Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows 7 PC friert immer bei minimalster Belastung ein!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.08.2014, 19:15   #1
Mohamed F.
 
Windows 7 PC friert immer bei minimalster Belastung ein! - Standard

Windows 7 PC friert immer bei minimalster Belastung ein!



Habe einen Stand-PC und kämpfe seit 1 Jahr damit, dass er immer nach einiger Zeit einfach so einfriert und auf gar nix mehr reagiert. Hilft nur ein Hard-Reboot.
RAM 4GB
windows 7 32-Bit version
Intel(R) Pentium(R) 4CPU 3,20 GHZ 3,20GHZ Prozessor
Netzteil 1000W
Motherboard von MSI G41M-20
und zusätzlich eine Grafikkarte 1 GB ATI Radeon HD 5400 Series

also kein so schlechter PC trotzdem eine grauenhafte Leistung.

Warum ist das so? Hoffe ich habe nichts vergessen.

Die Datei Ereignisse.txt im Anhang ist von Avira die Log-Dateien.

Danke schon mal im voraus.
Angehängte Dateien
Dateityp: txt Addition.txt (39,5 KB, 154x aufgerufen)
Dateityp: log defogger_disable.log (700 Bytes, 112x aufgerufen)
Dateityp: txt Ereignisse.txt (43,0 KB, 194x aufgerufen)
Dateityp: txt FRST.txt (30,7 KB, 111x aufgerufen)
Dateityp: txt Gmer.txt (8,4 KB, 110x aufgerufen)

Geändert von Mohamed F. (05.08.2014 um 19:32 Uhr)

Alt 05.08.2014, 20:13   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 PC friert immer bei minimalster Belastung ein! - Standard

Windows 7 PC friert immer bei minimalster Belastung ein!



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 05.08.2014, 20:25   #3
Mohamed F.
 
Windows 7 PC friert immer bei minimalster Belastung ein! - Standard

Windows 7 PC friert immer bei minimalster Belastung ein!



Zitat:
Zitat von Mohamed F. Beitrag anzeigen
Habe einen Stand-PC und kämpfe seit 1 Jahr damit, dass er immer nach einiger Zeit einfach so einfriert und auf gar nix mehr reagiert. Hilft nur ein Hard-Reboot.
RAM 4GB
windows 7 32-Bit version
Intel(R) Pentium(R) 4CPU 3,20 GHZ 3,20GHZ Prozessor
Netzteil 1000W
Motherboard von MSI G41M-20
und zusätzlich eine Grafikkarte 1 GB ATI Radeon HD 5400 Series

also kein so schlechter PC trotzdem eine grauenhafte Leistung.

Warum ist das so? Hoffe ich habe nichts vergessen.

Die Datei Ereignisse.txt im Anhang ist von Avira die Log-Dateien.

Danke schon mal im voraus.
DEFOGGER:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:46 on 05/08/2014 (Eman)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
         
FSRT:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:2-08-2014
Ran by Eman (administrator) on MOHAMED on 05-08-2014 18:54:09
Running from C:\Users\Eman\Desktop
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
() C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Vimicro) C:\Windows\VM331_STI.exe
(PixArt Imaging Incorporation) C:\Windows\Philips\SPZ2000\GUCI_AVS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files\SensorsViewPro42\svservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [MobileDocuments] => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [Philips Intelligent Agent] => C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe [613792 2008-02-21] (Philips Consumer Electronics)
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [com.apple.dav.bookmarks.daemon] => C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [BitComet] => "C:\Program Files\BitComet\BitComet.exe" /tray
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [b5b3ee2ed23a8038ea5de5e1871ca463] => .. [0 2014-08-05] ()
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [4272640 2012-09-12] (Microsoft Corporation)
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [AppleIEDAV] => C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [TBHostSupport] => "C:\Windows\system32\Rundll32.exe" "C:\Users\Eman\AppData\Local\TBHostSupport\TBHostSupport_0.dll",DLLRunTBHostSupportPlugin <===== ATTENTION
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [PluginsWhiteListing] => "C:\Windows\system32\Rundll32.exe" "C:\Users\Eman\AppData\Local\WhiteListing\PluginsWhiteListing.dll",DLLRunTBWhiteListPlugin <===== ATTENTION
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\Run: [APISupport] => "C:\Windows\system32\Rundll32.exe" "C:\Users\Eman\AppData\Local\TB\APISupport\APISupport.dll",DLLRunAPISupport <===== ATTENTION
HKU\S-1-5-21-404568197-402074635-1120106407-1000\...\MountPoints2: {f606a9d5-eba0-11e1-beb7-806e6f6e6963} - G:\Launch.exe
AppInit_DLLs: c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll => c:\progra~2\browse~1\23796~1.11\{16cdf~1\browse~1.dll File Not Found
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN12856823412143726&UM=2&ctid=CT3297265
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://beta.arabic.arabia.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1F83F136CB7FCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = ar-eg
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5V14633046330&ts=1370888042
URLSearchHook: HKCU - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5V14633046330&ts=1370888042
SearchScopes: HKLM - DefaultScope {4966C1E6-CE62-484E-B049-7955B775D132} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5V14633046330&ts=4325445
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=287&systemid=406&apn_uid=3406133035824709&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKCU - DefaultScope {4966C1E6-CE62-484E-B049-7955B775D132} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265&CUI=UN12856823412143726&UM=2
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=116777&tt=161012_G1838_4212_7&babsrc=SP_ss&mntrId=5cde74720000000000008c89a5337eb1
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5V14633046330&ts=4325445
SearchScopes: HKCU - {4966C1E6-CE62-484E-B049-7955B775D132} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265&CUI=UN12856823412143726&UM=2
SearchScopes: HKCU - {8A29BC7E-08EC-4148-88C9-5EB85386DA98} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYAT&apn_uid=952E5A03-9B54-432F-87C0-96D4B1E22BF3&apn_sauid=86F8E646-36AB-4FF4-9F90-605D2C1F89E6
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://www.bigseekpro.com/search/browser/ipswdownloaderforwindows/{73490698-FB45-4F83-8B8F-F4B441955B4B}?q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=287&systemid=406&apn_uid=3406133035824709&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: BitAccelerator -> {CAC42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\BitAccelerator\BitAccelerator.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Eman\AppData\Roaming\Mozilla\Firefox\Profiles\gmdhcoag.default
FF SearchEngineOrder.1: qvo6
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://trovi.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&CUI=UN52628503715478287&UM=false&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Eman\AppData\Roaming\Mozilla\Firefox\Profiles\gmdhcoag.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Eman\AppData\Roaming\Mozilla\Firefox\Profiles\gmdhcoag.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Eman\AppData\Roaming\Mozilla\Firefox\Profiles\gmdhcoag.default\searchplugins\browsemngr.xml
FF SearchPlugin: C:\Users\Eman\AppData\Roaming\Mozilla\Firefox\Profiles\gmdhcoag.default\searchplugins\dvdvideosofttb-de-customized-web-search.xml
FF SearchPlugin: C:\Users\Eman\AppData\Roaming\Mozilla\Firefox\Profiles\gmdhcoag.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\Eman\AppData\Roaming\Mozilla\Firefox\Profiles\gmdhcoag.default\searchplugins\SweetIM Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Eman\AppData\Roaming\Mozilla\Firefox\Profiles\gmdhcoag.default\Extensions\staged [2014-06-05]
FF Extension: DVDVideoSoftTB DE  - C:\Users\Eman\AppData\Roaming\Mozilla\Firefox\Profiles\gmdhcoag.default\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} [2014-06-05]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Eman\AppData\Roaming\Mozilla\Firefox\Profiles\gmdhcoag.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: BitAccelerator - C:\Program Files\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-02-01]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-01]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-01]
FF HKLM\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-09-09]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-07-06]

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3297265&SearchSource=48&CUI=UN29234806212854425&UM=2
CHR RestoreOnStartup: "hxxp://search.conduit.com/?ctid=CT3297265&SearchSource=48&CUI=UN29234806212854425&UM=2"
CHR Extension: (No Name) - C:\Users\Eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkoahcaobjbihehldfimhblmhgalcipm [2013-06-24]
CHR Extension: (No Name) - C:\Users\Eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-04-23]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-04-23]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Eman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-23]
CHR HKLM\...\Chrome\Extension: [hkoahcaobjbihehldfimhblmhgalcipm] - C:\Users\Eman\AppData\Local\CRE\hkoahcaobjbihehldfimhblmhgalcipm.crx [2013-06-02]
CHR HKLM\...\Chrome\Extension: [hphibigbodkkohoglgfkddblldpfohjl] - C:\Program Files\TorrentHandler\TorrentHandler.crx [2012-10-04]
CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-09]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx [2013-05-06]
CHR HKLM\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files\1ClickDownload\oneclickdownloader12.crx [2013-05-06]
CHR HKCU\...\Chrome\Extension: [hkoahcaobjbihehldfimhblmhgalcipm] - C:\Users\Eman\AppData\Local\CRE\hkoahcaobjbihehldfimhblmhgalcipm.crx [2013-06-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Eman\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-01]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACPService; C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe [687104 2010-08-26] () [File not signed]
S2 AntiVirFirewallService; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [1043024 2014-07-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [801872 2014-07-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-26] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1677648 2014-02-04] (LogMeIn Inc.)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [101528 2007-04-13] () [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [375056 2014-02-04] (LogMeIn, Inc.)
R2 SensorsVService; C:\Program Files\SensorsViewPro42\svservice.exe [935424 2011-12-02] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 avfwim; C:\Windows\System32\DRIVERS\avfwim.sys [92448 2013-02-12] (Avira GmbH)
R1 avfwot; C:\Windows\System32\DRIVERS\avfwot.sys [113024 2013-02-12] (Avira GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-04] (Avira Operations GmbH & Co. KG)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 GUCI_AVS; C:\Windows\System32\DRIVERS\GUCI_AVS.sys [574848 2010-06-10] (PixArt Imaging Incorporation)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 NTIOLib_1_0_5; C:\Program Files\MSI\OverclockingCenter\NTIOLib.sys [7680 2010-12-20] (MSI) [File not signed]
R1 sensorsview; C:\Program Files\SensorsViewPro42\drv\sensorsview32.sys [14416 2008-07-26] (OpenLibSys.org)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2012-09-04] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
S3 MSI_MSIBIOS_010507; \??\C:\Program Files\MSI\Live Update 5\msibios32_100507.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files\MSI\Live Update 5\NTIOLib.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-05 18:54 - 2014-08-05 18:54 - 00025460 _____ () C:\Users\Eman\Desktop\FRST.txt
2014-08-05 18:53 - 2014-08-05 18:54 - 00000000 ____D () C:\FRST
2014-08-05 18:46 - 2014-08-05 18:46 - 00000700 _____ () C:\Users\Eman\Desktop\defogger_disable.log
2014-08-05 18:46 - 2014-08-05 18:46 - 00000176 _____ () C:\Users\Eman\defogger_reenable
2014-08-05 18:31 - 2014-08-05 18:31 - 00380416 _____ () C:\Users\Eman\Desktop\Gmer-19357.exe
2014-08-05 18:30 - 2014-08-05 18:30 - 01084928 _____ (Farbar) C:\Users\Eman\Desktop\FRST.exe
2014-08-05 18:30 - 2014-08-05 18:30 - 00050477 _____ () C:\Users\Eman\Desktop\Defogger.exe
2014-08-05 18:04 - 2014-08-05 18:49 - 00000372 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Eman.job
2014-08-05 18:04 - 2014-08-05 18:48 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Eman.job
2014-08-05 18:04 - 2014-08-05 18:48 - 00000362 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Eman.job
2014-07-26 22:25 - 2014-07-26 22:25 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-05 18:54 - 2014-08-05 18:54 - 00025460 _____ () C:\Users\Eman\Desktop\FRST.txt
2014-08-05 18:54 - 2014-08-05 18:53 - 00000000 ____D () C:\FRST
2014-08-05 18:53 - 2012-08-21 16:54 - 00798886 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-05 18:52 - 2012-08-21 16:47 - 02027231 _____ () C:\Windows\WindowsUpdate.log
2014-08-05 18:49 - 2014-08-05 18:04 - 00000372 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Eman.job
2014-08-05 18:49 - 2012-11-22 16:36 - 00000000 ____D () C:\Users\Eman\Tracing
2014-08-05 18:49 - 2012-09-23 15:23 - 00000000 ____D () C:\Users\Eman\AppData\Roaming\Skype
2014-08-05 18:48 - 2014-08-05 18:04 - 00000366 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Eman.job
2014-08-05 18:48 - 2014-08-05 18:04 - 00000362 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Eman.job
2014-08-05 18:48 - 2014-06-05 14:33 - 00000000 ____D () C:\Users\Eman\AppData\Local\LogMeIn Hamachi
2014-08-05 18:48 - 2012-09-09 19:21 - 00000822 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-05 18:48 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-05 18:48 - 2009-07-14 06:39 - 00117459 _____ () C:\Windows\setupact.log
2014-08-05 18:46 - 2014-08-05 18:46 - 00000700 _____ () C:\Users\Eman\Desktop\defogger_disable.log
2014-08-05 18:46 - 2014-08-05 18:46 - 00000176 _____ () C:\Users\Eman\defogger_reenable
2014-08-05 18:46 - 2012-08-21 16:49 - 00000000 ____D () C:\Users\Eman
2014-08-05 18:34 - 2009-07-14 06:34 - 00017408 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-05 18:34 - 2009-07-14 06:34 - 00017408 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-05 18:33 - 2012-09-09 19:21 - 00000826 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-05 18:31 - 2014-08-05 18:31 - 00380416 _____ () C:\Users\Eman\Desktop\Gmer-19357.exe
2014-08-05 18:30 - 2014-08-05 18:30 - 01084928 _____ (Farbar) C:\Users\Eman\Desktop\FRST.exe
2014-08-05 18:30 - 2014-08-05 18:30 - 00050477 _____ () C:\Users\Eman\Desktop\Defogger.exe
2014-08-05 18:04 - 2012-08-21 21:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-26 22:25 - 2014-07-26 22:25 - 00000000 ____D () C:\Program Files\iPod
2014-07-26 22:25 - 2014-06-05 15:47 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-07-26 22:25 - 2014-02-01 21:00 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-26 22:25 - 2012-09-23 14:02 - 00000000 ____D () C:\Program Files\iTunes
2014-07-26 22:12 - 2013-05-06 13:39 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-26 22:12 - 2012-11-06 17:06 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-26 21:59 - 2012-08-21 21:32 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-26 21:59 - 2012-08-21 21:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-26 20:20 - 2012-09-04 01:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-26 20:04 - 2014-06-27 20:24 - 00000000 ____D () C:\Windows\system32\MpEngineStore
2014-07-23 10:52 - 2012-08-21 19:19 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\Eman\jagex_cl_oldschool_LIVE.dat
C:\Users\Eman\jagex_cl_runescape_LIVE.dat
C:\Users\Eman\jagex_cl_runescape_LIVE1.dat
C:\Users\Eman\random.dat


Some content of TEMP:
====================
C:\Users\Eman\AppData\Local\Temp\avgnt.exe
C:\Users\Eman\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.2-R1.0-b2788jnks.dll
C:\Users\Eman\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-02-01 17:41

==================== End Of Log ============================
         
--- --- ---

--- --- ---


ADDITION:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:2-08-2014
Ran by Eman at 2014-08-05 18:56:02
Running from C:\Users\Eman\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: FireWall (Disabled) {753F9273-B322-2907-AC37-03D0F1702F22}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 3.2.1.28086 - BitTorrent Inc.)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe AIR (Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.7.637 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 2.00.0002 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{B9BA9CC8-B0A2-00C8-780E-B82A066E48C6}) (Version: 8.0.873.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70405.2224 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Internet Security (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
avira_internet_security_en 2013 (HKLM\...\avira_internet_security_en 2013) (Version: 2013 - Avira)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon iP2600 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2600_series) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
iFunbox (v2.1.2228.731), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.1.2228.731 - )
IMVU Avatar Chat Software (HKCU\...\IMVU Avatar chat client software BETA) (Version:  - )
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket (HKLM\...\{611ED207-22E5-4543-B9D3-E73096759A4F}) (Version: 2.0.100.0 - The LEGO Group)
LEGO MINDSTORMS NXT Driver (HKLM\...\{D30E4145-9120-4497-AD35-F78482C3CF88}) (Version: 1.17.770 - LEGO)
LEGO MINDSTORMS NXT Migration Package (HKLM\...\{6C1D47CC-682C-4673-8CA8-DEE659628599}) (Version: 1.2.8.0 - LEGO)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (HKLM\...\Mozilla Firefox 26.0 (x86 de)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
OverclockingCenter (HKLM\...\OverclockingCenter_is1) (Version:  - MSI, Inc.)
Philips CamSuite (HKLM\...\{E6C773DF-41C4-4A4F-B6C5-7830FF10342F}) (Version: 2.0.15.0 - Philips)
Philips Intelligent Agent (HKLM\...\Philips Intelligent Agent_is1) (Version: 2.2 - Philips)
Philips SPZ2500, SPZ2000 WebCam (HKLM\...\{75F6C4E0-05CB-45D0-B22F-17130CFE8628}) (Version: 2.03.000 - Philips)
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PIXMA Extended Survey Program (HKLM\...\CANONIJPLM100) (Version:  - )
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SensorsView Pro 4.2 (HKLM\...\SensorsView Pro 4.2) (Version:  - STV Software)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.de-de_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
You and Me 2 CD-ROM (HKLM\...\{72DFA8DB-B957-422A-AB23-1B975EE9E853}) (Version: 1.10.0000 - Langenscheidt - Longman)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-404568197-402074635-1120106407-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Eman\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-404568197-402074635-1120106407-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-404568197-402074635-1120106407-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Eman\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-404568197-402074635-1120106407-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-404568197-402074635-1120106407-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-404568197-402074635-1120106407-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Eman\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll (Microsoft Corporation)

==================== Restore Points  =========================

27-05-2014 16:43:30 Installed Java 7 Update 55
27-05-2014 17:27:44 Wiederherstellungspunkt
05-06-2014 12:42:58 Windows Update
05-06-2014 14:13:12 Windows Update
27-06-2014 14:32:55 Windows Update
27-06-2014 18:20:55 Windows Update
29-06-2014 15:46:05 Windows Update
26-07-2014 18:11:13 Windows Update
05-08-2014 16:15:31 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2013-04-15 21:32 - 00000975 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10E1918B-6813-4B6D-97DD-995F081028C1} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files\Desk 365\desk365.exe <==== ATTENTION
Task: {1392FFF9-816E-4AE8-903B-12EA31087551} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-26] (Adobe Systems Incorporated)
Task: {29881A12-342B-425B-BB1F-4954ACB44430} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-09] (Google Inc.)
Task: {3AB0E868-9BF6-4453-8B8D-9B94F2E31BA2} - System32\Tasks\RNUpgradeHelperResumePrompt_Eman => C:\Users\Eman\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-07-26] (RealNetworks, Inc.)
Task: {4788CB96-7D66-4BE9-82A2-9E4259F01D82} - System32\Tasks\ReclaimerUpdateFiles_Eman => C:\Users\Eman\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-07-26] (RealNetworks, Inc.)
Task: {4D7BC209-26DC-4357-B17E-9211E8CD0879} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {6AC5EB55-B4B9-4CA3-9CFC-52238067C310} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-404568197-402074635-1120106407-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {76385060-C434-4FD5-926B-53BF43217D68} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {991F050E-1E5D-4AB9-A1DA-248C9268C95C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-09] (Google Inc.)
Task: {9AF37174-AC06-42D4-A4BD-5E4EAA3051D5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-404568197-402074635-1120106407-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {9C8ADAB2-9B03-4A0C-89BF-42D3661F0F41} - System32\Tasks\RNUpgradeHelperLogonPrompt_Eman => C:\Users\Eman\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-07-26] (RealNetworks, Inc.)
Task: {A8979852-00CD-4263-9048-C5A315FDD975} - System32\Tasks\Go for FilesUpdate => C:\Program Files\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {B0E569FC-9AB3-4086-A9C6-528CB7E221DA} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files\real\realplayer\Update\realsched.exe [2012-09-09] (RealNetworks, Inc.)
Task: {B3F18D7D-8DF7-4565-ABA5-E5F562056D50} - System32\Tasks\ReclaimerUpdateXML_Eman => C:\Users\Eman\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-07-26] (RealNetworks, Inc.)
Task: {DF407F9A-ADEC-4C62-8102-29DB7962916F} - System32\Tasks\YourFile Update => C:\Program Files\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {E0B3AB42-6596-475E-8133-65B02C98F072} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Eman.job => C:\Users\Eman\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Eman.job => C:\Users\Eman\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Eman.job => C:\Users\Eman\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-08-26 15:53 - 2010-08-26 15:53 - 00687104 _____ () C:\Program Files\Philips\CamSuite\2.0.15.0\ACPService.exe
2010-08-26 15:51 - 2010-08-26 15:51 - 00315904 _____ () C:\Program Files\Philips\CamSuite\2.0.15.0\Common.dll
2010-08-26 15:54 - 2010-08-26 15:54 - 00358400 _____ () C:\PROGRAM FILES\PHILIPS\CAMSUITE\2.0.15.0\Resources.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-02-13 04:37 - 2013-02-13 04:37 - 01263952 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2012-09-10 21:32 - 2007-04-13 17:49 - 00101528 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2011-12-02 20:38 - 2011-12-02 20:38 - 00935424 _____ () C:\Program Files\SensorsViewPro42\svservice.exe
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
2012-04-05 21:00 - 2012-04-05 21:00 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-05 18:32 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-08-05 18:32 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-08-05 18:32 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-08-05 18:32 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-08-05 18:32 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-08-05 18:32 - 2014-07-15 11:24 - 14664008 _____ () C:\Program Files\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2014 10:25:24 PM) (Source: MsiInstaller) (EventID: 11719) (User: MOHAMED)
Description: Produkt: iTunes -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn Windows im abgesicherten Modus ausgeführt wird oder wenn der Windows Installer nicht korrekt installiert wurde. Setzen Sie sich mit dem Supportpersonal in Verbindung, um weitere Unterstützung zu erhalten.

Error: (07/26/2014 10:21:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SoftwareUpdate.exe version 2.1.3.127 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: dbc

Start Time: 01cfa90324c289f5

Termination Time: 10

Application Path: C:\Program Files\Apple Software Update\SoftwareUpdate.exe

Report Id:

Error: (07/26/2014 08:46:10 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004F050
Partial Pkey=B4G7M
ACID=?
Detailed Error[?]

Error: (07/26/2014 08:27:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: DivXUpdate.exe, version: 1.0.6.88, time stamp: 0x511afc59
Faulting module name: netprofm.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bda75
Exception code: 0xc0000005
Fault offset: 0x6d032505
Faulting process id: 0xd38
Faulting application start time: 0xDivXUpdate.exe0
Faulting application path: DivXUpdate.exe1
Faulting module path: DivXUpdate.exe2
Report Id: DivXUpdate.exe3

Error: (07/26/2014 08:12:37 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: Installation of the Proof of Purchase failed. 0xC004F050
Partial Pkey=B4G7M
ACID=?
Detailed Error[?]

Error: (06/29/2014 05:42:36 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed.  Contact your technical support group.  System Error 1612.

Error: (06/27/2014 07:05:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 Mohamed.local. AAAA FE80:0000:0000:0000:A5C3:7E9A:97B8:9EC8

Error: (06/27/2014 07:05:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.3:5353   16 Mohamed.local. AAAA FE80:0000:0000:0000:0C3F:19BE:56C0:0688

Error: (06/27/2014 07:05:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 Mohamed.local. Addr 10.0.0.4

Error: (06/27/2014 07:05:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.3:5353   16 Mohamed.local. AAAA FE80:0000:0000:0000:0C3F:19BE:56C0:0688


System errors:
=============
Error: (08/05/2014 06:47:14 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}

Error: (07/26/2014 10:23:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Echtzeit-Scanner service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (07/26/2014 10:22:52 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (07/26/2014 10:22:51 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5

Error: (07/26/2014 08:44:19 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email Schutz service terminated with service-specific error %%1.

Error: (07/26/2014 08:44:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Browser-Schutz service terminated with service-specific error %%1.

Error: (07/26/2014 08:42:36 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email Schutz service terminated with service-specific error %%1.

Error: (07/26/2014 08:42:35 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Browser-Schutz service terminated with service-specific error %%1.

Error: (07/26/2014 08:41:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 08:35:04 م on ‏26/‏07/‏2014 was unexpected.

Error: (07/26/2014 08:05:43 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email Schutz service terminated with service-specific error %%1.


Microsoft Office Sessions:
=========================
Error: (07/26/2014 10:25:24 PM) (Source: MsiInstaller) (EventID: 11719) (User: MOHAMED)
Description: Produkt: iTunes -- Fehler 1719. Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn Windows im abgesicherten Modus ausgeführt wird oder wenn der Windows Installer nicht korrekt installiert wurde. Setzen Sie sich mit dem Supportpersonal in Verbindung, um weitere Unterstützung zu erhalten.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/26/2014 10:21:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SoftwareUpdate.exe2.1.3.127dbc01cfa90324c289f510C:\Program Files\Apple Software Update\SoftwareUpdate.exe

Error: (07/26/2014 08:46:10 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: 0xC004F050B4G7M??

Error: (07/26/2014 08:27:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DivXUpdate.exe1.0.6.88511afc59netprofm.dll_unloaded0.0.0.04a5bda75c00000056d032505d3801cfa8fc711de408C:\Program Files\DivX\DivX Update\DivXUpdate.exenetprofm.dll8db29cfa-14f2-11e4-b6fa-8c89a5337eb1

Error: (07/26/2014 08:12:37 PM) (Source: Software Protection Platform Service) (EventID: 1017) (User: )
Description: 0xC004F050B4G7M??

Error: (06/29/2014 05:42:36 PM) (Source: MsiInstaller) (EventID: 11714) (User: NT AUTHORITY)
Description: Product: LogMeIn Hamachi -- Error 1714. The older version of LogMeIn Hamachi cannot be removed.  Contact your technical support group.  System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/27/2014 07:05:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:   16 Mohamed.local. AAAA FE80:0000:0000:0000:A5C3:7E9A:97B8:9EC8

Error: (06/27/2014 07:05:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.3:5353   16 Mohamed.local. AAAA FE80:0000:0000:0000:0C3F:19BE:56C0:0688

Error: (06/27/2014 07:05:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing:    4 Mohamed.local. Addr 10.0.0.4

Error: (06/27/2014 07:05:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 10.0.0.3:5353   16 Mohamed.local. AAAA FE80:0000:0000:0000:0C3F:19BE:56C0:0688


==================== Memory info =========================== 

Percentage of memory in use: 37%
Total physical RAM: 3327.24 MB
Available physical RAM: 2082.04 MB
Total Pagefile: 6652.77 MB
Available Pagefile: 5013.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:63.44 GB) (Free:11.16 GB) NTFS
Drive d: (DRV1_VOL2) (Fixed) (Total:122.73 GB) (Free:97.2 GB) NTFS
Drive e: (DRV1_VOL3) (Fixed) (Total:139.69 GB) (Free:87.98 GB) NTFS
Drive f: (DRV1_VOL4) (Fixed) (Total:139.8 GB) (Free:77.23 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         
GMER:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-05 19:56:13
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2  rev. 0,00MB
Running: Gmer-19357.exe; Driver: C:\Users\Eman\AppData\Local\Temp\awldypow.sys


---- System - GMER 2.1 ----

SSDT            95A537DE                                                                                                                            ZwCreateSection
SSDT            95A537B6                                                                                                                            ZwCreateSymbolicLinkObject
SSDT            95A537BB                                                                                                                            ZwLoadDriver
SSDT            95A537B1                                                                                                                            ZwOpenSection
SSDT            95A537E8                                                                                                                            ZwRequestWaitReplyPort
SSDT            95A537E3                                                                                                                            ZwSetContextThread
SSDT            95A537ED                                                                                                                            ZwSetSecurityObject
SSDT            95A537C0                                                                                                                            ZwSetSystemInformation
SSDT            95A537F2                                                                                                                            ZwSystemDebugControl
SSDT            95A5377F                                                                                                                            ZwTerminateProcess
SSDT            95A5377A                                                                                                                            ZwWriteVirtualMemory

---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                                                            83091A15 1 Byte  [06]
.text           ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                              830CB212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text           ntkrnlpa.exe!KeRemoveQueueEx + 11F7                                                                                                 830D258C 4 Bytes  [DE, 37, A5, 95] {FIDIV WORD [EDI]; MOVSD ; XCHG EBP, EAX}
.text           ntkrnlpa.exe!KeRemoveQueueEx + 11FF                                                                                                 830D2594 4 Bytes  [B6, 37, A5, 95] {MOV DH, 0x37; MOVSD ; XCHG EBP, EAX}
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1313                                                                                                 830D26A8 4 Bytes  [BB, 37, A5, 95]
.text           ntkrnlpa.exe!KeRemoveQueueEx + 13AF                                                                                                 830D2744 4 Bytes  [B1, 37, A5, 95] {MOV CL, 0x37; MOVSD ; XCHG EBP, EAX}
.text           ntkrnlpa.exe!KeRemoveQueueEx + 1553                                                                                                 830D28E8 4 Bytes  [E8, 37, A5, 95]
.text           ...                                                                                                                                 
.text           C:\Windows\system32\DRIVERS\atikmdag.sys                                                                                            section is writeable [0x92603000, 0x3DBAA0, 0xE8000020]

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\tdx \Device\Tcp                                                                                                             avfwot.sys
AttachedDevice  \Driver\tdx \Device\Udp                                                                                                             avfwot.sys
AttachedDevice  \Driver\tdx \Device\RawIp                                                                                                           avfwot.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                    
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                 C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                 0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                 0
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                              0x5E 0x05 0x8F 0x34 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                                           
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                        0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                     0x4E 0xCB 0x98 0xBC ...
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                                      
Reg             HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                0xAF 0xC9 0xCE 0xA8 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                     C:\Program Files\DAEMON Tools Lite\
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                     0x00 0x00 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                     0
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                  0x5E 0x05 0x8F 0x34 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                       
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                            0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                         0x4E 0xCB 0x98 0xBC ...
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                  
Reg             HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                    0xAF 0xC9 0xCE 0xA8 ...
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9C68348A-E0FB-FD0C-06DD-64464303D4EA}                     
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9C68348A-E0FB-FD0C-06DD-64464303D4EA}@halhaajpchnljjck    0x6B 0x61 0x6F 0x68 ...
Reg             HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9C68348A-E0FB-FD0C-06DD-64464303D4EA}@iabnboohfbnbnefjlp  0x6A 0x61 0x6E 0x68 ...

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                                                               sector 0: rootkit-like behavior

---- EOF - GMER 2.1 ----
         
Ereignisse AVIRA:
Code:
ATTFilter
Exportierte Ereignisse:

05.08.2014 19:57 [ProActiv] ProActiv aktiviert
      ProActiv wurde aktiviert.

05.08.2014 19:57 [Echtzeit-Scanner] Echtzeit-Scanner aktiviert
      Echtzeit-Scanner wurde aktiviert.

05.08.2014 19:12 [Echtzeit-Scanner] Echtzeit-Scanner deaktiviert
      Echtzeit-Scanner wurde deaktiviert.

05.08.2014 19:12 [ProActiv] ProActiv deaktiviert
      ProActiv wurde deaktiviert.

05.08.2014 18:49 [ProActiv] ProActiv aktiviert
      ProActiv wurde aktiviert.

05.08.2014 18:49 [Browser-Schutz] Lizenzfehler
      Der Dienst erkannte eine ungültige Lizenz.

05.08.2014 18:49 [Echtzeit-Scanner] Lizenzfehler
      Lizenzfehler

05.08.2014 18:49 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.5.320
      Engine Version:	
      VDF Version:	

05.08.2014 18:49 [Hilfsdienst] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.5.396
      Engine Version:	8.3.22.12
      VDF Version:	8.11.164.30

05.08.2014 18:49 [Hilfsdienst] Lizenzfehler
      Lizenzfehler

05.08.2014 18:48 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.5.320

05.08.2014 18:47 [Planer] Dienst gestoppt
      Der Dienst wurde gestoppt.

05.08.2014 18:47 [Echtzeit-Scanner] Dienst gestoppt
      Der Dienst wurde gestoppt.

05.08.2014 18:43 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Eman\Downloads\Castle Crashers PSN PS3 DUPLEX.exe'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Kazy.324119.29' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50bdae14.qua' 
      verschoben!

05.08.2014 18:43 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\Eman\Downloads\Castle Crashers PSN PS3 DUPLEX (1).exe'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Kazy.324119.29' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '482a81b3.qua' 
      verschoben!

05.08.2014 18:43 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:	886
      Anzahl Verzeichnisse:	0
      Anzahl Malware:	2
      Anzahl Warnungen:	0

05.08.2014 18:43 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Eman\Downloads\Castle Crashers PSN PS3 DUPLEX (1).exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Kazy.324119.29' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

05.08.2014 18:43 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Eman\Downloads\Castle Crashers PSN PS3 DUPLEX.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Kazy.324119.29' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

05.08.2014 18:42 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Eman\Downloads\Castle Crashers PSN PS3 DUPLEX (1).exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Kazy.324119.29' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

05.08.2014 18:42 [Echtzeit-Scanner] Malware gefunden
      In der Datei 'C:\Users\Eman\Downloads\Castle Crashers PSN PS3 DUPLEX.exe'
      wurde ein Virus oder unerwünschtes Programm 'TR/Kazy.324119.29' [trojan] 
      gefunden.
      Ausgeführte Aktion: Zugriff verweigern

05.08.2014 18:11 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:	2639
      Anzahl Verzeichnisse:	0
      Anzahl Malware:	0
      Anzahl Warnungen:	0

05.08.2014 18:10 [Updater] Update nicht ausgeführt
      Das Update von Computer MOHAMED (10.0.0.3) von 
      "hxxp://prempeak.avira-update.com/update" ist fehlgeschlagen.
      Während des Herunterladens ist ein Fehler aufgetreten.
      Es wurden keine neuen Dateien geladen.

05.08.2014 18:09 [Planer] Auftrag gestartet
      Auftrag "Schnelle Systemprüfung"
      wurde erfolgreich gestartet.

05.08.2014 18:09 [Planer] Auftrag gestartet
      Auftrag "Automatisches Update"
      wurde erfolgreich gestartet.

05.08.2014 18:05 [Browser-Schutz] Lizenzfehler
      Der Dienst erkannte eine ungültige Lizenz.

05.08.2014 18:05 [Echtzeit-Scanner] Lizenzfehler
      Lizenzfehler

05.08.2014 18:05 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.5.320
      Engine Version:	
      VDF Version:	

05.08.2014 18:05 [Hilfsdienst] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.5.396
      Engine Version:	8.3.22.12
      VDF Version:	8.11.164.30

05.08.2014 18:05 [Hilfsdienst] Lizenzfehler
      Lizenzfehler

05.08.2014 18:04 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.5.320

26.07.2014 22:25 [Echtzeit-Scanner] Dienst gestoppt
      Der Dienst wurde gestoppt.

26.07.2014 22:25 [Planer] Dienst gestoppt
      Der Dienst wurde gestoppt.

26.07.2014 22:24 [Updater] Update erfolgreich durchgeführt
      Update von Avira Internet Security auf Computer MOHAMED (10.0.0.3) erfolgreich 
      durchgeführt.
      Folgende Dateien wurden von "hxxp://2.20.182.215/update" aktualisiert:
      antivir.oem
      avinet.dll 14.0.5.320
      avipc.dll 14.0.5.320
      avmres.dll 14.0.5.382
      avwinll.dll 14.0.5.320
      cfglib.dll 14.0.5.320
      msgclient.dll 14.0.5.366
      rcimage.dll 14.0.5.320
      rctext.dll 14.0.5.322
      scewxmlw.dll 14.0.5.320
      update.dll 14.0.5.464
      update.exe 14.0.5.452
      updaterc.dll 14.0.5.456
      updgui.dll 14.0.5.396
      updguirc.dll 14.0.5.320
      updrgui.exe 14.0.5.396
      antispam.dll 14.0.5.346
      asata.dll 14.0.5.346
      aecore.dll 8.3.2.2
      aeheur.dll 8.1.4.1166
      aeoffice.dll 8.3.0.14
      aepack.dll 8.4.0.42
      aescn.dll 8.3.2.2
      aescript.dll 8.2.0.12
      aeset.dat 8.3.22.12
      avgntflt.sys 14.0.5.304
      avnetflt.sys 14.0.5.440
      avlode.rdf 14.0.4.42
      about.htm
      avacl.dll 14.0.5.320
      avadmin.exe 14.0.5.366
      avarkt.dll 14.0.5.368
      avbb.dll 14.0.5.320
      avcenter.exe 14.0.5.454
      avconfig.cpl 14.0.5.320
      avconfig.dll 14.0.5.396
      avconfig.exe 14.0.5.396
      avconfigrc.dll 14.0.5.320
      avesvc.dll 14.0.5.396
      avesvcr.dll 14.0.5.320
      avevtlog.dll 14.0.5.320
      avevtrc.dll 14.0.5.320
      avfwres.dll 14.0.5.320
      avfwsvc.exe 14.0.5.366
      avgio.dll 14.0.5.320
      avgnt.exe 14.0.5.396
      avgntflt.cat
      avgntflt.inf
      avgntflt.sys 14.0.5.304
      avguard.exe 14.0.5.320
      avguard.xml 14.0.5.320
      avlode.dll 14.0.5.396
      avmailc.exe 14.0.5.368
      avmailc7.exe 14.0.5.368
      avmailcr.dll 14.0.5.320
      avmaildlgcr.dll 14.0.5.320
      avmcdlg.exe 14.0.5.366
      avnetflt.cat
      avnetflt.inf
      avnetflt.sys 14.0.5.440
      avnotify.dll 14.0.5.320
      avnotify.exe 14.0.5.396
      avpref.dll 14.0.5.320
      avreg.dll 14.0.5.356
      avrep.dll 14.0.5.320
      Repair.dll 14.0.5.376
      Win32APIWrapper.dll 14.0.5.376
      rdf.dll 14.0.5.376
      systemutilities.dll 14.0.5.376
      productutilities.dll 14.0.5.376
      avrestart.exe 14.0.5.396
      avscan.exe 14.0.5.396
      avscanrc.dll 14.0.5.364
      avscplr.dll 14.0.5.376
      avshadow.exe 14.0.5.464
      avsmtp.dll 14.0.5.320
      avupgsvc.exe 14.0.5.320
      avwebg7.exe 14.0.5.430
      avwebgrc.dll 14.0.5.320
      avwebgrd.exe 14.0.5.430
      avwebloader.dll 14.0.5.320
      avwebloader.exe 14.0.5.320
      avwebloadergui.dll 14.0.5.452
      avwmi.dll 14.0.5.336
      avwsc.exe 14.0.5.396
      backup.dll 14.0.5.320
      backup.exe 14.0.5.390
      build.dat 14.0.5.464
      cares.dll 14.0.5.346
      ccavscanex.dll 14.0.5.384
      ccavscanexrc.dll 14.0.5.320
      ccbackup.dll 14.0.5.390
      ccbkuprc.dll 14.0.5.320
      ccev.dll 14.0.5.386
      ccevrc.dll 14.0.5.320
      ccevw.dll 14.0.5.390
      ccfw.dll 14.0.5.396
      ccfwgnt.dll 14.0.5.396
      ccfwitf.dll 14.0.5.320
      ccfwmgt.dll 14.0.5.396
      ccfwmgtrc.dll 14.0.5.320
      ccfwrc.dll 14.0.5.320
      ccgen.dll 14.0.5.396
      ccgenrc.dll 14.0.5.320
      ccgenw.dll 14.0.5.366
      ccgrdrc.dll 14.0.5.320
      ccgrdw.dll 14.0.5.366
      ccguard.dll 14.0.5.396
      cchips.dll 14.0.5.366
      cchipsrc.dll 14.0.5.320
      cclic.dll 14.0.5.396
      cclicrc.dll 14.0.5.320
      cclicw.dll 14.0.5.390
      ccmainrc.dll 14.0.5.320
      ccmgrdrc.dll 14.0.5.320
      ccmguard.dll 14.0.5.396
      ccmsg.dll 14.0.5.396
      ccmsgrc.dll 14.0.5.320
      ccprofil.dll 14.0.5.396
      ccquamgr.dll 14.0.5.390
      ccquarc.dll 14.0.5.320
      ccquaw.dll 14.0.5.396
      ccreporc.dll 14.0.5.320
      ccreport.dll 14.0.5.366
      ccrepow.dll 14.0.5.366
      ccscanrc.dll 14.0.5.320
      ccscanw.dll 14.0.5.390
      ccsched.dll 14.0.5.390
      ccschedw.dll 14.0.5.390
      ccscherc.dll 14.0.5.320
      ccuac.exe 14.0.5.396
      ccupdate.dll 14.0.5.396
      ccupdrc.dll 14.0.5.320
      ccupdw.dll 14.0.5.366
      ccwebtabs.dll 14.0.5.366
      ccwebtabsrc.dll 14.0.5.320
      ccwgrd.dll 14.0.5.396
      ccwgrdrc.dll 14.0.5.320
      ccwgrdw.dll 14.0.5.366
      ccwkrlib.dll 14.0.5.396
      cfgprofile.dll 14.0.5.320
      checkt.exe 14.0.5.320
      extdlgfw.dll 14.0.5.396
      fact.exe 14.0.5.396
      factrc.dll 14.0.5.320
      firewall.dll 14.0.5.320
      fwinst.exe 14.0.5.346
      fwrc.dll 14.0.5.320
      fwstr.dll 14.0.5.320
      gavidb.dll 14.0.5.390
      gpavgio.dll 14.0.5.396
      gpevtlog.dll 14.0.5.366
      gpgavid.dll 14.0.5.338
      gpgen.dll 14.0.5.390
      gpgenrep.dll 14.0.5.366
      gpgrd.dll 14.0.5.366
      gpgui.dll 14.0.5.320
      gpipc.dll 14.0.5.366
      gplegacy.dll 14.0.5.320
      gpschd.dll 14.0.5.320
      grdcore.dll 14.0.5.396
      guardgui.exe 14.0.5.384
      guardmsg.dll 14.0.5.320
      ipmgui.exe 14.0.5.366
      libdb53.dll 14.0.5.320
      libiconv2.dll 14.0.5.346
      libxml2.dll 14.0.5.346
      licmgr.dll 14.0.5.320
      licmgr.exe 14.0.5.396
      luke.dll 14.0.5.336
      lukeres.dll 14.0.5.320
      mapiaddr.exe 14.0.5.366
      mgrs.dll 14.0.5.320
      netnt.dll 14.0.5.320
      onlcfg.dll 14.0.5.320
      pcre.dll 14.0.5.346
      prefix_msg.avr
      rchelp.dll 14.0.5.370
      rcnwload_ar.dll 14.0.5.320
      rcnwload_de.dll 14.0.5.320
      rcnwload_en.dll 14.0.5.320
      rcnwload_es.dll 14.0.5.320
      rcnwload_fr.dll 14.0.5.320
      rcnwload_it.dll 14.0.5.320
      rcnwload_jp.dll 14.0.5.320
      rcnwload_ko.dll 14.0.5.320
      rcnwload_nl.dll 14.0.5.320
      rcnwload_pt.dll 14.0.5.320
      rcnwload_ru.dll 14.0.5.320
      rcnwload_tr.dll 14.0.5.320
      rcnwload_zhcn.dll 14.0.5.320
      rcnwload_zhtw.dll 14.0.5.320
      restartrc.dll 14.0.5.320
      rscdwld.exe 14.0.5.320
      rscdwrc.dll 14.0.5.320
      sched.exe 14.0.5.320
      sched.xml 14.0.5.320
      schedr.dll 14.0.5.320
      setup.dll 14.0.5.322
      setup.exe 14.0.5.448
      setuppending.exe 14.0.5.366
      shlext.dll 14.0.5.320
      sqlite3.dll 14.0.5.320
      usrreq.exe 14.0.5.396
      webcat.dll 14.0.5.336
      webcatrc.dll 14.0.5.320
      webprorc.dll 14.0.5.320
      webprot.dll 14.0.5.464
      wksstats.dll 14.0.5.396
      wl.dll 14.0.5.320
      wsctool.exe 14.0.5.376
      avwin.chm
      aevdf.dat 8.11.164.30
      xbv00044.vdf 8.11.159.102
      xbv00045.vdf 8.11.159.104
      xbv00046.vdf 8.11.159.108
      xbv00047.vdf 8.11.159.112
      xbv00048.vdf 8.11.159.114
      xbv00049.vdf 8.11.159.116
      xbv00050.vdf 8.11.159.118
      xbv00051.vdf 8.11.159.122
      xbv00052.vdf 8.11.159.126
      xbv00053.vdf 8.11.159.148
      xbv00054.vdf 8.11.159.168
      xbv00055.vdf 8.11.159.188
      xbv00056.vdf 8.11.159.210
      xbv00057.vdf 8.11.159.212
      xbv00058.vdf 8.11.159.218
      xbv00059.vdf 8.11.159.220
      xbv00060.vdf 8.11.159.222
      xbv00061.vdf 8.11.159.224
      xbv00062.vdf 8.11.159.226
      xbv00063.vdf 8.11.159.230
      xbv00064.vdf 8.11.159.250
      xbv00065.vdf 8.11.159.252
      xbv00066.vdf 8.11.160.16
      xbv00067.vdf 8.11.160.40
      xbv00068.vdf 8.11.160.42
      xbv00069.vdf 8.11.160.46
      xbv00070.vdf 8.11.160.48
      xbv00071.vdf 8.11.160.50
      xbv00072.vdf 8.11.160.52
      xbv00073.vdf 8.11.160.54
      xbv00074.vdf 8.11.160.58
      xbv00075.vdf 8.11.160.60
      xbv00076.vdf 8.11.160.62
      xbv00077.vdf 8.11.160.66
      xbv00078.vdf 8.11.160.68
      xbv00079.vdf 8.11.160.70
      xbv00080.vdf 8.11.160.72
      xbv00081.vdf 8.11.160.92
      xbv00082.vdf 8.11.160.112
      xbv00083.vdf 8.11.160.130
      xbv00084.vdf 8.11.160.132
      xbv00085.vdf 8.11.160.152
      xbv00086.vdf 8.11.160.154
      xbv00087.vdf 8.11.160.156
      xbv00088.vdf 8.11.160.158
      xbv00089.vdf 8.11.160.160
      xbv00090.vdf 8.11.160.162
      xbv00091.vdf 8.11.160.166
      xbv00092.vdf 8.11.160.168
      xbv00093.vdf 8.11.160.178
      xbv00094.vdf 8.11.160.180
      xbv00095.vdf 8.11.160.182
      xbv00096.vdf 8.11.160.188
      xbv00097.vdf 8.11.160.190
      xbv00098.vdf 8.11.160.194
      xbv00099.vdf 8.11.160.212
      xbv00100.vdf 8.11.160.230
      xbv00101.vdf 8.11.160.232
      xbv00102.vdf 8.11.160.234
      xbv00103.vdf 8.11.160.254
      xbv00104.vdf 8.11.161.16
      xbv00105.vdf 8.11.161.32
      xbv00106.vdf 8.11.161.34
      xbv00107.vdf 8.11.161.52
      xbv00108.vdf 8.11.161.68
      xbv00109.vdf 8.11.161.84
      xbv00110.vdf 8.11.162.2
      xbv00111.vdf 8.11.162.6
      xbv00112.vdf 8.11.162.8
      xbv00113.vdf 8.11.162.10
      xbv00114.vdf 8.11.162.14
      xbv00115.vdf 8.11.162.16
      xbv00116.vdf 8.11.162.18
      xbv00117.vdf 8.11.162.22
      xbv00118.vdf 8.11.162.40
      xbv00119.vdf 8.11.162.42
      xbv00120.vdf 8.11.162.58
      xbv00121.vdf 8.11.162.78
      xbv00122.vdf 8.11.162.94
      xbv00123.vdf 8.11.162.110
      xbv00124.vdf 8.11.162.112
      xbv00125.vdf 8.11.162.130
      xbv00126.vdf 8.11.162.134
      xbv00127.vdf 8.11.162.136
      xbv00128.vdf 8.11.162.152
      xbv00129.vdf 8.11.162.154
      xbv00130.vdf 8.11.162.170
      xbv00131.vdf 8.11.162.172
      xbv00132.vdf 8.11.162.174
      xbv00133.vdf 8.11.162.188
      xbv00134.vdf 8.11.162.192
      xbv00135.vdf 8.11.162.194
      xbv00136.vdf 8.11.162.200
      xbv00137.vdf 8.11.162.204
      xbv00138.vdf 8.11.162.212
      xbv00139.vdf 8.11.162.228
      xbv00140.vdf 8.11.162.244
      xbv00141.vdf 8.11.163.2
      xbv00142.vdf 8.11.163.16
      xbv00143.vdf 8.11.163.20
      xbv00144.vdf 8.11.163.22
      xbv00145.vdf 8.11.163.26
      xbv00146.vdf 8.11.163.28
      xbv00147.vdf 8.11.163.42
      xbv00148.vdf 8.11.163.44
      xbv00149.vdf 8.11.163.56
      xbv00150.vdf 8.11.163.68
      xbv00151.vdf 8.11.163.74
      xbv00152.vdf 8.11.163.78
      xbv00153.vdf 8.11.163.82
      xbv00154.vdf 8.11.163.84
      xbv00155.vdf 8.11.163.86
      xbv00156.vdf 8.11.163.92
      xbv00157.vdf 8.11.163.98
      xbv00158.vdf 8.11.163.100
      xbv00159.vdf 8.11.163.102
      xbv00160.vdf 8.11.163.108
      xbv00161.vdf 8.11.163.112
      xbv00162.vdf 8.11.163.116
      xbv00163.vdf 8.11.163.130
      xbv00164.vdf 8.11.163.142
      xbv00165.vdf 8.11.163.154
      xbv00166.vdf 8.11.163.158
      xbv00167.vdf 8.11.163.164
      xbv00168.vdf 8.11.163.170
      xbv00169.vdf 8.11.163.174
      xbv00170.vdf 8.11.163.176
      xbv00171.vdf 8.11.163.178
      xbv00172.vdf 8.11.163.184
      xbv00173.vdf 8.11.163.186
      xbv00174.vdf 8.11.163.198
      xbv00175.vdf 8.11.163.200
      xbv00176.vdf 8.11.163.212
      xbv00177.vdf 8.11.163.222
      xbv00178.vdf 8.11.163.226
      xbv00179.vdf 8.11.163.230
      xbv00180.vdf 8.11.163.234
      xbv00181.vdf 8.11.163.236
      xbv00182.vdf 8.11.163.238
      xbv00183.vdf 8.11.163.240
      xbv00184.vdf 8.11.163.244
      xbv00185.vdf 8.11.163.246
      xbv00186.vdf 8.11.163.248
      xbv00187.vdf 8.11.163.252
      xbv00188.vdf 8.11.163.254
      xbv00189.vdf 8.11.164.2
      xbv00190.vdf 8.11.164.6
      xbv00191.vdf 8.11.164.8
      xbv00192.vdf 8.11.164.20
      xbv00193.vdf 8.11.164.30
      xbv00194.vdf 8.11.159.102
      xbv00195.vdf 8.11.159.102
      xbv00196.vdf 8.11.159.102
      xbv00197.vdf 8.11.159.102
      xbv00198.vdf 8.11.159.102
      xbv00199.vdf 8.11.159.102
      xbv00200.vdf 8.11.159.102
      xbv00201.vdf 8.11.159.102
      xbv00202.vdf 8.11.159.102
      xbv00203.vdf 8.11.159.102
      xbv00204.vdf 8.11.159.102
      xbv00205.vdf 8.11.159.102
      xbv00206.vdf 8.11.159.102
      xbv00207.vdf 8.11.159.102
      xbv00208.vdf 8.11.159.102
      xbv00209.vdf 8.11.159.102
      xbv00210.vdf 8.11.159.102
      xbv00211.vdf 8.11.159.102
      xbv00212.vdf 8.11.159.102
      xbv00213.vdf 8.11.159.102
      xbv00214.vdf 8.11.159.102
      xbv00215.vdf 8.11.159.102
      xbv00216.vdf 8.11.159.102
      xbv00217.vdf 8.11.159.102
      xbv00218.vdf 8.11.159.102
      xbv00219.vdf 8.11.159.102
      xbv00220.vdf 8.11.159.102
      xbv00221.vdf 8.11.159.102
      xbv00222.vdf 8.11.159.102
      xbv00223.vdf 8.11.159.102
      xbv00224.vdf 8.11.159.102
      xbv00225.vdf 8.11.159.102
      xbv00226.vdf 8.11.159.102
      xbv00227.vdf 8.11.159.102
      xbv00228.vdf 8.11.159.102
      xbv00229.vdf 8.11.159.102
      xbv00230.vdf 8.11.159.102
      xbv00231.vdf 8.11.159.102
      xbv00232.vdf 8.11.159.102
      xbv00233.vdf 8.11.159.102
      xbv00234.vdf 8.11.159.102
      xbv00235.vdf 8.11.159.102
      xbv00236.vdf 8.11.159.102
      xbv00237.vdf 8.11.159.102
      xbv00238.vdf 8.11.159.102
      xbv00239.vdf 8.11.159.102
      xbv00240.vdf 8.11.159.102
      xbv00241.vdf 8.11.159.102
      xbv00242.vdf 8.11.159.102
      xbv00243.vdf 8.11.159.102
      xbv00244.vdf 8.11.159.102
      xbv00245.vdf 8.11.159.102
      xbv00246.vdf 8.11.159.102
      xbv00247.vdf 8.11.159.102
      xbv00248.vdf 8.11.159.102
      xbv00249.vdf 8.11.159.102
      xbv00250.vdf 8.11.159.102
      xbv00251.vdf 8.11.159.102
      xbv00252.vdf 8.11.159.102
      xbv00253.vdf 8.11.159.102
      xbv00254.vdf 8.11.159.102
      xbv00255.vdf 8.11.159.102
      local000.vdf
      webcat0.dat
      webcat1.dat
      webcat2.dat
      webcat3.dat
      webcat4.dat
      repair.rdf 1.0.1.8
      avweb.yml 14.0.5.6

26.07.2014 22:24 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.5.320

26.07.2014 22:24 [ProActiv] ProActiv aktiviert
      ProActiv wurde aktiviert.

26.07.2014 22:24 [Echtzeit-Scanner] Lizenzfehler
      Lizenzfehler

26.07.2014 22:24 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.4.620
      Engine Version:	
      VDF Version:	

26.07.2014 22:24 [Hilfsdienst] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.5.396
      Engine Version:	8.3.22.12
      VDF Version:	8.11.157.100

26.07.2014 22:24 [Hilfsdienst] Lizenzfehler
      Lizenzfehler

26.07.2014 22:23 [Planer] Dienst gestoppt
      Der Dienst wurde gestoppt.

26.07.2014 22:16 [Echtzeit-Scanner] Dienst gestoppt
      Der Dienst wurde gestoppt.

26.07.2014 22:10 [Planer] Auftrag gestartet
      Auftrag "Automatisches Update"
      wurde erfolgreich gestartet.

26.07.2014 20:44 [ProActiv] ProActiv aktiviert
      ProActiv wurde aktiviert.

26.07.2014 20:44 [Echtzeit-Scanner] Lizenzfehler
      Lizenzfehler

26.07.2014 20:44 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.4.620
      Engine Version:	
      VDF Version:	

26.07.2014 20:43 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.4.620

26.07.2014 20:43 [Echtzeit-Scanner] Dienst gestoppt
      Der Dienst wurde gestoppt.

26.07.2014 20:43 [Planer] Dienst gestoppt
      Der Dienst wurde gestoppt.

26.07.2014 20:42 [ProActiv] ProActiv aktiviert
      ProActiv wurde aktiviert.

26.07.2014 20:42 [Echtzeit-Scanner] Lizenzfehler
      Lizenzfehler

26.07.2014 20:42 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.4.620
      Engine Version:	
      VDF Version:	

26.07.2014 20:42 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.4.620

26.07.2014 20:17 [System-Scanner] Suche
      Suchlauf beendet [Der Suchlauf wurde vollständig durchgeführt.].
      Anzahl Dateien:	2676
      Anzahl Verzeichnisse:	0
      Anzahl Malware:	0
      Anzahl Warnungen:	0

26.07.2014 20:14 [Updater] Update nicht ausgeführt
      Das Update von Computer MOHAMED (25.128.231.172) von 
      "hxxp://prempeak.avira-update.com/update" ist fehlgeschlagen.
      Während des Herunterladens ist ein Fehler aufgetreten.
      Es wurden keine neuen Dateien geladen.

26.07.2014 20:10 [Planer] Auftrag gestartet
      Auftrag "Schnelle Systemprüfung"
      wurde erfolgreich gestartet.

26.07.2014 20:10 [Planer] Auftrag gestartet
      Auftrag "Automatisches Update"
      wurde erfolgreich gestartet.

26.07.2014 20:05 [ProActiv] ProActiv aktiviert
      ProActiv wurde aktiviert.

26.07.2014 20:05 [Echtzeit-Scanner] Lizenzfehler
      Lizenzfehler

26.07.2014 20:05 [Echtzeit-Scanner] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version:	14.0.4.620
      Engine Version:	
      VDF Version:	

26.07.2014 20:05 [Planer] Dienst gestartet
      Der Dienst wurde gestartet.
      Dienst Version 14.0.4.620
         
__________________

Alt 06.08.2014, 15:25   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 PC friert immer bei minimalster Belastung ein! - Standard

Windows 7 PC friert immer bei minimalster Belastung ein!



Zitat:
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
Wo is das Windows her?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.08.2014, 15:37   #5
Mohamed F.
 
Windows 7 PC friert immer bei minimalster Belastung ein! - Standard

Windows 7 PC friert immer bei minimalster Belastung ein!



Zitat:
Zitat von schrauber Beitrag anzeigen
Wo is das Windows her?
Von meiner Schule. Die verkaufen uns die Windows Versionen für einen geringeren Preis da wir noch Schüler sind. Bei Computer-->Eigenschaften ist auch der Stern da.


Alt 07.08.2014, 09:47   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 PC friert immer bei minimalster Belastung ein! - Standard

Windows 7 PC friert immer bei minimalster Belastung ein!



und wer hat dann den Crack für die Aktivierung eingebaut?
__________________
--> Windows 7 PC friert immer bei minimalster Belastung ein!

Alt 07.08.2014, 10:52   #7
Mohamed F.
 
Windows 7 PC friert immer bei minimalster Belastung ein! - Standard

Windows 7 PC friert immer bei minimalster Belastung ein!



Zitat:
Zitat von schrauber Beitrag anzeigen
und wer hat dann den Crack für die Aktivierung eingebaut?
also ist das keine Originalverdion von Windows? :-O
Habe gedacht die verkaufen die keine gecrackte Versionen..

Alt 07.08.2014, 17:05   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7 PC friert immer bei minimalster Belastung ein! - Standard

Windows 7 PC friert immer bei minimalster Belastung ein!



Zitat:
127.0.0.1 genuine.microsoft.com
diese Zeile leitet alle Anfragen von WIndows an den Server von Microsoft zur Validierung auf Localhost um, also zurück auf deinen Rechner. Solange es den Anschein hat dass das WIndows nicht legal ist gibt es hier keinen Support.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7 PC friert immer bei minimalster Belastung ein!
anhang, avira, belastung, cpu, datei, einfach, einfriert, einiger, friert, grafikkarte, graue, hilft, hoffe, nichts, pentium, radeon, schlechter, windows, windows 7, zusätzlich



Ähnliche Themen: Windows 7 PC friert immer bei minimalster Belastung ein!


  1. Win7 friert immer bei Webcam benutzung ein
    Log-Analyse und Auswertung - 22.09.2014 (10)
  2. Systemabstürze+Bluescreens bei Belastung, Windows 7, Infekt: Win32,Win64
    Log-Analyse und Auswertung - 22.09.2014 (23)
  3. Windows 8 ; immer langsamer, hängt und friert ein
    Log-Analyse und Auswertung - 29.11.2013 (25)
  4. Labtop friert ein/wird immer langsamer
    Plagegeister aller Art und deren Bekämpfung - 06.04.2013 (4)
  5. Pc friert immer wieder ein oder rebootet
    Log-Analyse und Auswertung - 21.12.2009 (0)
  6. PC Friert immer ein, schon vor dem Windows Start! Hilfe!!
    Alles rund um Windows - 06.12.2009 (39)
  7. Laptop friert ein und CPU immer 100%
    Netzwerk und Hardware - 11.10.2009 (0)
  8. Rechner friert bei Belastung ein - verzweifelt
    Netzwerk und Hardware - 08.09.2009 (25)
  9. PC friert immer öfter ein
    Mülltonne - 11.02.2009 (1)
  10. PC wird immer langsamer und friert ein
    Mülltonne - 20.12.2008 (0)
  11. Pc friert immer ein, auch im abgesicherten Modus
    Plagegeister aller Art und deren Bekämpfung - 16.11.2008 (2)
  12. PC friert immer beim Video abspielen ein und ist immer ausgelastet!!
    Log-Analyse und Auswertung - 25.07.2008 (0)
  13. Pc friert immer ein
    Log-Analyse und Auswertung - 17.06.2008 (9)
  14. Rechner friert immer ein
    Log-Analyse und Auswertung - 04.06.2008 (6)
  15. winxp friert immer wieder für 10 sekunden ein
    Log-Analyse und Auswertung - 11.04.2008 (0)
  16. Internet friert immer ein!!!
    Log-Analyse und Auswertung - 19.09.2007 (12)
  17. Rechner friert immer ein, bin ich infiziert?
    Log-Analyse und Auswertung - 16.02.2005 (6)

Zum Thema Windows 7 PC friert immer bei minimalster Belastung ein! - Habe einen Stand-PC und kämpfe seit 1 Jahr damit, dass er immer nach einiger Zeit einfach so einfriert und auf gar nix mehr reagiert. Hilft nur ein Hard-Reboot. RAM 4GB - Windows 7 PC friert immer bei minimalster Belastung ein!...
Archiv
Du betrachtest: Windows 7 PC friert immer bei minimalster Belastung ein! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.