Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 01.08.2014, 05:07   #1
MarcelWeißNi
 
Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast. - Standard

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.



Hallo,
Ich habe mir die Punkte durchgelesen, die ich zu verfolgen hatte, jedoch hat "Defogger" gesagt, dass sie bereits deaktiviert ist, ich weiß jetzt nicht ob das gut oder schlecht ist, zu meinem Problem, ich hatte durch einen Freund die Frage bekommen ob die Seite " hxxp://steam-cards.com " denn sicher sei, daraufhin habe ich draufgeklickt und habe ihn gesagt, dass es sehr gut aussieht ich aber denke, dass es sich um ein Virus handelt, habe dennoch auf sein "Click" geklickt, damit er klicks bekommt. Da ich zuvor kein Virus Programm hatte, habe ich Avast durchlaufen lassen (10 Bedrohungen, alle in den Container gepackt) und seit dem geht kein Video mehr, es lädt, stoppt aber nach wenigen Sekunden aber es lädt weiter. Ich bitte um Hilfe, vielen dank. ^^
Angehängte Dateien
Dateityp: txt FRST.txt (48,7 KB, 173x aufgerufen)
Dateityp: log loooog.log (14,1 KB, 111x aufgerufen)
Dateityp: txt Addition.txt (37,0 KB, 136x aufgerufen)
Dateityp: log defogger_disable.log (450 Bytes, 113x aufgerufen)

Geändert von MarcelWeißNi (01.08.2014 um 05:39 Uhr)

Alt 01.08.2014, 05:56   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast. - Standard

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 01.08.2014, 06:00   #3
MarcelWeißNi
 
Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast. - Standard

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.



Tut mir Leid

Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-07-2014 02
Ran by Marcel at 2014-08-01 06:15:44
Running from C:\Users\Marcel\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AION Free-to-Play (HKLM\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
Blender (HKLM\...\Blender) (Version: 2.67 - Blender Foundation)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.95 - Broadcom Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
BrowserSafeguard with Rockettab (HKLM\...\BrowserSafeguard) (Version: - BrowserSafeguard with Rockettab) <==== ATTENTION
Bundled software uninstaller (HKLM\...\bi_uninstaller) (Version: - ) <==== ATTENTION
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cobalt (HKLM\...\Cobalt) (Version: - )
Craften Terminal 3.4.4 (HKLM\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.4.4 - Craften.de)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Island Riptide (c) Deep Silver version 1 (HKLM\...\RGVhZCBJc2xhbmQgUmlwdGlkZSAoYykgRGVlcCBTaWx2ZXI=_is1) (Version: 1 - )
Delta Chrome Toolbar (HKLM\...\Delta Chrome Toolbar) (Version: - Delta) <==== ATTENTION
Delta toolbar (HKLM\...\delta) (Version: 1.8.16.16 - Delta) <==== ATTENTION
Desura (HKLM\...\Desura) (Version: 100.53 - Desura)
Desura: ERIE (HKLM\...\Desura_81776177315872) (Version: Full - UGF)
Don't Starve (HKLM\...\Steam App 219740) (Version: - Klei Entertainment)
Dragonica (HKLM\...\{10C10382-F201-4466-9346-3646B181DF63}_is1) (Version: 092013 - Webzen Dublin Ltd.)
EdenEternal-DE (HKLM\...\EdenEternal-DE) (Version: - )
Elsword_DE (HKLM\...\Elsword_DE_is1) (Version: - )
ESN Sonar (HKLM\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Fiesta Online DE 1.04.136 (HKLM\...\Fiesta Online DE) (Version: 1.04.136 - Gamigo games)
File Identifier version 1.0.3 (HKLM\...\File Identifier_is1) (Version: 1.0.3 - )
File Viewer version 1.0.2 (HKLM\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 1.0.2 - Sharpened Productions)
FileZilla Client 3.6.0.2 (HKLM\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
Gameforge Live 1.10.1 "Legend" (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.10.1 - Gameforge)
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version: - )
glindorus 2013.11.07.204448 (HKLM\...\glindorus) (Version: 2013.11.07.204448 - glindorus) <==== ATTENTION
Glyph (HKLM\...\Glyph) (Version: - Trion Worlds, Inc.)
GoforFiles (HKCU\...\GoforFiles) (Version: 1.7.1 - hxxp://www.goforfiles.com/) <==== ATTENTION
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Hamachi 1.0.3.0 (HKLM\...\Hamachi) (Version: - )
Install(GE) (HKLM\...\{F916C6DF-2601-4385-9500-C45FF398D4CB}) (Version: 1.0 - AeriaGames)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Java 7 Update 17 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java Auto Updater (Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (Version: 3.0.1 - Riot Games ) Hidden
LPT System Updater Service (HKLM\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
Maestia (HKLM\...\Maestia) (Version: - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
My Game Long Name (HKLM\...\UDK-c7aa2de6-ad58-4eea-a8f9-354f95499fe9) (Version: - Epic Games, Inc.)
Neverwinter (HKLM\...\Neverwinter) (Version: - Cryptic Studios)
Nexon Game Manager (HKLM\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
Nostale(DE) (HKLM\...\NosTale(DE)_is1) (Version: - Gameforge 4D GmbH)
NVIDIA Grafiktreiber 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM\...\OpenAL) (Version: - )
Orcs Must Die! 2 (HKLM\...\Steam App 201790) (Version: - )
Origin (HKLM\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pacman Bundle by SweetPacks (HKLM\...\Pacman Bundle by SweetPacks) (Version: 1.0.0.0 - SweetPacks LTD) <==== ATTENTION
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Plus-HD-2.3 (HKLM\...\Plus-HD-2.3) (Version: 1.27.153.5 - Plus HD) <==== ATTENTION
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
PricePeep (HKLM\...\PricePeep) (Version: 2.2.0.4 - betwikx LLC) <==== ATTENTION
PS3 Media Server (HKLM\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
QuickShare (HKLM\...\{11D4FAA0-A577-4FA8-B24E-D24283D861D1}) (Version: 11.24.60.15709 - Linkury Inc.) <==== ATTENTION
RaiderZ (HKLM\...\RaiderZ) (Version: - Perfect World Entertainment)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
RIFT (HKLM\...\Glyph RIFT) (Version: - Trion Worlds, Inc.)
S.K.I.L.L. - Special Force 2 (HKLM\...\Special Force 2 Beta_is1) (Version: - )
S4 League_EU (HKLM\...\{9177CEEE-B308-4612-BD8C-AE621D3FF441}) (Version: 1.00.0000 - )
Sandboxie 3.76 (32-bit) (HKLM\...\Sandboxie) (Version: 3.76 - SANDBOXIE L.T.D)
Search Protect (HKLM\...\SearchProtect) (Version: 2.13.3.38 - Client Connect LTD) <==== ATTENTION
Shaiya (HKLM\...\Shaiya) (Version: - )
Shaiya-DE (HKLM\...\Shaiya-DE) (Version: - )
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SRWare Iron Version 23.0.1300.0 (HKLM\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: 23.0.1300.0 - SRWare)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Surf and keeep (HKLM\...\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}) (Version: 3.0.0.1017 - Sourf and keeP) <==== ATTENTION
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unturned (HKLM\...\Steam App 304930) (Version: - Nelson Sexton)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Vegas Pro 11.0 (HKLM\...\{B644D34F-0296-11E2-938E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
Virtual Audio Cable 4.12 (HKLM\...\Virtual Audio Cable 4.12) (Version: - )
Wajam (HKLM\...\Wajam) (Version: 1.80 - Wajam) <==== ATTENTION
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D6}) (Version: 17.0.10283 - WinZip Computing, S.L. )
Wireshark 1.10.5 (32-bit) (HKLM\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org)
WolfTeam-DE (HKLM\...\WolfTeam-DE) (Version: - )
World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)
YGOPro DevPro Version 1.9.2r2 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.2r2 - YGOPro DevPro Online)
YoutubeAdblocker (HKLM\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version: 4.1.0.1990 - YoutubeAdblocker) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-663376851-2353010799-268835600-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Marcel\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-663376851-2353010799-268835600-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-663376851-2353010799-268835600-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-663376851-2353010799-268835600-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-663376851-2353010799-268835600-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-663376851-2353010799-268835600-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb.dll ()
CustomCLSID: HKU\S-1-5-21-663376851-2353010799-268835600-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-663376851-2353010799-268835600-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)

==================== Restore Points =========================

31-07-2014 23:34:49 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {056D1786-186D-420B-9890-EAF59BF60B4E} - System32\Tasks\{B675329D-8D9A-41D3-B239-4AC079685013} => C:\Program Files\SRWare Iron\iron.exe [2012-11-18] (SRWare)
Task: {0A07C2C7-EDF9-41FB-8499-944561666BD8} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [2013-06-19] (DealPly Technologies Ltd) <==== ATTENTION
Task: {0AFE40C3-D56A-470B-839A-CD8A69DCBA55} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-14] (Adobe Systems Incorporated)
Task: {0F3D1BF7-A30C-436F-80AD-71C427FE227C} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2012-06-25] (Beepa P/L)
Task: {252EDA62-1480-456B-BB08-655F4969F3AC} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {44858388-ED54-471E-BFA2-43C0873A68AB} - System32\Tasks\{C02F8615-A1FE-4A8C-B719-B3449ED06CD0} => C:\Program Files\SRWare Iron\iron.exe [2012-11-18] (SRWare)
Task: {52D970B6-312F-4701-B2F4-7AF2ADC846F0} - System32\Tasks\Plus-HD-2.3-codedownloader => C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-06-19] (Plus HD)
Task: {6084DA3C-B873-4275-9AA7-9532A912E926} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-01] (Google Inc.)
Task: {73520C78-2DD7-417A-BC54-D4894686D252} - System32\Tasks\{D5C14623-F380-49DC-B56B-43482B787FAF} => C:\Program Files\SRWare Iron\iron.exe [2012-11-18] (SRWare)
Task: {7ADAAA8D-AA2E-4738-BA50-6D52CD29F196} - System32\Tasks\Plus-HD-2.3-updater => C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-06-19] (Plus HD)
Task: {861A9FDE-E409-455A-951C-A2EDEB731CA7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-01] (AVAST Software)
Task: {903E01DA-4F63-47A9-A1B4-C0FC24609125} - System32\Tasks\Plus-HD-2.3-enabler => C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-12-24] (Plus HD)
Task: {9235C04C-E5E4-4CF9-B5F3-D87179CF4CFF} - System32\Tasks\{FE14FEF8-A5B7-4ADF-9E9D-3B9EDB25E93B} => C:\Riot Games\League of Legends\lol.launcher.exe [2013-11-21] ()
Task: {96488C81-D655-4504-930A-D6112660CA11} - System32\Tasks\{30DC6AF2-C1C4-4C45-BE5D-12F260DD670C} => C:\Riot Games\League of Legends\lol.launcher.exe [2013-11-21] ()
Task: {E8E72527-7AE4-406D-A643-016B0D252CFD} - System32\Tasks\GoforFilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe [2013-05-04] (hxxp://www.goforfiles.com/) <==== ATTENTION
Task: {EFFE18E2-2D61-4ADF-B988-E9D9B874C32E} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [2013-06-19] (DealPly Technologies Ltd) <==== ATTENTION
Task: {F271DEEB-CCBD-418E-B604-5355F7570192} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-08-01] (Google Inc.)
Task: {FC19C2BF-5B08-4EEF-B56B-ADD8D18E2D89} - System32\Tasks\RunOW => C:\Program Files\Overwolf\OverwolfLauncher.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job => C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.3-enabler.job => C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.3-updater.job => C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-updater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-08-01 01:36 - 2014-08-01 01:36 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-01 02:36 - 2014-08-01 02:36 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14073101\algo.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00035096 _____ () C:\Program Files\LPT\srpts.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00071448 _____ () C:\Program Files\LPT\srpt.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00022296 _____ () C:\Program Files\LPT\srptc.dll
2014-03-09 19:42 - 2014-03-09 19:42 - 00018200 _____ () C:\Program Files\LPT\Smartbar.Common.dll
2013-08-31 20:55 - 2013-08-31 22:37 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00022296 _____ () C:\Users\Marcel\AppData\Local\LPT\srptm.exe
2014-03-09 19:43 - 2014-03-09 19:43 - 00071448 _____ () C:\Users\Marcel\AppData\Local\LPT\srpt.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00022296 _____ () C:\Users\Marcel\AppData\Local\LPT\srptc.dll
2014-03-09 19:42 - 2014-03-09 19:42 - 00018200 _____ () C:\Users\Marcel\AppData\Local\LPT\Smartbar.Common.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00055576 _____ () C:\Users\Marcel\AppData\Local\LPT\srut.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00060184 _____ () C:\Users\Marcel\AppData\Local\LPT\sppsm.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00153880 _____ () C:\Users\Marcel\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00026392 _____ () C:\Users\Marcel\AppData\Local\LPT\Smartbar.Personalization.Common.dll
2014-03-09 19:42 - 2014-03-09 19:42 - 00164632 _____ () C:\Users\Marcel\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00042776 _____ () C:\Users\Marcel\AppData\Local\LPT\srbu.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00023832 _____ () C:\Users\Marcel\AppData\Local\LPT\srpdm.dll
2014-03-09 19:43 - 2014-03-09 19:43 - 00036120 _____ () C:\Users\Marcel\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2013-11-08 02:25 - 2013-11-08 02:25 - 00911128 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2013-11-07 22:44 - 2014-08-01 02:41 - 00323360 _____ () C:\Program Files\glindorus\updateglindorus.exe
2014-02-14 21:22 - 2014-08-01 02:36 - 00323360 _____ () C:\Program Files\glindorus\bin\utilglindorus.exe
2014-08-01 01:36 - 2014-08-01 01:36 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-25 00:52 - 2014-07-03 16:11 - 00239392 _____ () C:\Program Files\glindorus\bin\glindorus.PurBrowse.exe
2014-04-09 23:11 - 2014-08-01 01:22 - 00096544 _____ () C:\Program Files\glindorus\bin\glindorus.BrowserAdapter.exe
2014-02-15 04:24 - 2014-02-15 04:24 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\29335dc88d799664dcd97362bcb687e9\IsdiInterop.ni.dll
2012-12-26 01:59 - 2010-04-13 10:52 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-02-06 00:08 - 2013-11-21 21:21 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-02-06 00:08 - 2014-07-17 17:35 - 05430776 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\LoLLauncher.exe
2014-02-06 00:08 - 2014-07-17 17:35 - 01640440 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\RiotLauncher.dll
2014-02-06 02:01 - 2014-02-06 02:01 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.101\deploy\LolClient.exe
2012-12-26 21:41 - 2012-09-26 16:46 - 00735744 _____ () C:\Program Files\SRWare Iron\libglesv2.dll
2012-12-26 21:41 - 2012-09-26 16:47 - 00144384 _____ () C:\Program Files\SRWare Iron\libegl.dll
2014-06-14 05:02 - 2014-06-14 05:02 - 17024688 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll
2012-12-26 21:41 - 2012-11-08 18:46 - 01400846 _____ () C:\Program Files\SRWare Iron\avcodec-54.dll
2012-12-26 21:41 - 2012-11-08 18:46 - 00151054 _____ () C:\Program Files\SRWare Iron\avutil-51.dll
2012-12-26 21:41 - 2012-11-08 18:46 - 00222734 _____ () C:\Program Files\SRWare Iron\avformat-54.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Marcel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^hamachi.lnk => C:\Windows\pss\hamachi.lnk.Startup
MSCONFIG\startupreg: 4StoryPrePatch => C:\Program Files\Gameforge4D\4Story_DE\PrePatch.exe
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Marcel\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Marcel\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: BrowserSafeguard => "C:\Program Files\Browsersafeguard\BrowserSafeguard.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Desura => C:\Program Files\Desura\desura.exe -autostart
MSCONFIG\startupreg: EADM => "C:\Program Files\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/01/2014 05:52:53 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.24.15\DealPlyLiveHelper.msi

Error: (08/01/2014 03:53:16 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.24.15\DealPlyLiveHelper.msi

Error: (08/01/2014 02:52:51 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.24.15\DealPlyLiveHelper.msi

Error: (08/01/2014 01:52:03 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.24.15\DealPlyLiveHelper.msi

Error: (08/01/2014 01:45:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avastUi.exe, Version 9.0.2021.515 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 268c

Startzeit: 01cfad190184d7db

Endzeit: 60000

Anwendungspfad: C:\Program Files\AVAST Software\Avast\avastUi.exe

Berichts-ID: a54fb06d-190c-11e4-9d45-88ae1d992da5

Error: (08/01/2014 01:43:19 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.21.169\DealPlyLiveHelper.msi

Error: (08/01/2014 01:35:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary kegjekcy.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/01/2014 01:34:48 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
Generatordaten werden gesammelt

Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {bc37ae1a-b920-46a5-8c90-43335b2113a9}

Error: (07/31/2014 07:30:53 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (07/30/2014 04:47:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (08/01/2014 02:31:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎01.‎08.‎2014 um 02:29:35 unerwartet heruntergefahren.

Error: (08/01/2014 02:30:56 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "C:" den Befehl "chkdsk" aus.

Error: (07/30/2014 05:28:20 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/30/2014 06:36:16 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.

Error: (07/25/2014 02:42:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WajamUpdater" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/23/2014 04:28:16 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎23.‎07.‎2014 um 04:26:38 unerwartet heruntergefahren.

Error: (07/23/2014 02:26:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/23/2014 02:26:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 9 erreicht.

Error: (07/23/2014 02:25:37 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎23.‎07.‎2014 um 01:45:27 unerwartet heruntergefahren.

Error: (07/22/2014 03:27:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎22.‎07.‎2014 um 05:21:43 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (08/01/2014 05:52:53 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/01/2014 03:53:16 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/01/2014 02:52:51 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/01/2014 01:52:03 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.24.15\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/01/2014 01:45:58 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avastUi.exe9.0.2021.515268c01cfad190184d7db60000C:\Program Files\AVAST Software\Avast\avastUi.exea54fb06d-190c-11e4-9d45-88ae1d992da5

Error: (08/01/2014 01:43:19 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files\Google\Update\1.3.21.169\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/01/2014 01:35:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary kegjekcy.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/01/2014 01:34:48 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
Generatordaten werden gesammelt

Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {bc37ae1a-b920-46a5-8c90-43335b2113a9}

Error: (07/31/2014 07:30:53 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2

Error: (07/30/2014 04:47:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\S4League\Aegis64.exe


==================== Memory info ===========================

Percentage of memory in use: 59%
Total physical RAM: 2550.71 MB
Available physical RAM: 1031 MB
Total Pagefile: 5099.71 MB
Available Pagefile: 2620.25 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:60.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 70C3F1DE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:31-07-2014 02
Ran by Marcel (administrator) on MARCEL-PC on 01-08-2014 06:14:11
Running from C:\Users\Marcel\Downloads
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\LPT\srpts.exe
(Beepa P/L) C:\Fraps\fraps.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Users\Marcel\AppData\Local\LPT\srptm.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\glindorus\updateglindorus.exe
() C:\Program Files\glindorus\bin\utilglindorus.exe
(Wajam) C:\Program Files\Wajam\Updater\WajamUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Akamai Technologies, Inc.) C:\Users\Marcel\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Marcel\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files\glindorus\bin\glindorus.PurBrowse.exe
() C:\Program Files\glindorus\bin\glindorus.BrowserAdapter.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.213\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.101\deploy\LolClient.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(SRWare) C:\Program Files\SRWare Iron\iron.exe
(SRWare) C:\Program Files\SRWare Iron\iron.exe
(SRWare) C:\Program Files\SRWare Iron\iron.exe
(SRWare) C:\Program Files\SRWare Iron\iron.exe
(SRWare) C:\Program Files\SRWare Iron\iron.exe
(Microsoft Corporation) C:\Windows\System32\slui.exe
(Farbar) C:\Users\Marcel\Downloads\FRST (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-663376851-2353010799-268835600-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Marcel\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-663376851-2353010799-268835600-1000\...\Run: [Desura] => C:\Program Files\Desura\desura.exe [2529096 2013-12-15] (Desura Pty Ltd)
HKU\S-1-5-21-663376851-2353010799-268835600-1000\...\MountPoints2: {16a0aa6f-b7e7-11e2-a70d-88ae1d992da5} - E:\setup.exe
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll File Not Found
AppInit_DLLs:  c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll => c:\progra~2\bitguard\271832~1.68\{c16c1~1\bitguard.dll File Not Found
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
BootExecute: autocheck autochk * aswBoot.exe /M:14604dd08 /dir:"C:\Program Files\AVAST Software\Avast"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66EsTy4QzA5O1whTQJ3RGG2u7Rp8GwCMqLiySS9WbniHRLhoYIRLK15mZXh48V7Gyqow-6LL4HYdphlm0Y5S-kXGe0VETIV6vda80DPLGQG45CPuM7-Rqpr7ZtUxEd0j1I,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=M1FF6239F-826C-40E9-9C11-C45A29F77F70&SearchSource=55&CUI=&UM=5&UP=SP63AABD1E-5FA9-40CC-8915-72C7D55CC63B&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x826D5BAAA0E3CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.golsearch.com/?affID=119995&tt=gc_&babsrc=HP_ss_Btisdt6&mntrId=622A18F46A0C7C1D
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66EsTy4QzA5O1whTQJ3RGG2u7Rp8GwCMqLiySS9WbniHRLhoYIRLK15mZXh48V7Gyqow-6LL4HYdphlm0Y5S-kXGe0VETIV6vda80DPLGQG45CPuM7-Rqpr7ZtUxEd0j1I,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.amaizingsearches.info/?pid=1273&r=2014/04/25&hid=14207138445606467983&lg=EN&cc=DE&unqvl=51
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66EsTy4QzA5O1whTQJ3RGG2u7Rp8GwCMqLiySS9WbniHRLhoYIRLK15mZXh48V7Gyqow-6LL4HYdphlm0Y5S-kXGe0VETIV6vda80DPLGQG45CPuM7-Rqpr7ZtUxEd0j1I,&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66EsTy4QzA5O1whTQJ3RGG2u7Rp8GwCMqLiySS9WbniHRLhoYIRLK15mZXh48V7Gyqow-6LL4HYdphlm0Y5S-kXGe0VETIV6vda80DPLGQG45CPuM7-Rqpr7ZtUxEd0j1I,&q={searchTerms}
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=1273&r=2014/04/25&hid=14207138445606467983&lg=EN&cc=DE&unqvl=51
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=M1FF6239F-826C-40E9-9C11-C45A29F77F70&SearchSource=58&CUI=&UM=5&UP=SP63AABD1E-5FA9-40CC-8915-72C7D55CC63B&q={searchTerms}&SSPV=
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKCmN--NXUfc66EsTy4QzA5O1whTQJ3RGG2u7Rp8GwCMqLiySS9WbniHRLhoYIRLK15mZXh48V7Gyqow-6LL4HYdphlm0Y5S-kXGe0VETIV6vda80DPLGQG45CPuM7-Rqpr7ZtUxEd0j1I,&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=M1FF6239F-826C-40E9-9C11-C45A29F77F70&SearchSource=58&CUI=&UM=5&UP=SP63AABD1E-5FA9-40CC-8915-72C7D55CC63B&q={searchTerms}&SSPV=
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=1273&r=2014/04/25&hid=14207138445606467983&lg=EN&cc=DE&unqvl=51
BHO: Plus-HD-2.3 -> {11111111-1111-1111-1111-110311341126} -> C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD)
BHO: SmartbarInternetExplorerBHOEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Wajam -> {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} -> C:\Program Files\Wajam\IE\priam_bho.dll (Wajam)
BHO: DealPly Shopping -> {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} -> C:\Program Files\DealPly\DealPlyIE.dll No File
BHO: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files\Delta\delta\1.8.16.16\bh\delta.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} ->  No File
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @esn.me/esnsonar,version=0.70.4 - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin: @esn/esnlaunch,version=2.1.7 - C:\Program Files\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=3 - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin: @tools.dpliveupdate.com/DealPlyLive Update;version=9 - C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Marcel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-01]

Chrome: 
=======
CHR StartupUrls: "hxxp://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-01]
CHR Extension: (Google Drive) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-01]
CHR Extension: (YouTube) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-01]
CHR Extension: (Google-Suche) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-01]
CHR Extension: (avast! Online Security) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-01]
CHR Extension: (Google Wallet) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-01]
CHR Extension: (Google Mail) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
S2 dealplylive; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000 2013-06-19] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000 2013-06-19] (DealPly Technologies Ltd)
S3 Desura Install Service; C:\Program Files\Common Files\Desura\desura_service.exe [131912 2013-12-15] (Desura Pty Ltd)
R2 LPTSystemUpdater; C:\Program Files\LPT\srpts.exe [35096 2014-03-09] ()
S3 npggsvc; C:\Windows\system32\GameMon.des [4868640 2013-08-25] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-08-31] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [85776 2012-12-16] (SANDBOXIE L.T.D)
R2 Update glindorus; C:\Program Files\glindorus\updateglindorus.exe [323360 2014-08-01] ()
R2 Util glindorus; C:\Program Files\glindorus\bin\utilglindorus.exe [323360 2014-08-01] ()
R2 WajamUpdater; C:\Program Files\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-06-07] () [File not signed]
S3 apf005; C:\Windows\system32\apf005.sys [14160 2014-05-17] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-08-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-01] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-01] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-05-09] (DT Soft Ltd)
R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [84096 2014-01-01] (Eugene V. Muzychenko)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [25280 2014-02-23] (LogMeIn, Inc.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [157776 2012-12-16] (SANDBOXIE L.T.D)
R1 {26d264d2-014c-4f07-bf2c-ebf9aed40cef}w; C:\Windows\System32\drivers\{26d264d2-014c-4f07-bf2c-ebf9aed40cef}w.sys [52920 2014-04-24] (StdLib)
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S1 unjbqhsi; \??\C:\Windows\system32\drivers\unjbqhsi.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 06:14 - 2014-08-01 06:15 - 00017681 _____ () C:\Users\Marcel\Downloads\FRST.txt
2014-08-01 06:14 - 2014-08-01 06:14 - 00000000 ____D () C:\FRST
2014-08-01 06:13 - 2014-08-01 06:13 - 01084928 _____ (Farbar) C:\Users\Marcel\Downloads\FRST (1).exe
2014-08-01 06:10 - 2014-08-01 06:11 - 01083476 _____ () C:\Users\Marcel\Downloads\FRST.exe
2014-08-01 05:57 - 2014-08-01 05:57 - 00000448 _____ () C:\Users\Marcel\Downloads\defogger_disable.log
2014-08-01 05:57 - 2014-08-01 05:57 - 00000000 _____ () C:\Users\Marcel\defogger_reenable
2014-08-01 05:55 - 2014-08-01 05:56 - 00050477 _____ () C:\Users\Marcel\Downloads\Defogger.exe
2014-08-01 04:58 - 2014-08-01 04:58 - 00003408 ____N () C:\bootsqm.dat
2014-08-01 01:42 - 2014-08-01 01:42 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\AVAST Software
2014-08-01 01:40 - 2014-08-01 01:40 - 00002119 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-01 01:40 - 2014-08-01 01:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-01 01:39 - 2014-08-01 01:39 - 00002193 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-01 01:39 - 2014-08-01 01:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 01:37 - 2014-08-01 05:53 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-01 01:37 - 2014-08-01 05:12 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-01 01:37 - 2014-08-01 01:39 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-01 01:37 - 2014-08-01 01:36 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-01 01:37 - 2014-08-01 01:36 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-01 01:37 - 2014-08-01 01:36 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-01 01:37 - 2014-08-01 01:36 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-01 01:37 - 2014-08-01 01:36 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-01 01:37 - 2014-08-01 01:36 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-01 01:37 - 2014-08-01 01:36 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-01 01:36 - 2014-08-01 01:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-01 01:30 - 2014-08-01 01:32 - 91906368 _____ (AVAST Software) C:\Users\Marcel\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-30 19:49 - 2014-07-30 19:49 - 00159144 _____ (Microsoft Corporation) C:\Users\Marcel\Downloads\WindowsActivationUpdate.exe
2014-07-30 10:45 - 2014-07-30 10:45 - 00567048 _____ () C:\Users\Marcel\Downloads\combat-arms.exe
2014-07-26 21:00 - 2014-07-28 03:10 - 00000216 _____ () C:\Users\Marcel\Desktop\Unturned.url
2014-07-24 04:47 - 2014-07-24 04:47 - 00001652 _____ () C:\Users\Marcel\Desktop\Maestia.lnk
2014-07-23 13:15 - 2014-07-25 00:51 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.crazycraft2
2014-07-23 13:13 - 2014-07-24 00:18 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.jurassiccraft
2014-07-23 12:28 - 2014-07-23 12:29 - 02104188 _____ () C:\Users\Marcel\Downloads\SkyBlock2.1.zip
2014-07-23 04:31 - 2014-06-09 10:09 - 02697677 _____ (RichDigits Development) C:\Users\Marcel\Desktop\VoidLauncher.exe
2014-07-23 04:20 - 2014-07-23 13:10 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.crazycraft
2014-07-23 04:11 - 2014-07-25 00:22 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.fellowship
2014-07-23 04:11 - 2014-07-25 00:22 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.electriciansjourney
2014-07-23 04:11 - 2014-07-24 00:18 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.pokepack
2014-07-23 04:11 - 2014-07-23 22:28 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.vanilla1.5.2
2014-07-23 04:11 - 2014-07-23 13:18 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.voidswrath
2014-07-23 04:11 - 2014-07-23 13:18 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.vanilla1.7.2
2014-07-23 04:11 - 2014-07-23 13:14 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.vanilla1.6.4
2014-07-23 04:11 - 2014-07-23 13:14 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.vanilla1.6.2
2014-07-23 04:10 - 2014-07-25 00:52 - 00000000 ____D () C:\VoidLauncher
2014-07-23 04:10 - 2014-07-25 00:22 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.dreamcraft
2014-07-23 04:09 - 2014-07-23 04:10 - 02459959 _____ () C:\Users\Marcel\Downloads\VoidLauncher.zip
2014-07-22 03:45 - 2014-07-30 05:07 - 00000775 _____ () C:\Users\Marcel\Desktop\Vorgangs beschreibung.txt
2014-07-19 21:55 - 2014-07-19 21:55 - 00002272 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-07-19 21:55 - 2014-07-19 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-07-19 21:55 - 2014-07-19 21:55 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-07-19 21:55 - 2014-07-19 21:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-07-19 21:52 - 2014-07-19 21:56 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\DVDVideoSoft
2014-07-19 21:49 - 2014-07-19 21:50 - 29527272 _____ (DVDVideoSoft Ltd. ) C:\Users\Marcel\Downloads\FreeYouTubeToMP3Converter-3.12.42.716.exe
2014-07-18 02:15 - 2014-07-18 02:21 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\RIFT
2014-07-18 02:15 - 2014-07-18 02:15 - 00000000 ____D () C:\Users\Marcel\Documents\RIFT
2014-07-18 02:13 - 2014-07-18 02:13 - 00001811 _____ () C:\Users\Marcel\Desktop\RIFT.lnk
2014-07-18 01:58 - 2014-07-18 02:13 - 00000000 ____D () C:\Program Files\Glyph
2014-07-18 01:58 - 2014-07-18 01:58 - 00000909 _____ () C:\Users\Marcel\Desktop\Glyph.lnk
2014-07-18 01:58 - 2014-07-18 01:58 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Glyph
2014-07-18 01:58 - 2014-07-18 01:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-07-18 01:58 - 2014-07-18 01:58 - 00000000 ____D () C:\ProgramData\Glyph
2014-07-18 01:53 - 2014-07-18 01:55 - 31195760 _____ (Trion Worlds Inc.) C:\Users\Marcel\Downloads\GlyphInstall-0-1.exe
2014-07-17 20:13 - 2014-07-17 20:14 - 05010319 _____ () C:\Users\Marcel\Downloads\Captive-Minecraft-II-Beta1_0.zip
2014-07-17 17:35 - 2014-07-17 17:35 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-10 22:34 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 22:34 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 22:34 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 22:34 - 2014-06-19 01:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 22:34 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 22:34 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 22:34 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 22:34 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 22:34 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 22:34 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 22:34 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 22:34 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 22:34 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 22:34 - 2014-06-19 01:23 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 22:34 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 22:34 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 22:34 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 22:34 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 22:34 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 22:34 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 22:34 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 22:34 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 22:34 - 2014-06-19 00:52 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 22:34 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 22:34 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 22:34 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 22:34 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 22:34 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 22:34 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 22:34 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 19:51 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 19:48 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 19:48 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 19:48 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 19:47 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 20:30 - 2014-07-09 20:30 - 00000015 _____ () C:\Users\Marcel\Desktop\Neues Textdokument (4).txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 06:15 - 2014-08-01 06:14 - 00017681 _____ () C:\Users\Marcel\Downloads\FRST.txt
2014-08-01 06:14 - 2014-08-01 06:14 - 00000000 ____D () C:\FRST
2014-08-01 06:13 - 2014-08-01 06:13 - 01084928 _____ (Farbar) C:\Users\Marcel\Downloads\FRST (1).exe
2014-08-01 06:11 - 2014-08-01 06:10 - 01083476 _____ () C:\Users\Marcel\Downloads\FRST.exe
2014-08-01 06:08 - 2012-12-26 21:44 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Skype
2014-08-01 05:57 - 2014-08-01 05:57 - 00000448 _____ () C:\Users\Marcel\Downloads\defogger_disable.log
2014-08-01 05:57 - 2014-08-01 05:57 - 00000000 _____ () C:\Users\Marcel\defogger_reenable
2014-08-01 05:57 - 2012-12-24 22:21 - 00000000 ____D () C:\Users\Marcel
2014-08-01 05:56 - 2014-08-01 05:55 - 00050477 _____ () C:\Users\Marcel\Downloads\Defogger.exe
2014-08-01 05:53 - 2014-08-01 01:37 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-01 05:38 - 2012-12-27 19:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-01 05:21 - 2014-06-14 04:58 - 00000000 ____D () C:\Program Files\Browsersafeguard
2014-08-01 05:19 - 2013-06-19 21:14 - 00000894 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2014-08-01 05:15 - 2012-12-24 22:14 - 01499262 _____ () C:\Windows\WindowsUpdate.log
2014-08-01 05:14 - 2013-02-22 17:20 - 00000000 ____D () C:\Fraps
2014-08-01 05:13 - 2009-07-14 04:04 - 00000603 _____ () C:\Windows\win.ini
2014-08-01 05:12 - 2014-08-01 01:37 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-01 05:11 - 2013-06-19 21:14 - 00000890 _____ () C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2014-08-01 05:11 - 2013-06-19 21:13 - 00001184 _____ () C:\Windows\Tasks\Plus-HD-2.3-updater.job
2014-08-01 05:11 - 2013-06-19 21:13 - 00001088 _____ () C:\Windows\Tasks\Plus-HD-2.3-enabler.job
2014-08-01 05:11 - 2013-06-19 21:11 - 00001188 _____ () C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job
2014-08-01 05:11 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-01 05:11 - 2009-07-14 06:39 - 00108578 _____ () C:\Windows\setupact.log
2014-08-01 04:58 - 2014-08-01 04:58 - 00003408 ____N () C:\bootsqm.dat
2014-08-01 04:45 - 2009-07-14 06:34 - 00013904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-01 04:45 - 2009-07-14 06:34 - 00013904 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-01 04:43 - 2013-12-14 14:10 - 00000000 ____D () C:\ProgramData\YoutubeAdblocker
2014-08-01 04:43 - 2013-12-14 14:10 - 00000000 ____D () C:\ProgramData\Surf and keeep
2014-08-01 04:43 - 2013-12-14 14:10 - 00000000 ____D () C:\Program Files\YoutubeAdblocker
2014-08-01 04:43 - 2013-12-14 14:10 - 00000000 ____D () C:\Program Files\Surf and keeep
2014-08-01 04:08 - 2013-10-17 23:10 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.minecraft
2014-08-01 02:35 - 2013-11-08 02:24 - 00000000 ____D () C:\Program Files\glindorus
2014-08-01 02:31 - 2012-12-30 22:09 - 00187566 _____ () C:\Windows\PFRO.log
2014-08-01 01:42 - 2014-08-01 01:42 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\AVAST Software
2014-08-01 01:40 - 2014-08-01 01:40 - 00002119 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-01 01:40 - 2014-08-01 01:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-01 01:39 - 2014-08-01 01:39 - 00002193 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-01 01:39 - 2014-08-01 01:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-01 01:39 - 2014-08-01 01:37 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-01 01:38 - 2013-01-05 00:18 - 00000000 ____D () C:\Program Files\Google
2014-08-01 01:36 - 2014-08-01 01:37 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-01 01:36 - 2014-08-01 01:37 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-01 01:36 - 2014-08-01 01:37 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-01 01:36 - 2014-08-01 01:37 - 00071944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-01 01:36 - 2014-08-01 01:37 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-01 01:36 - 2014-08-01 01:37 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-01 01:36 - 2014-08-01 01:37 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-01 01:36 - 2014-08-01 01:36 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-01 01:36 - 2013-01-05 00:16 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-01 01:35 - 2013-01-05 00:16 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-01 01:32 - 2014-08-01 01:30 - 91906368 _____ (AVAST Software) C:\Users\Marcel\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-07-31 21:46 - 2014-02-23 19:13 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Hamachi
2014-07-31 14:34 - 2013-01-12 22:14 - 00000000 ____D () C:\Program Files\Steam
2014-07-30 19:49 - 2014-07-30 19:49 - 00159144 _____ (Microsoft Corporation) C:\Users\Marcel\Downloads\WindowsActivationUpdate.exe
2014-07-30 10:45 - 2014-07-30 10:45 - 00567048 _____ () C:\Users\Marcel\Downloads\combat-arms.exe
2014-07-30 05:07 - 2014-07-22 03:45 - 00000775 _____ () C:\Users\Marcel\Desktop\Vorgangs beschreibung.txt
2014-07-28 03:10 - 2014-07-26 21:00 - 00000216 _____ () C:\Users\Marcel\Desktop\Unturned.url
2014-07-27 20:04 - 2012-12-27 21:39 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\TS3Client
2014-07-27 17:12 - 2013-11-08 02:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 03:01 - 2013-11-08 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 01:11 - 2014-03-11 15:58 - 00000000 ____D () C:\Users\Marcel\AppData\Local\File Viewer
2014-07-25 00:52 - 2014-07-23 04:10 - 00000000 ____D () C:\VoidLauncher
2014-07-25 00:51 - 2014-07-23 13:15 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.crazycraft2
2014-07-25 00:22 - 2014-07-23 04:11 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.fellowship
2014-07-25 00:22 - 2014-07-23 04:11 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.electriciansjourney
2014-07-25 00:22 - 2014-07-23 04:10 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.dreamcraft
2014-07-24 06:37 - 2014-01-22 08:20 - 00000000 ____D () C:\Users\Marcel\Desktop\Musi
2014-07-24 04:47 - 2014-07-24 04:47 - 00001652 _____ () C:\Users\Marcel\Desktop\Maestia.lnk
2014-07-24 04:47 - 2013-01-14 01:55 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-07-24 04:34 - 2013-01-14 01:37 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-07-24 04:34 - 2013-01-13 23:24 - 00000000 ____D () C:\AeriaGames
2014-07-24 00:18 - 2014-07-23 13:13 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.jurassiccraft
2014-07-24 00:18 - 2014-07-23 04:11 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.pokepack
2014-07-23 22:28 - 2014-07-23 04:11 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.vanilla1.5.2
2014-07-23 13:18 - 2014-07-23 04:11 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.voidswrath
2014-07-23 13:18 - 2014-07-23 04:11 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.vanilla1.7.2
2014-07-23 13:14 - 2014-07-23 04:11 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.vanilla1.6.4
2014-07-23 13:14 - 2014-07-23 04:11 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.vanilla1.6.2
2014-07-23 13:10 - 2014-07-23 04:20 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\.crazycraft
2014-07-23 12:29 - 2014-07-23 12:28 - 02104188 _____ () C:\Users\Marcel\Downloads\SkyBlock2.1.zip
2014-07-23 04:10 - 2014-07-23 04:09 - 02459959 _____ () C:\Users\Marcel\Downloads\VoidLauncher.zip
2014-07-19 21:56 - 2014-07-19 21:52 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\DVDVideoSoft
2014-07-19 21:55 - 2014-07-19 21:55 - 00002272 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-07-19 21:55 - 2014-07-19 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-07-19 21:55 - 2014-07-19 21:55 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-07-19 21:55 - 2014-07-19 21:55 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-07-19 21:50 - 2014-07-19 21:49 - 29527272 _____ (DVDVideoSoft Ltd. ) C:\Users\Marcel\Downloads\FreeYouTubeToMP3Converter-3.12.42.716.exe
2014-07-18 13:42 - 2012-12-31 22:50 - 00000000 ____D () C:\Program Files\GameforgeLive
2014-07-18 11:11 - 2012-12-24 22:23 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-18 02:21 - 2014-07-18 02:15 - 00000000 ____D () C:\Users\Marcel\AppData\Roaming\RIFT
2014-07-18 02:15 - 2014-07-18 02:15 - 00000000 ____D () C:\Users\Marcel\Documents\RIFT
2014-07-18 02:13 - 2014-07-18 02:13 - 00001811 _____ () C:\Users\Marcel\Desktop\RIFT.lnk
2014-07-18 02:13 - 2014-07-18 01:58 - 00000000 ____D () C:\Program Files\Glyph
2014-07-18 01:58 - 2014-07-18 01:58 - 00000909 _____ () C:\Users\Marcel\Desktop\Glyph.lnk
2014-07-18 01:58 - 2014-07-18 01:58 - 00000000 ____D () C:\Users\Marcel\AppData\Local\Glyph
2014-07-18 01:58 - 2014-07-18 01:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2014-07-18 01:58 - 2014-07-18 01:58 - 00000000 ____D () C:\ProgramData\Glyph
2014-07-18 01:55 - 2014-07-18 01:53 - 31195760 _____ (Trion Worlds Inc.) C:\Users\Marcel\Downloads\GlyphInstall-0-1.exe
2014-07-17 20:14 - 2014-07-17 20:13 - 05010319 _____ () C:\Users\Marcel\Downloads\Captive-Minecraft-II-Beta1_0.zip
2014-07-17 17:35 - 2014-07-17 17:35 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-14 14:05 - 2013-04-30 11:33 - 00002908 _____ () C:\Windows\Sandboxie.ini
2014-07-14 10:23 - 2013-04-30 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-07-13 02:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-11 16:48 - 2014-05-16 18:58 - 00000000 ____D () C:\Windows\rescache
2014-07-11 13:02 - 2009-07-14 06:33 - 00269680 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 13:00 - 2009-07-14 10:56 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 20:30 - 2014-07-09 20:30 - 00000015 _____ () C:\Users\Marcel\Desktop\Neues Textdokument (4).txt
2014-07-04 14:33 - 2014-01-10 15:42 - 00002280 _____ () C:\Users\Marcel\Desktop\starbound_opengl - Verknüpfung.lnk

Files to move or delete:
====================
C:\ProgramData\hash.dat


Some content of TEMP:
====================
C:\Users\Marcel\AppData\Local\Temp\0cdfb06df40322cf4ae116a6dad91257.dll
C:\Users\Marcel\AppData\Local\Temp\6_Offer_12.exe
C:\Users\Marcel\AppData\Local\Temp\down.4612.assistant_v3.exe
C:\Users\Marcel\AppData\Local\Temp\down.6080.newtab_setup.exe
C:\Users\Marcel\AppData\Local\Temp\f.exe
C:\Users\Marcel\AppData\Local\Temp\ff468bd0dc9eab59998f7dcfce2a6ad5.dll
C:\Users\Marcel\AppData\Local\Temp\jansi-32-git-Bukkit-jenkins-CraftBukkit-173.dll
C:\Users\Marcel\AppData\Local\Temp\jna3977080980415237007.dll
C:\Users\Marcel\AppData\Local\Temp\nsi1268.exe
C:\Users\Marcel\AppData\Local\Temp\nsjDC7F.exe
C:\Users\Marcel\AppData\Local\Temp\nsxEBC3.exe
C:\Users\Marcel\AppData\Local\Temp\nszC95B.exe
C:\Users\Marcel\AppData\Local\Temp\rd.exe
C:\Users\Marcel\AppData\Local\Temp\rtinstaller.exe
C:\Users\Marcel\AppData\Local\Temp\SCC.dll
C:\Users\Marcel\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Marcel\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marcel\AppData\Local\Temp\SPSetup.exe
C:\Users\Marcel\AppData\Local\Temp\SymCCIS.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite10993.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite12120.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite12127.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite12900.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite12940.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite13183.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite13418.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite13672.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite13803.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite13813.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite14011.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite14903.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite15866.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite15871.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite16108.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite16779.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite17953.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite18344.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite19616.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite19735.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite19847.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite20648.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite21489.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite21495.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite23720.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite23847.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite24963.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite27016.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite29245.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite31879.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite31913.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite32116.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite32821.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite33214.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite34861.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite35018.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite35668.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite36017.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite36589.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite36947.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite37354.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite37831.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite39385.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite40322.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite40449.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite40779.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite41495.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite42898.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite45754.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite47335.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite47592.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite49486.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite50623.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite52703.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite53005.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite53025.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite54048.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite54270.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite54495.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite54619.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite54747.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite56004.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite57128.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite58040.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite58508.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite58769.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite59204.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite59369.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite59407.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite60671.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite61524.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite63078.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite63573.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite65033.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite65442.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite65461.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite65698.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite65995.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite66021.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite66549.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite66794.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite67788.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite69269.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite69367.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite70201.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite71003.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite71735.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite71743.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite71855.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite71995.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite74124.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite74397.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite75803.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite76407.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite76474.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite78421.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite78916.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite79687.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite79907.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite79923.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite79951.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite80823.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite81233.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite82284.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite82296.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite83893.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite84017.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite84242.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite84405.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite84697.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite84706.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite84983.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite85895.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite86457.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite86489.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite87267.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite88105.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite88424.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite88613.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite89149.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite89346.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite90456.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite90511.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite91114.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite91469.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite91794.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite92568.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite94345.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite95779.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite96817.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite97230.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite97859.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite98093.dll
C:\Users\Marcel\AppData\Local\Temp\System.Data.SQLite99759.dll
C:\Users\Marcel\AppData\Local\Temp\Tsu65030398.dll
C:\Users\Marcel\AppData\Local\Temp\TsuB4E5A0DF.dll
C:\Users\Marcel\AppData\Local\Temp\TsuB75970D1.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 03:59

==================== End Of Log ============================
         
--- --- ---


defogger_disable by jpshortstuff (23.02.10.1)
Log created at 05:57 on 01/08/2014 (Marcel)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...



GMER Logfile:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-01 06:33:49
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Marcel\AppData\Local\Temp\uwdiypog.sys


---- System - GMER 2.1 ----

SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwAddBootEntry [0x8F481BA6]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwAssignProcessToJobObject [0x8F482684]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwCreateEvent [0x8F48E6F8]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwCreateEventPair [0x8F48E744]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwCreateIoCompletion [0x8F48E8DE]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwCreateMutant [0x8F48E666]
SSDT   \SystemRoot\system32\drivers\aswSP.sys                                                                                         ZwCreateSection [0x8F538DF0]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwCreateSemaphore [0x8F48E6AE]
SSDT   \SystemRoot\system32\drivers\aswSP.sys                                                                                         ZwCreateThread [0x8F539080]
SSDT   \SystemRoot\system32\drivers\aswSP.sys                                                                                         ZwCreateThreadEx [0x8F53916A]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwCreateTimer [0x8F48E898]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwDebugActiveProcess [0x8F483472]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwDeleteBootEntry [0x8F481C0C]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwDuplicateObject [0x8F486C68]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwLoadDriver [0x8F4817F8]
SSDT   \SystemRoot\system32\drivers\aswSP.sys                                                                                         ZwMapViewOfSection [0x8F538ED0]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwModifyBootEntry [0x8F481C72]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwNotifyChangeKey [0x8F48705E]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwNotifyChangeMultipleKeys [0x8F483F5A]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwOpenEvent [0x8F48E722]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwOpenEventPair [0x8F48E766]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwOpenIoCompletion [0x8F48E902]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwOpenMutant [0x8F48E68C]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwOpenProcess [0x8F486560]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwOpenSection [0x8F48E816]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwOpenSemaphore [0x8F48E6D6]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwOpenThread [0x8F48694C]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwOpenTimer [0x8F48E8BC]
SSDT   \SystemRoot\system32\drivers\aswSP.sys                                                                                         ZwProtectVirtualMemory [0x8F538C6E]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwQueryObject [0x8F483DCE]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwQueueApcThreadEx [0x8F483ADC]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwSetBootEntryOrder [0x8F481CD8]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwSetBootOptions [0x8F481D3E]
SSDT   \SystemRoot\system32\drivers\aswSP.sys                                                                                         ZwSetContextThread [0x8F538FCC]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwSetSystemInformation [0x8F481892]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwSetSystemPowerState [0x8F481A64]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwShutdownSystem [0x8F4819F2]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwSuspendProcess [0x8F48363C]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwSuspendThread [0x8F48379E]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwSystemDebugControl [0x8F481AEC]
SSDT   \SystemRoot\system32\drivers\aswSP.sys                                                                                         ZwTerminateProcess [0x8F538D3C]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwTerminateThread [0x8F4832CC]
SSDT   \SystemRoot\system32\drivers\aswSnx.sys                                                                                        ZwVdmControl [0x8F481DA4]
SSDT   \SystemRoot\system32\drivers\aswSP.sys                                                                                         ZwWriteVirtualMemory [0x8F538BA0]

Code   8ED78BFC                                                                                                                       ZwTraceEvent
Code   8ED78BFB                                                                                                                       NtTraceEvent

---- Kernel code sections - GMER 2.1 ----

.text  ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                                                       83042A15 1 Byte  [06]
.text  ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                         8307C212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 10CB                                                                                            83083460 4 Bytes  [A6, 1B, 48, 8F] {CMPSB ; SBB ECX, [EAX-0x71]}
.text  ntkrnlpa.exe!KeRemoveQueueEx + 1153                                                                                            830834E8 4 Bytes  [84, 26, 48, 8F]
.text  ntkrnlpa.exe!KeRemoveQueueEx + 11A7                                                                                            8308353C 8 Bytes  [F8, E6, 48, 8F, 44, E7, 48, ...]
.text  ntkrnlpa.exe!KeRemoveQueueEx + 11B3                                                                                            83083548 4 Bytes  CALL FDCBC495 
.text  ntkrnlpa.exe!KeRemoveQueueEx + 11CF                                                                                            83083564 4 Bytes  [66, E6, 48, 8F]
.text  ...                                                                                                                            
.text  ntkrnlpa.exe!NtTraceEvent                                                                                                      830CCAE2 5 Bytes  JMP 8ED78C00 
PAGE   ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108                                                                                    8323E4EF 4 Bytes  CALL 8F484641 \SystemRoot\system32\drivers\aswSnx.sys
PAGE   ntkrnlpa.exe!NtRequestWaitReplyPort + 2                                                                                        83243B34 5 Bytes  JMP 8ED78D40 
PAGE   ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 2                                                                                     83258237 5 Bytes  JMP 8ED78DE0 
PAGE   ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122                                                                                   83258357 4 Bytes  CALL 8F484657 \SystemRoot\system32\drivers\aswSnx.sys
PAGE   ntkrnlpa.exe!NtRequestPort + 2                                                                                                 832867DD 5 Bytes  JMP 8ED78CA0 

---- User code sections - GMER 2.1 ----

.text  C:\Windows\System32\spoolsv.exe[464] kernel32.dll!GetBinaryTypeW + 70                                                          77426AAC 1 Byte  [62]
.text  C:\Windows\system32\taskhost.exe[472] kernel32.dll!GetBinaryTypeW + 70                                                         77426AAC 1 Byte  [62]
.text  C:\Windows\system32\svchost.exe[492] kernel32.dll!GetBinaryTypeW + 70                                                          77426AAC 1 Byte  [62]
.text  C:\Windows\system32\csrss.exe[536] kernel32.dll!GetBinaryTypeW + 70                                                            77426AAC 1 Byte  [62]
.text  C:\Windows\system32\csrss.exe[600] kernel32.dll!GetBinaryTypeW + 70                                                            77426AAC 1 Byte  [62]
.text  ...                                                                                                                            
.text  C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1692] kernel32.dll!SetUnhandledExceptionFilter                              7740F5AB 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text  C:\Program Files\AVAST Software\Avast\AvastSvc.exe[1692] kernel32.dll!GetBinaryTypeW + 70                                      77426AAC 1 Byte  [62]
.text  C:\Windows\system32\WLANExt.exe[1700] kernel32.dll!GetBinaryTypeW + 70                                                         77426AAC 1 Byte  [62]
.text  C:\Windows\system32\conhost.exe[1708] kernel32.dll!GetBinaryTypeW + 70                                                         77426AAC 1 Byte  [62]
.text  C:\Fraps\fraps.exe[1848] kernel32.dll!GetBinaryTypeW + 70                                                                      77426AAC 1 Byte  [62]
.text  C:\Windows\system32\taskeng.exe[1916] kernel32.dll!GetBinaryTypeW + 70                                                         77426AAC 1 Byte  [62]
.text  ...                                                                                                                            
.text  C:\Program Files\AVAST Software\Avast\avastui.exe[2832] kernel32.dll!SetUnhandledExceptionFilter                               7740F5AB 8 Bytes  [31, C0, C2, 04, 00, 90, 90, ...] {XOR EAX, EAX; RET 0x4; NOP ; NOP ; NOP }
.text  C:\Program Files\AVAST Software\Avast\avastui.exe[2832] kernel32.dll!GetBinaryTypeW + 70                                       77426AAC 1 Byte  [62]
.text  C:\Program Files\glindorus\updateglindorus.exe[2908] KERNEL32.dll!GetBinaryTypeW + 70                                          77426AAC 1 Byte  [62]
.text  C:\Users\Marcel\Downloads\Gmer-19357.exe[3004] kernel32.dll!GetBinaryTypeW + 70                                                77426AAC 1 Byte  [62]
.text  C:\Program Files\glindorus\bin\utilglindorus.exe[3016] KERNEL32.dll!GetBinaryTypeW + 70                                        77426AAC 1 Byte  [62]
.text  C:\Program Files\Wajam\Updater\WajamUpdater.exe[3092] kernel32.dll!GetBinaryTypeW + 70                                         77426AAC 1 Byte  [62]
.text  ...                                                                                                                            

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3E82C9E5-81D7-43F1-8CAD-BED58BD76F80}@LeaseObtainedTime    1406866885
Reg    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3E82C9E5-81D7-43F1-8CAD-BED58BD76F80}@T1                   1406867012
Reg    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3E82C9E5-81D7-43F1-8CAD-BED58BD76F80}@T2                   1406867108
Reg    HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{3E82C9E5-81D7-43F1-8CAD-BED58BD76F80}@LeaseTerminatesTime  1406867140

---- EOF - GMER 2.1 ----
         
--- --- ---
__________________

Alt 01.08.2014, 19:56   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast. - Standard

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.



Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.08.2014, 20:25   #5
MarcelWeißNi
 
Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast. - Standard

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.



Hallo,
Erstmal danke für deine Bemühung, ich habe mir das Programm gedownloadet aber finde in der Uninstallbox nichts, dass den Namen trägt, mache ich etwas falsch? :s Oder muss ich auf irgendwas noch klicken? Tut mir leid für die Umstände ^^


Alt 02.08.2014, 20:22   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast. - Standard

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.



Den Zusatz ATTENTION findest Du im Addition Log von FRST, genau lesen
__________________
--> Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.

Alt 03.08.2014, 01:22   #7
MarcelWeißNi
 
Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast. - Standard

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.



Vielen Dank !
Es funktioniert wieder !! ))
Ihr seid die besten, ich werde euch weiter empfehlen !!! =)

Alt 03.08.2014, 07:10   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast. - Standard

Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.



Wir sind nicht fertig, jetzt bitte Combofix
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.
avast, bedrohungen, bereits, click, container, deaktiviert, frage, freund, gepackt, laggs, langsam, lädt, problem, programm, punkte, scan, schlecht, seite, sekunden, stoppen, stoppt, video, videos, videospinnt, virenscan, virenscann, virus, wenige



Ähnliche Themen: Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast.


  1. Ton am Laptop geht nach Sekunden immer aus (läuft nur über Kopfhörer kostant)
    Netzwerk und Hardware - 15.03.2017 (13)
  2. Nach Download läuft alles sehr sehr langsam, Internet funktioniert nicht, Programme lassen sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 02.09.2015 (3)
  3. nach Virenprüfungen (alles ok) läuft mein Laptop recht unkontrolliert und wird immer viel zu heiß.
    Plagegeister aller Art und deren Bekämpfung - 09.05.2015 (19)
  4. kurzes Stoppen nach jeweils genau 60 Sekunden
    Log-Analyse und Auswertung - 22.02.2015 (14)
  5. PC mit Win 7 friert relativ schnell ein, nach Avast Update und Austragung aus einem mysteriösen Newsletter
    Plagegeister aller Art und deren Bekämpfung - 31.12.2014 (6)
  6. PC LANGSAM und Hängt sich nach paar minuten ins Unendlich auf
    Plagegeister aller Art und deren Bekämpfung - 12.07.2014 (14)
  7. Nach einem Firefox-Update geht hier alles drunter und drüber
    Plagegeister aller Art und deren Bekämpfung - 09.07.2014 (5)
  8. Win7 - aktives Fenster de-selektiert sich nach ein paar Sekunden
    Log-Analyse und Auswertung - 19.04.2014 (28)
  9. Windows lange Reaktionszeit nach dem Start / Chrome lädt Youtube Videos extrem langsam
    Log-Analyse und Auswertung - 16.03.2014 (8)
  10. Internet nach ein paar Downloads total langsam
    Plagegeister aller Art und deren Bekämpfung - 09.02.2014 (1)
  11. McAfee Echtzeit-Scan deaktiviert sich nach ein paar Sekunden automatisch
    Log-Analyse und Auswertung - 30.12.2013 (5)
  12. Windows 8 / neuer Laptop nach paar Tagen sehr langsam geworden!
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (1)
  13. Firefox lädt ein paar Seiten bzw. Videos sehr langsam
    Log-Analyse und Auswertung - 28.03.2012 (1)
  14. Rechner hakt alle paar sekunden, Programme öffnen erst nach mehreren Minuten, JAVA/Stutter.I.1
    Log-Analyse und Auswertung - 01.08.2011 (1)
  15. Bei uTorrent oder Bittorrent stürtzt mein pc nach paar sekunden ab
    Plagegeister aller Art und deren Bekämpfung - 08.11.2009 (1)
  16. Nach Mainboardausbau schaltet das Netzteil nach einigen Sekunden ab
    Netzwerk und Hardware - 22.02.2008 (4)
  17. CPU nach wenigen Sekunden 100%, alles steht
    Log-Analyse und Auswertung - 29.10.2007 (11)

Zum Thema Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast. - Hallo, Ich habe mir die Punkte durchgelesen, die ich zu verfolgen hatte, jedoch hat "Defogger" gesagt, dass sie bereits deaktiviert ist, ich weiß jetzt nicht ob das gut oder schlecht - Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast....
Archiv
Du betrachtest: Videos stoppen nach ein paar Sekunden und alles läuft langsam nach einem Virenscann von Avast. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.