378c9
Error: (08/13/2013 11:17:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (08/13/2013 11:08:31 PM) (Source: Bonjour Service) (User: )
Description: 472: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (08/13/2013 11:08:31 PM) (Source: Bonjour Service) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10093
Error: (08/12/2013 05:04:10 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9968
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9968
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/10/2013 04:46:57 PM) (Source: MsiInstaller) (User: JP1)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/06/2013 02:28:06 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
System errors:
=============
Error: (08/14/2013 07:19:58 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/14/2013 07:19:14 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/14/2013 00:28:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (08/14/2013 00:02:42 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/14/2013 00:02:19 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/13/2013 11:59:30 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/13/2013 11:58:45 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/13/2013 11:32:30 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
prodrv06
prohlp02
prosync1
sfhlp01
Error: (08/13/2013 11:32:01 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\prodrv06.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/13/2013 11:31:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Microsoft Office Sessions:
=========================
Error: (08/14/2013 08:49:07 AM) (Source: Application Hang)(User: )
Description: FRST64.exe3.3.8.112d801ce98ba4d7dedff0C:\Users\**** 2\Downloads\FRST64.exe997ec877-04ad-11e3-a8e8-206a8a2378c9
Error: (08/13/2013 11:17:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\**** 2\Downloads\SoftonicDownloader_fuer_youtube-song-downloader.exe
Error: (08/13/2013 11:08:31 PM) (Source: Bonjour Service)(User: )
Description: 472: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)
Error: (08/13/2013 11:08:31 PM) (Source: Bonjour Service)(User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10093
Error: (08/12/2013 05:04:10 PM) (Source: Windows Backup)(User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9968
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9968
Error: (08/10/2013 05:44:36 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/10/2013 04:46:57 PM) (Source: MsiInstaller)(User: JP1)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/06/2013 02:28:06 PM) (Source: Windows Backup)(User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 3956.5 MB
Available physical RAM: 2035.16 MB
Total Pagefile: 7911.18 MB
Available Pagefile: 5722.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:451.99 GB) (Free:241.57 GB) NTFS (Disk=0 Partition=3)
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: F3E8F3E8)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-08-14 09:18:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\JRN~1\AppData\Local\Temp\ugtdypow.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 560 fffff8000340a000 63 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 624 fffff8000340a040 1 byte [21]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe[1092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Windows\SysWOW64\svchost.exe[1684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Windows\SysWOW64\svchost.exe[1684] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[1784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe[1784] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[4304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[4828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE[4828] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe[4540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe[4540] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\LManager.exe[1412] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[1412] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
.text C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe[3792] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000758e1465 2 bytes [8E, 75]
.text C:\Users\**** 2\AppData\Local\Akamai\netsession_win.exe[3792] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000758e14bb 2 bytes [8E, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread [1716:1792] 0000000077553e45
Thread [1716:1796] 00000000758f7587
Thread [1716:1808] 0000000072dac59c
Thread [1716:1812] 0000000072dac59c
Thread [1716:1816] 0000000072dac59c
Thread [1716:1820] 0000000077552e25
Thread [1716:1824] 0000000072dac41c
Thread [1716:2124] 0000000072bae2db
Thread [1716:2128] 0000000072dac59c
Thread [1716:2132] 0000000072dac41c
Thread [1716:2136] 0000000072dac41c
Thread [1716:2140] 0000000072dac41c
Thread [1716:2144] 0000000072dac41c
Thread [1716:2148] 0000000072dac41c
Thread [1716:2152] 0000000072dac41c
Thread [1716:2156] 0000000072dac41c
Thread [1716:2160] 0000000072dac41c
Thread [1716:2164] 0000000072dac41c
Thread [1716:2168] 0000000072dac41c
Thread [1716:2172] 0000000072dac41c
Thread [1716:2176] 0000000072dac41c
Thread [1716:2180] 0000000072dac41c
Thread [1716:2184] 0000000072dac41c
Thread [1716:2188] 0000000072dac41c
Thread [1716:2192] 0000000072dac41c
Thread [1716:2196] 0000000072dac41c
Thread [1716:2204] 0000000072dac59c
Thread [1716:2208] 0000000070fb8e20
Thread [1716:2212] 0000000070fb8e20
Thread [1716:2216] 0000000070fb8e20
Thread [1716:2220] 0000000070fb4e00
Thread [1716:2940] 0000000072dac59c
Thread [1716:2660] 0000000072dac59c
Thread [1716:2424] 0000000072dac59c
---- EOF - GMER 2.1 ----
|
| Themen zu Download/Installation von Updates nicht möglich |
| 4d36e972-e325-11ce-bfc1-08002be10318, akamai, antivirus, avira, bluestacks, bonjour, branding, browser, cubase, desktop, device driver, error, excel, farbar, farbar recovery scan tool, fehler 5, firefox, flash player, hijack, home, homepage, iexplore.exe, launch, mp3, msiinstaller, nicht möglich, plug-in, popup, proxyeinstellungen, realtek, registry, richtlinie, security, software, system error, updates, virtualbox, vista, windows, windows updates |
Baum-Darstellung