Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Log-Analyse und Auswertung: Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Seite 1 von 2 1 2
Alt 02.09.2015, 13:12   #1
sweet_cherry
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Hallo liebes Trojaner-Board-Team,

vor zwei Tagen habe ich versucht, von Ariva einen Virenscan durchführern zu lassen. Als ich mir das Ergebnis anschauen wollte habe ich gemerkt, dass das Programm wohl abgestürzt ist oder sich selbst beendet hat. Ich habe erneut einen Scan gestartet, doch nach 15 Stunden waren erst 6,8% durchsucht und über 100 Warnungen gefunden. Daraufhin habe ich Avira de- und wieder neu installiert, doch auch danach hat es nicht funktioniert. Deshalb wende ich mich jetzt an euch.

Zu den Schritten der Vorbereitung:

Schritt 1:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:09 on 02/09/2015 (Margarete)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Schritt 2:

FRST.txt

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Margarete (administrator) on MARGARETE (02-09-2015 12:23:51)
Running from C:\Users\Margarete\Downloads
Loaded Profiles: Margarete (Available Profiles: Margarete)
Platform: Windows 8.1 (X64) Language: Englisch (Großbritannien)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Users\Margarete\AppData\Roaming\Host System\host.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-06] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1238528 2014-04-28] (RemoteMouse.net)
HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\...\Run: [Wunderlist] => "C:\Program Files (x86)\Wunderlist2\Wunderlist.exe" /silent
HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\...\Run: [tubcloud] => C:\Program Files (x86)\tubCloud\tubcloud.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4680942B-65AE-43A9-86A9-1DBD6D85835F}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net
SearchScopes: HKLM -> DefaultScope {E4D45B8F-D367-4CFB-9D5A-7907C795E21E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM -> {E4D45B8F-D367-4CFB-9D5A-7907C795E21E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4080927462-3844598824-2763787523-1001 -> DefaultScope {E4D45B8F-D367-4CFB-9D5A-7907C795E21E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4080927462-3844598824-2763787523-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-4080927462-3844598824-2763787523-1001 -> {E4D45B8F-D367-4CFB-9D5A-7907C795E21E} URL = hxxp://www.startseite24.net/?q={searchTerms}
BHO-x32: No Name -> {269D0B18-45D0-46D0-A644-2D60D928BC7F} -> C:\Users\Margarete\AppData\LocalLow\Internet Explorer BHO\bho.dll [2014-07-23] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [2014-07-24] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\user.js [2014-07-24]
FF SearchPlugin: C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\searchplugins\avira-safesearch.xml [2014-09-29]
FF SearchPlugin: C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\searchplugins\google-images.xml [2014-07-28]
FF SearchPlugin: C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\searchplugins\google-maps.xml [2014-07-28]
FF SearchPlugin: C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\searchplugins\websuche.xml [2015-06-24]
FF Extension: Avira Browser Safety - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\abs@avira.com [2015-08-17]
FF Extension: Foxy Secure - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\contact@fox-security.com [2014-07-24]
FF Extension: Avira SafeSearch Plus - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\safesearchplus@avira.com [2015-09-01]
FF Extension: CHIP Best Deal - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\ciuvo-extension@chip.de.xpi [2015-03-17]
FF Extension: NoScript - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-22]
FF Extension: Adblock Plus - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-24]
FF HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-08-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-06] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-10-25] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-15] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-15] (Dropbox, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 HostService; C:\Users\Margarete\AppData\Roaming\Host System\host.exe [536576 2014-07-23] () [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-08-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-08-06] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-08-06] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-02 12:23 - 2015-09-02 12:24 - 00015680 _____ C:\Users\Margarete\Downloads\FRST.txt
2015-09-02 12:23 - 2015-09-02 12:23 - 00000000 ____D C:\FRST
2015-09-02 12:22 - 2015-09-02 12:22 - 02188800 _____ (Farbar) C:\Users\Margarete\Downloads\FRST64.exe
2015-09-02 12:21 - 2015-09-02 12:22 - 01690624 _____ (Farbar) C:\Users\Margarete\Downloads\FRST.exe
2015-09-02 12:09 - 2015-09-02 12:09 - 00000480 _____ C:\Users\Margarete\Desktop\defogger_disable.log
2015-09-02 12:09 - 2015-09-02 12:09 - 00000000 _____ C:\Users\Margarete\defogger_reenable
2015-09-02 12:08 - 2015-09-02 12:08 - 00050477 _____ C:\Users\Margarete\Desktop\Defogger.exe
2015-09-01 16:00 - 2015-09-01 16:00 - 00000000 ____D C:\Users\Margarete\AppData\Roaming\Avira
2015-09-01 15:56 - 2015-09-01 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2015-09-01 15:56 - 2015-08-06 20:58 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-09-01 15:56 - 2015-08-06 20:58 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-01 15:56 - 2015-08-06 20:58 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-01 15:56 - 2015-08-06 20:58 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-09-01 15:55 - 2015-09-01 15:56 - 00000000 ____D C:\Program Files\RStudio
2015-09-01 15:43 - 2015-09-01 15:53 - 77507680 _____ C:\Users\Margarete\Downloads\RStudio-0.99.473.exe
2015-09-01 15:42 - 2015-09-01 15:42 - 00001054 _____ C:\Users\Public\Desktop\R i386 3.2.2.lnk
2015-09-01 15:42 - 2015-09-01 15:42 - 00001047 _____ C:\Users\Public\Desktop\R x64 3.2.2.lnk
2015-09-01 15:42 - 2015-09-01 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2015-09-01 15:40 - 2015-09-01 15:40 - 00000000 ____D C:\Program Files\R
2015-09-01 15:26 - 2015-09-01 15:36 - 65288451 _____ (R Core Team ) C:\Users\Margarete\Downloads\R-3.2.2-win.exe
2015-09-01 15:17 - 2015-09-01 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-01 15:17 - 2015-09-01 15:55 - 00000000 ____D C:\Program Files (x86)\Avira
2015-09-01 15:17 - 2015-09-01 15:17 - 04772888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Margarete\Downloads\avira_de_av_55e59c48986e6__ws(1).exe
2015-09-01 15:17 - 2015-09-01 15:17 - 00001230 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-09-01 15:14 - 2015-09-01 15:14 - 04772888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Margarete\Downloads\avira_de_av_55e59c48986e6__adw.exe
2015-09-01 14:38 - 2015-09-01 14:39 - 04772888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Margarete\Downloads\avira_de_av_55e59c48986e6__ws.exe
2015-09-01 11:47 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-08-31 12:27 - 2015-08-31 12:29 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Margarete\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-28 20:27 - 2015-08-28 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-22 20:24 - 2015-08-22 20:24 - 00000000 ____D C:\Users\Margarete\AppData\Roaming\PDF Architect 3
2015-08-22 20:21 - 2015-08-31 11:09 - 00000000 ____D C:\ProgramData\PDF Architect 3
2015-08-22 20:17 - 2015-08-22 20:20 - 28754952 _____ (pdfforge GmbH) C:\Users\Margarete\Downloads\PDFCreator-2_1_2-setup.exe
2015-08-22 19:16 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-22 19:16 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-18 12:03 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-18 12:03 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-18 10:36 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-18 10:36 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-18 10:36 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-18 10:36 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-18 10:36 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-18 10:36 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-18 10:36 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-18 10:36 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-18 10:36 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-18 10:36 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-18 10:36 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-18 10:36 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-18 10:36 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-18 10:36 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-18 10:36 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-18 10:36 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-18 10:36 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-18 10:36 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-18 10:36 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-18 10:36 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-18 10:36 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-18 10:36 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-18 10:36 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-18 10:36 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-18 10:36 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-18 10:36 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-18 10:36 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-18 10:36 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-18 10:36 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-18 10:36 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-18 10:36 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-18 10:36 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-18 10:36 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-18 10:36 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-18 10:36 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-18 10:36 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-18 10:36 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-18 10:36 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-18 10:36 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-18 10:36 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-18 10:36 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-18 10:36 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-18 10:35 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-18 10:35 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-18 10:35 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-18 10:35 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-18 10:35 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-18 10:35 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-18 10:35 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-18 10:35 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-18 10:35 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-18 10:35 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-18 10:34 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-18 10:34 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-18 10:34 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-18 10:34 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-18 10:34 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-18 10:34 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-18 10:34 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-18 10:34 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-18 10:34 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-18 10:34 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-18 10:34 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-18 10:33 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-18 10:33 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-18 10:33 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-18 10:33 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-18 10:33 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-18 10:33 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-18 10:33 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-18 10:33 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-18 10:33 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-18 10:33 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-18 10:33 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-18 10:33 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-18 10:33 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-18 10:33 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-18 10:30 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-18 10:30 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-18 10:30 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-18 10:30 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-18 10:29 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-18 10:29 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-18 10:29 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-18 10:29 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-18 10:29 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-18 10:29 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-18 10:29 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-18 10:29 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-17 17:30 - 2015-08-17 17:30 - 00001530 _____ C:\Users\Margarete\AppData\Local\recently-used.xbel
2015-08-06 15:26 - 2015-08-06 15:26 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-06 15:26 - 2015-08-06 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-06 15:25 - 2015-08-06 15:26 - 00000000 ____D C:\Program Files\iTunes
2015-08-06 15:25 - 2015-08-06 15:25 - 00000000 ____D C:\Program Files\iPod
2015-08-06 15:25 - 2015-08-06 15:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-06 14:57 - 2015-08-06 15:16 - 155875632 _____ (Apple Inc.) C:\Users\Margarete\Downloads\iTunes6464Setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-02 12:17 - 2014-07-24 17:00 - 01204253 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-02 12:10 - 2014-07-24 17:30 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4080927462-3844598824-2763787523-1001
2015-09-02 12:09 - 2014-07-24 17:07 - 00000000 ____D C:\Users\Margarete
2015-09-02 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-02 11:58 - 2014-07-24 17:27 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AFE74C98-7B23-4051-A7D7-CF7230CE9F7D}
2015-09-01 20:31 - 2015-07-15 16:20 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-01 15:55 - 2014-07-24 20:51 - 00000000 ____D C:\ProgramData\Avira
2015-09-01 15:20 - 2015-06-10 23:10 - 00000000 ____D C:\Program Files (x86)\R-Studio
2015-09-01 15:17 - 2014-08-24 12:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-01 15:00 - 2014-09-27 19:18 - 00443392 ___SH C:\Users\Margarete\Downloads\Thumbs.db
2015-09-01 12:06 - 2015-07-15 16:29 - 00000000 ___RD C:\Users\Margarete\Dropbox
2015-09-01 12:06 - 2014-06-12 14:16 - 00000000 ___DO C:\Users\Margarete\SkyDrive
2015-09-01 12:05 - 2015-07-15 16:20 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-01 12:05 - 2015-06-21 14:18 - 00000000 ____D C:\Users\Margarete\AppData\Local\Dropbox
2015-09-01 12:04 - 2014-07-24 16:53 - 00380334 _____ C:\WINDOWS\PFRO.log
2015-09-01 12:04 - 2013-08-22 16:46 - 00064187 _____ C:\WINDOWS\setupact.log
2015-09-01 12:04 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-01 12:04 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-29 14:19 - 2014-07-24 17:14 - 01775860 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-29 14:19 - 2013-09-12 11:43 - 00807878 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-29 14:19 - 2013-09-12 11:43 - 00180026 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-28 22:10 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-28 20:27 - 2015-07-15 16:20 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-08-22 19:17 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-22 18:15 - 2013-08-22 16:44 - 00422896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-21 13:14 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 13:14 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 13:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-21 13:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-21 13:01 - 2014-10-21 10:30 - 00094720 ___SH C:\Users\Margarete\Desktop\Thumbs.db
2015-08-18 16:09 - 2013-09-12 12:47 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-18 16:01 - 2015-07-10 18:49 - 00000000 ___HD C:\$Windows.~BT
2015-08-18 12:02 - 2014-07-26 13:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-18 11:57 - 2014-07-26 13:38 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-18 11:55 - 2014-12-11 18:30 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-18 11:55 - 2014-07-28 20:53 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-18 11:55 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-18 11:55 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-17 17:35 - 2014-06-29 00:08 - 00000000 ____D C:\Users\Margarete\.gimp-2.8
2015-08-08 15:55 - 2014-12-12 19:37 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2014-12-12 19:37 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 16:11 - 2014-07-24 20:54 - 00000000 ____D C:\Users\Margarete\AppData\Roaming\Apple Computer
2015-08-06 15:25 - 2014-07-24 20:52 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Files in the root of some directories =======

2015-08-17 17:30 - 2015-08-17 17:30 - 0001530 _____ () C:\Users\Margarete\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
C:\Users\Margarete\AppData\Local\Temp\360TS_Setup_DE_Softonic_5-0-0-2018.exe
C:\Users\Margarete\AppData\Local\Temp\360TS_Setup_DE_Softonic_5-0-0-2018[1].exe
C:\Users\Margarete\AppData\Local\Temp\avgnt.exe
C:\Users\Margarete\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbg9d0a.dll
C:\Users\Margarete\AppData\Local\Temp\IminentSetup_july17.exe
C:\Users\Margarete\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Margarete\AppData\Local\Temp\OpenOffice_4.1.1_Win_x86_install_de.exe
C:\Users\Margarete\AppData\Local\Temp\StartMeinWeb_IE.exe
C:\Users\Margarete\AppData\Local\Temp\Wunderlist-Setup2.3.0.31.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-28 21:00

==================== End of FRST.txt ============================
Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Margarete (2015-09-02 12:25:51)
Running from C:\Users\Margarete\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4080927462-3844598824-2763787523-500 - Administrator - Disabled)
Guest (S-1-5-21-4080927462-3844598824-2763787523-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4080927462-3844598824-2763787523-1003 - Limited - Enabled)
Margarete (S-1-5-21-4080927462-3844598824-2763787523-1001 - Administrator - Enabled) => C:\Users\Margarete

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LibreOffice 4.2.5.2 (HKLM-x32\...\{8D8F47B2-0E03-4C50-9803-A01120878F96}) (Version: 4.2.5.2 - The Document Foundation)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{c59d30df-4d25-44da-be52-3e17381c68c1}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.473 - RStudio)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Solid Edge ST7 (HKLM\...\{AB0F3228-D90C-4574-8A28-589483A68C93}) (Version: 107.00.00104 - Siemens)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version:  - (c) 2006-2011, Tom Thielicke IT Solutions)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EBF3B2-CE7C-4A1D-9625-916AE6A82AD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {1A7D501F-5DA3-4136-A9A5-9E612745912A} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {2B90411B-FE1F-4203-85CB-430DEB410095} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-15] (Dropbox, Inc.)
Task: {837779F7-2133-4423-9B67-85C17AB5E0E2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-15] (Dropbox, Inc.)
Task: {A0A3AD03-C7F8-472F-BE63-BD733811CD8B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CAF80CF2-F143-4840-B6C5-F2EBBE392572} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-18] (Microsoft Corporation)
Task: {EB2C1E40-F863-41A6-ABDD-3DF9D9DCD48F} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-07-24 17:01 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-24 21:50 - 2014-07-23 14:16 - 00536576 _____ () C:\Users\Margarete\AppData\Roaming\Host System\host.exe
2014-11-25 18:14 - 2014-11-25 18:14 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-07-24 21:50 - 2014-07-24 21:50 - 00374272 _____ () C:\Users\Margarete\AppData\Roaming\Host System\sub\default.dll
2015-09-01 12:05 - 2015-09-01 12:05 - 00071168 _____ () c:\Users\Margarete\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbg9d0a.dll
2015-07-15 16:27 - 2015-08-05 07:26 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-07-15 16:27 - 2015-08-05 07:26 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-21 15:35 - 2015-08-05 07:26 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-15 16:27 - 2015-08-05 07:26 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2014-07-24 17:29 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Margarete\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img7.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\...\StartupApproved\Run: => "Remote Mouse"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0BD6AA0F-1B86-4949-A9E3-ED302DAA387A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F7C086BA-87EE-4052-B4FC-70B9A365C392}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EFC30380-3D19-497F-86D8-FE4270ADEA30}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D4B43D94-5A79-4526-A6F7-CB98FFA43437}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{7EEAD8C5-295B-4BF0-BBE9-417D077EF602}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{44A336DD-B71D-4DB6-BC4E-29F41106C286}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{CBBD32A8-2EC5-4EB3-B853-561BD53ACCF9}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{BD9AFDC8-3078-457E-83E4-4D559B0C1FD1}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [TCP Query User{83C4B481-4FD0-4AB2-BDBA-3CEAFBA1C03D}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [UDP Query User{1068006E-3F44-45EF-97CD-BE1EA00C5271}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [{3DD41C3B-7CE7-4C00-9E82-32C197485C93}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{7B2BF6E0-64AC-4C0F-9A89-8E4194184C4E}] => (Allow) LPort=12292
FirewallRules: [{26F277E5-4ACB-4285-AE65-BBE6AFC7DE6A}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot_daemon.exe
FirewallRules: [{49B936F3-AF13-4C0F-888B-FF24D1E8A005}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1719B55B-A36B-471A-B308-FD5B6023B67D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (6264) Instance: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -501 auf.

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost (6264) Instance: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 170 (0x000000AA) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost (6264) Instance: Bei Überprüfung des aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log" bei Offset 696320 (0x00000000000aa000) für 4096 (0x00001000) Bytes gelesenen Protokollbereichs ist durch eine Inkonsistenz der Bereichsprüfsumme ein Fehler aufgetreten. Die erwartete Prüfsumme war 1061003732829370789 (0xeb9714608a879a5), und die tatsächliche Prüfsumme war 1061003732829370789 (0xeb9714608a879a5). Fehler -501 (0xfffffe0b) beim Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Protokolldatei aus einer vorherigen Sicherung wieder her.

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost (6264) Instance: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 96 (0x00000060) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost (6264) Instance: Bei Überprüfung des aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\edb.log" bei Offset 393216 (0x0000000000060000) für 4096 (0x00001000) Bytes gelesenen Protokollbereichs ist durch eine Inkonsistenz der Bereichsprüfsumme ein Fehler aufgetreten. Die erwartete Prüfsumme war 11301865381017986696 (0x9cd84aaf26dca688), und die tatsächliche Prüfsumme war 524802084482356933 (0x74878b71ef496c5). Fehler -501 (0xfffffe0b) beim Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Protokolldatei aus einer vorherigen Sicherung wieder her.

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (6264) Instance: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -501 auf.

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost (6264) Instance: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 170 (0x000000AA) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost (6264) Instance: Bei Überprüfung des aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log" bei Offset 696320 (0x00000000000aa000) für 4096 (0x00001000) Bytes gelesenen Protokollbereichs ist durch eine Inkonsistenz der Bereichsprüfsumme ein Fehler aufgetreten. Die erwartete Prüfsumme war 1061003732829370789 (0xeb9714608a879a5), und die tatsächliche Prüfsumme war 1061003732829370789 (0xeb9714608a879a5). Fehler -501 (0xfffffe0b) beim Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Protokolldatei aus einer vorherigen Sicherung wieder her.

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost (6264) Instance: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 96 (0x00000060) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost (6264) Instance: Bei Überprüfung des aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\edb.log" bei Offset 393216 (0x0000000000060000) für 4096 (0x00001000) Bytes gelesenen Protokollbereichs ist durch eine Inkonsistenz der Bereichsprüfsumme ein Fehler aufgetreten. Die erwartete Prüfsumme war 11301865381017986696 (0x9cd84aaf26dca688), und die tatsächliche Prüfsumme war 524802084482356933 (0x74878b71ef496c5). Fehler -501 (0xfffffe0b) beim Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Protokolldatei aus einer vorherigen Sicherung wieder her.


System errors:
=============
Error: (09/02/2015 12:17:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home

Error: (09/01/2015 03:20:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home

Error: (09/01/2015 02:52:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home

Error: (09/01/2015 12:17:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home

Error: (09/01/2015 11:18:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home

Error: (08/31/2015 01:17:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home

Error: (08/31/2015 10:35:28 AM) (Source: DCOM) (EventID: 10016) (User: MARGARETE)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MargareteMargareteS-1-5-21-4080927462-3844598824-2763787523-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/31/2015 10:35:28 AM) (Source: DCOM) (EventID: 10016) (User: MARGARETE)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MargareteMargareteS-1-5-21-4080927462-3844598824-2763787523-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/31/2015 10:32:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/30/2015 10:57:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home


Microsoft Office:
=========================
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost6264Instance: -501

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.logEND170 (0x000000AA)

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log696320 (0x00000000000aa000)4096 (0x00001000)-501 (0xfffffe0b)1061003732829370789 (0xeb9714608a879a5)1061003732829370789 (0xeb9714608a879a5)

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb.logEND96 (0x00000060)

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb.log393216 (0x0000000000060000)4096 (0x00001000)-501 (0xfffffe0b)11301865381017986696 (0x9cd84aaf26dca688)524802084482356933 (0x74878b71ef496c5)

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost6264Instance: -501

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.logEND170 (0x000000AA)

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log696320 (0x00000000000aa000)4096 (0x00001000)-501 (0xfffffe0b)1061003732829370789 (0xeb9714608a879a5)1061003732829370789 (0xeb9714608a879a5)

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb.logEND96 (0x00000060)

Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb.log393216 (0x0000000000060000)4096 (0x00001000)-501 (0xfffffe0b)11301865381017986696 (0x9cd84aaf26dca688)524802084482356933 (0x74878b71ef496c5)


CodeIntegrity:
===================================
  Date: 2015-02-11 15:28:19.791
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-11 15:28:19.189
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-11 10:53:24.232
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-11 10:53:24.107
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-10 14:55:37.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-10 14:55:37.042
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-09 10:18:36.822
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-09 10:18:36.681
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-08 12:27:15.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-02-08 12:27:15.761
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU G3220 @ 3.00GHz
Percentage of memory in use: 39%
Total physical RAM: 4051.48 MB
Available physical RAM: 2436.33 MB
Total Virtual: 5489.27 MB
Available Virtual: 2815.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931 GB) (Free:788.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Schritt 3:

Wenn ich das Programm öffnen möchte kommt folgende Fehlermeldung:
C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Am Versuch in den abgesicherten Modus zu wechseln bin ich leider gescheitert.

Schritt 4:

Ich habe nur die drei Logfiles der ersten beiden Schritte, da mir bei Avira keine angezeigt werden.

Vielen Dank schon mal im Voraus!

Alt 02.09.2015, 13:56   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________

__________________
Alt 02.09.2015, 15:33   #3
sweet_cherry
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Es wurde angezeigt, dass keine Malware gefunden wurde, deshalb habe ich auch keinen Neustart gemacht - oder sollte ich das trotzdem machen?

Hier der Bericht:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org

Database version:
  main:    v2015.09.02.05
  rootkit: v2015.08.16.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17937
Margarete :: MARGARETE [administrator]

02.09.2015 15:12:43
mbar-log-2015-09-02 (15-12-43).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 413758
Time elapsed: 38 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
__________________
Alt 02.09.2015, 19:10   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Avira neu installieren.

Lade Dir bitte von hier Emsisoft Emergency Kit Download Emsisoft Emergency Kit herunter.
  • Bitte installiere das Programm in den vorgegebenen Pfad.
  • Starte das Programm durch Doppelklick der Desktopverknüpfung.
  • Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
  • Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.09.2015, 20:56   #5
sweet_cherry
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Soll ich Avira neu installieren, bevor ich Emsisoft Emergency Kit herunterlade?


Alt 04.09.2015, 17:41   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Besser danach
__________________
--> Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch

Alt 04.09.2015, 18:51   #7
sweet_cherry
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


So, von dem EEK Scan habe ich folgendes Log erhalten:

Code:
ATTFilter
SQLite format 3   @    Õ   ;                                                           Õ -â%   	Ó    7ûöñìçâÝØÓ                                                                                                                                                                                                                                                                                                                                                                                                                                                                         J‚ktableIDSLogsIDSLogsCREATE TABLE IDSLogs(
	ID INTEGER PRIMARY KEY,
	Date INTEGER,
	StrDate TEXT,
	Event INTEGER,
	FileName TEXT,
	PID INTEGER,
	Infection INTEGER,
	Info TEXT,
	Unic TEXT)e##ƒtableDBIntegrityDBIntegrityCREATE TABLE DBIntegrity(
	ID INTEGER PRIMARY KEY,
	TableName TEXT,
	Revision INTEGER NOT NULL DEFAULT 1,
	RecordsLimit INTEGER NOT NULL DEFAULT                
   	
         
   $ êØɵœ‚iVF3$                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      
 	ILogs,
 ScanLogs,	 QLogs, QObjects, +	USessionDetails, +USessionUpdates, +	USessionModules, URequests,
 	ULogs, IDSLogs, #DBIntegrity,
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
   K K3                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               e##ƒtableDBIntegrityDBIntegrityCREATE TABLE DBIntegrity(
	ID INTEGER PRIMARY KEY,
	TableName TEXT,
	Revision INTEGER NOT NULL DEFAULT 1,
	RecordsLimit INTEGER NOT NULL DEFAULT 300,
	LastSentID INTEGER NOT NULL DEFAULT 0)J‚ktableIDSLogsIDSLogsCREATE TABLE IDSLogs(
	ID INTEGER PRIMARY KEY,
	Date INTEGER,
	StrDate TEXT,
	Event INTEGER,
	FileName TEXT,
	PID INTEGER,
	Infection INTEGER,
	Info TEXT,
	Unic TEXT)
    ë  ë?                                                                                                                                                                                                                               „Q3ˆ_triggerIDSLogs_AfterInsertIDSLogsCREATE TRIGGER IDSLogs_AfterInsert AFTER INSERT ON IDSLogs
BEGIN
	UPDATE IDSLogs SET Date = CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 
		StrDate = DateTime(CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 'unixepoch')
		WHERE ROWID = New.ROWID;

	DELETE FROM IDSLogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'IDSLogs') = 0 THEN 0
		ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='IDSLogs') END;
END>‚[tableULogsULogsCREATE TABLE ULogs(
	ID INTEGER PRIMARY KEY,
	AutoUpdate INTEGER,
	Started INTEGER,
	Finished INTEGER,
	FilesCount INTEGER,
	TotalSize INTEGER,
	Result INTEGER)
   Ú ñÚ                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               	UéïñUéñN ¬b¥
 Uéïëþ
    Í  Í? É                                                                                                                                                                                            ‚;1„9triggerULogs_BeforeDeleteULogsCREATE TRIGGER ULogs_BeforeDelete BEFORE DELETE ON ULogs
BEGIN
	DELETE FROM URequests WHERE SessionID=old.ID;
	DELETE FROM USessionDetails WHERE SessionID=old.ID;
	DELETE FROM USessionModules WHERE SessionID=old.ID;
	DELETE FROM USessionUpdates WHERE SessionID=old.ID;
END‚1/„'triggerULogs_AfterInsertULogsCREATE TRIGGER ULogs_AfterInsert AFTER INSERT ON ULogs
BEGIN
	DELETE FROM ULogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'ULogs') = 0 THEN 0
		ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='ULogs') END;
END>‚KtableURequestsURequestsCREATE TABLE URequests(
	ID INTEGER PRIMARY KEY,
	Date INTEGER,
	StrDate TEXT,
	SessionID INTEGER,
	URL TEXT,
	ResponseCode INTEGER,
	ResponseText TEXT)
   ] /]                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 O	 3‚G+Uéïñ2015-09-04 19:24:33https://update.emsisoft.com/checkupdatev3/?product=EEK&key=GIF-KAV-BEP-853&mkey=96E7A6D9DB7FDD769199C4D8784E1B51ABFF9D2E&version=10.0.0.5488&beta=0&lng=de-de ÈHTTP/1.1 200 OKN	 3	‚G+Uéïï2015-09-04 19:24:31https://update.emsisoft.com/checkupdatev3/?product=EEK&key=OFF-LIN-E0K-EY0&mkey=96E7A6D9DB7FDD769199C4D8784E1B51ABFF9D2E&version=10.0.0.5488&beta=0&lng=de-de ÈHTTP/1.1 200 OK
    0  0”7                                  „a7ˆwtriggerURequests_AfterInsertURequestsCREATE TRIGGER URequests_AfterInsert AFTER INSERT ON URequests
BEGIN
	UPDATE URequests SET Date = CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 
		StrDate = DateTime(CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 'unixepoch')
		WHERE ROWID = New.ROWID;

	DELETE FROM URequests WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'URequests') = 0 THEN 0
		ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='URequests') END;
END 	++wtableUSessionModulesUSessionModules
CREATE TABLE USessionModules(
	ID INTEGER PRIMARY KEY,
	SessionID INTEGER,
	Name TEXT,
	Version TEXT,
	MD5 TEXT)F
++‚CtableUSessionUpdatesUSessionUpdatesCREATE TABLE USessionUpdates(
	ID INTEGER PRIMARY KEY,
	SessionID INTEGER,
	URL TEXT,
	Path TEXT,
	Name TEXT,
	Size INTEGER,
	MD5 TEXT,
	Desc TEXT)
    8 Ã}?ü¼E·|/ ó ´ t 8                  : %Mssleay32.dll0.9.8zc44df2a9ef4e488e952b6d495d732b963> %#Mresource.dll10.0.0.5488182c4e206776cc46a5ab2bc65cc50b06=
 ##Mlogging.dll10.0.0.5488f30979b1d6ea28a84b31ede6c5956c8d: %Mlibeay32.dll0.9.8zccbcace40cb9df95de0307990851640c2K !AMfrme32.dll1.0.0.478 built by: WinDDK1e370d588367ae396eaff9d34bd151499
 #Mevcdiff.dll1.0.0.19e28caa559c533a531ccee624da8c64eO	 )AMcleanhlp32.dll1.2.0.783 built by: WinDDKbe9546b3cfc14f078e4e925bb4854ebe; #Mclean32.dll1.0.0.198beeedeef90afe4ae096f92835a3c0217: !Mbdcore.dll11.0.1.124ceb44ae133f1628917e3385905b88d79 #Mavxdisk.dll1.4.0.0adf9f919e10832746ed516230420f749> %#Ma2update.dll10.0.0.548820ebfd996bf9ae07847f815c542df2daA +#Ma2framework.dll10.0.0.5488c5d2b4188559022b35b3055c44130f74< %Ma2engine.dll3.5.0.6424515e2e36f301b0ed61f43b2f2c39b2fD 1#Ma2emergencykit.exe10.0.0.548825af1081044d09a706588cc645ad2d38; #Ma2cmd.exe10.0.0.5488cc445127fb34371e056cb80b684878f4   	Ó    !ûöñìçâÝØÓ                                                     A
 #9Mchxxp://dl.emsisoft.com/updates/D3926A8E05A57D16DC7910973F08E5EF.zip.data2trust.datTrust check signatures'D3926A8E05A57D16DC7910973F08E5EFSignatures to verify digitally signed files(
 +1M1hxxp://dl.emsisoft.com/updates/C5D2B4188559022B35B3055C44130F74.zip.data2framework.dllSoftware ComponentJ7C5D2B4188559022B35B3055C44130F74Software Component1
 %+MOhxxp://dl.emsisoft.com/updates/4515E2E36F301B0ED61F43B2F2C39B2F.zip.data2engine.dllScan Engine (A)Þ4515E2E36F301B0ED61F43B2F2C39B2FScan Engine Component - 3.5.0.642+
 11M1hxxp://dl.emsisoft.com/updates/25AF1081044D09A706588CC645AD2D38.zip.data2emergencykit.exeSoftware Component!°25AF1081044D09A706588CC645AD2D38Software ComponentY 3Mhxxp://dl.emsisoft.com/updates/CC445127FB34371E056CB80B684878F4.zip.data2cmd.exeCommandline Scanner‰ÎCC445127FB34371E056CB80B684878F4Console application using     /   *   %               
   
   3Ï ûõïéãÝ×ÑËÅ¿¹³*§¡›•‰ƒ}wqke_YSMGA;5/)#ÿùóíçáÛÕÏ                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 3210/.-,+*)('&%$#"! 

		
    ‘pœ6                                                                                                                                                                                                                                                                    y?+indexUSessionUpdates_SessionIDUSessionUpdatesCREATE INDEX USessionUpdates_SessionID ON USessionUpdates(SessionID)\++‚otableUSessionDetailsUSessionDetailsCREATE TABLE USessionDetails(
	ID INTEGER PRIMARY KEY,
	SessionID INTEGER,
	Path TEXT,
	Size INTEGER,
	MD5 TEXT,
	Description TEXT,
	Downloaded INTEGER,
	Copyed INTEGER)‚)
„%tableQObjectsQObjectsCREATE TABLE QObjects(
	ID INTEGER PRIMARY KEY,
	Name TEXT,
	Location TEXT,
	FileSize INTEGER,
	InfectionType TEXT,
	RiskLevel INTEGER,
	Quarantined INTEGER,
	Submitted INTEGER,
	Restored INTEGER,
	Removed INTEGER,
	SHA1 TEXT,
	Status INTEGER,
	Unic TEXT)b'
indexQObjects_SHA1QObjectsCREATE UNIQUE INDEX QObjects_SHA1 ON QObjects(SHA1, Quarantined)   œ    5ûöñìçâÝØÓÎÉÄ¿º´®¨¢œ                                                          d		 =MK	Signatures\BD\dalvik.ivdŽÚ7241CA0C492744A750D703098AB0AD24Malware signatures (dalvik.ivd)_	 9MG	Signatures\BD\cran.ivdï2937584C0475EC097648DE57ED4402B3Malware signatures (cran.ivd)h	 AMO	Signatures\BD\cevakrnl.rv8§05EFD37530E2DA3CCE0006D11A10817DMalware signatures (cevakrnl.rv8)h	 AMO	Signatures\BD\cevakrnl.rv5†b776CC0606E404E0010A759CC1A6966DDMalware signatures (cevakrnl.rv5)h	 AMO	Signatures\BD\cevakrnl.rv3·¸326B9BF2AF417C3558E8DE4398046B2BMalware signatures (cevakrnl.rv3)h	 AMO	Signatures\BD\cevakrnl.rv1 *CC6DF4323681C76A1EE5F7121C9E8158DMalware signatures (cevakrnl.rv1)_	 9MG	Signatures\BD\auto.cvd*DC8FA9ADE9DC8C070391CEE355D34DFBMalware signatures (auto.cvd)^	 ;MC	Signatures\20150904.sigáE11162C1D0F7D841E3E28D6195F1C0A0196 Signatures: 196 Trojans   4+   3"   2   1   0   /~   .u   -l   ,c   +Z   *Q   )H   (?   '6   &-   %$   $   #   "	   û    ;û Ñ @                                               A1   ]	YApplication.AppInstall (A)C:\ProgramData\apn6UéõC9563417-0B45-47CB-9402-12D0010A22FB.EQF{831C92E9-401D-43E8-A0E5-37CD892C7F46}+ M_   ]	YApplication.Win32.WebToolbar (A)C:\Users\Margarete\AppData\Local\Temp\apn6Uéõ97888C95-9A43-4B91-AA7E-45BBBC314C8F.EQF{E28A0786-E003-4BA2-B83E-FFDAD36293C1}I ?'   ]	YApplication.InstallAd (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\CIUVO7Uéõ6F2E5559-FE27-46AC-8058-24439566C1D5.EQF{9296A2A8-3E3A-43FD-86AB-DAD31FD51C86}L ?-   ]	YApplication.InstallAd (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\SOFTONIC7Uéõ4894FFF2-B7D3-4555-8263-7B39A1FCA814.EQF{6F07CB46-C6A4-49E6-A031-C5F5E0E3EF86}c ?[   ]	YApplication.InstallAd (A)Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SEARCHTHEWEBARP7UéõCD26FF77-0224-4111-8FDC-8D6395E6BC98.EQF{29E064AE-DC96-4795-B7DD-9ED4684C   :
   £ Õk9Ï£                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             1]DDE97943-DF67-46B2-8F23-345465337FB2.EQFUéõ1]6C47EDFE-B909-408A-8EF7-8946740EA511.EQFUéõ1]C9563417-0B45-47CB-9402-12D0010A22FB.EQFUéõ1]97888C95-9A43-4B91-AA7E-45BBBC314C8F.EQFUéõ1]6F2E5559-FE27-46AC-8058-24439566C1D5.EQFUéõ1]4894FFF2-B7D3-4555-8263-7B39A1FCA814.EQFUéõ0]	CD26FF77-0224-4111-8FDC-8D6395E6BC98.EQFUéõ
   : :¿9                                                                                                     ƒ;…7triggerQObjects_UpdateOfStatusQObjectsCREATE TRIGGER QObjects_UpdateOfStatus UPDATE OF Status ON QObjects  WHEN New.Status IN (2, 3, 11)
BEGIN
	INSERT INTO QLogs(ObjectID, Date, Event)
	ƒ;…7triggerQObjects_UpdateOfStatusQObjectsCREATE TRIGGER QObjects_UpdateOfStatus UPDATE OF Status ON QObjects  WHEN New.Status IN (2, 3, 11)
BEGIN
	INSERT INTO QLogs(ObjectID, Date, Event)
	VALUES(New.ID, CASE WHEN New.Restored IS NOT NULL THEN New.Restored ELSE New.Removed END,
		CASE WHEN New.Status = 3 THEN 8 WHEN New.Status = 2 THEN 9 WHEN New.Status = 11 THEN 7 END);
END‚>1„9triggerQObjects_UpdateOfRQObjectsCREATE TRIGGER QObjects_UpdateOfR UPDATE OF Restored, Removed ON QObjects
BEGIN
	INSERT INTO QLogs(ObjectID, Date, Event)
	VALUES(New.ID, CASE WHEN New.Restored IS NOT NULL THEN New.Restored ELSE New.Removed END,
		CASE WHEN New.Restored IS NOT NULL THEN 4 ELSE 5 END);
END
   k k2t                                                                                                                                                                                                                                                                                                                                                             D1‚EtriggerQObjects_UpdateOfSQObjectsCREATE TRIGGER QObjects_UpdateOfS UPDATE OF Submitted ON QObjects
BEGIN
	INSERT INTO QLogs(ObjectID, Date, Event)
	VALUES(New.ID, New.Submitted, 6);
END‚?5„7triggerQObjects_AfterInsertQObjectsCREATE TRIGGER QObjects_AfterInsert AFTER INSERT ON QObjects
BEGIN
	INSERT INTO QLogs(ObjectID, Date, Event)
	VALUES(New.ID, New.Quarantined, CASE WHEN New.Status = 3 THEN 8 WHEN New.Status = 2 THEN 9 WHEN New.Status = 11 THEN 7 WHEN New.Status = 12 THEN 3 ELSE 2 END);
END	qtableQLogsQLogsCREATE TABLE QLogs(
	ID INTEGER PRIMARY KEY,
	ObjectID INTEGER,
	Date INTEGER,
	StrDate TEXT,
	Event INTEGER)
    à¿ž}\;                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     3Uéõ2015-09-04 19:46:34 3Uéõ2015-09-04 19:46:33 3Uéõ2015-09-04 19:46:33 3Uéõ2015-09-04 19:46:32 3Uéõ2015-09-04 19:46:31 3Uéõ2015-09-04 19:46:31 	3Uéõ2015-09-04 19:46:31
    v  vº                                                                                                        „A/ˆGtriggerQLogs_AfterInsertQLogsCREATE TRIGGER QLogs_AfterInsert AFTER INSERT ON QLogs
BEGIN
	UPDATE QLogs SET Date = CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 
		StrDate = DateTime(CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 'unixepoch')
		WHERE ROWID = New.ROWID;

	DELETE FROM QLogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'QLogs') = 0 THEN 0
		ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='QLogs') END;
END\#indexQLogs_EventQLogsCREATE UNIQUE INDEX QLogs_Event ON QLogs(ObjectID, Date, Event)eƒtableScanLogsScanLogsCREATE TABLE ScanLogs(
	ID INTEGER PRIMARY KEY,
	ScanDate INTEGER,
	StrScanDate TEXT,
	Method INTEGER,
	CountObj INTEGER,
	FoundObj INTEGER,
	Duration TEXT,
	FileName TEXT,
	ScanType INTEGER)
   § õèÛÎÁ´§                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 UéõUéõUéõUéõUéõUéõ
		Uéõ
   R ªR                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      V
 3_UéñÎ04.09.2015 19:32:30B\0:13:32C:\EEK\BIN\Reports\scan_150904-193230.txtT
 3_Uéñ”04.09.2015 19:31:32 »0:00:05C:\EEK\BIN\Reports\scan_150904-193132.txt
   Â Â Ú                                                                                                                                                                                                            rƒCtableILogsILogs6CREATE TABLE ILogs(
	ID INTEGER PRIMARY KEY,
	Name TEXT,
	Location TEXT,
	FileSize INTEGER,
	Date INTEGER,
	StrDate TEXT,
	InfectionType INTEGER,
	RiskLevel INTEGER,
	Action INTEGER,
	Source TEXT,‚F5„EtriggerScanLogs_AfterInsertScanLogsCREATE TRIGGER ScanLogs_AfterInsert AFTER INSERT ON ScanLogs
BEGIN
	DELETE FROM ScanLogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'ScanLogs') = 0 THEN 0
		ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='ScanLogs') END;
ENDrƒCtableILogsILogs6CREATE TABLE ILogs(
	ID INTEGER PRIMARY KEY,
	Name TEXT,
	Location TEXT,
	FileSize INTEGER,
	Date INTEGER,
	StrDate TEXT,
	InfectionType INTEGER,
	RiskLevel INTEGER,
	Action INTEGER,
	Source TEXT,
	Unic TEXT)
    S $v S                                                                 A
 #9Mchxxp://dl.emsisoft.com/updates/D3926A8E05A57D16DC7910973F08E5EF.zip.data2trust.datTrust check signatures'D3926A8E05A57D16DC7910973F08E5EFSignatures to verify digitally signed files(
 +1M1hxxp://dl.emsisoft.com/updates/C5D2B4188559022B35B3055C44130F74.zip.data2framework.dllSoftware ComponentJ7C5D2B4188559022B35B3055C44130F74Software Component1
 %+MOhxxp://dl.emsisoft.com/updates/4515E2E36F301B0ED61F43B2F2C39B2F.zip.data2engine.dllScan Engine (A)Þ4515E2E36F301B0ED61F43B2F2C39B2FScan Engine Component - 3.5.0.642+
 11M1hxxp://dl.emsisoft.com/updates/25AF1081044D09A706588CC645AD2D38.zip.data2emergencykit.exeSoftware Component!°25AF1081044D09A706588CC645AD2D38Software ComponentY 3Mhxxp://dl.emsisoft.com/updates/CC445127FB34371E056CB80B684878F4.zip.data2cmd.exeCommandline Scanner‰ÎCC445127FB34371E056CB80B684878F4Console application using command line parameters to scan - 10.0.0.5488
    u Xžà! u                                                                                                   )

 1M?hxxp://dl.emsisoft.com/updates/D9F474C93F18879D1F251F0E3C5EFA8A.zip.datclean.datCleaning resources Ù
D9F474C93F18879D1F251F0E3C5EFA8ACleaning engine component<	
 !+Mihxxp://dl.emsisoft.com/updates/4CEB44AE133F1628917E3385905B88D7.zip.datbdcore.dllScan Engine (B) áâ4CEB44AE133F1628917E3385905B88D7Scan Engine Component (bdcore.dll) - 11.0.1.12;
 #+Mghxxp://dl.emsisoft.com/updates/ADF9F919E10832746ED516230420F749.zip.datavxdisk.dllScan Engine (B)d&ADF9F919E10832746ED516230420F749Scan Engine Component (avxdisk.dll) - 1.4.0.07
 5MYhxxp://dl.emsisoft.com/updates/C1FF2814AEB7C41E6042AB927545ECBB.zip.data2wl.datWhitelist signatures
¡ÈC1FF2814AEB7C41E6042AB927545ECBBSignatures for known good applications%
 %1M1hxxp://dl.emsisoft.com/updates/20EBFD996BF9AE07847F815C542DF2DA.zip.data2update.dllSoftware ComponentõL20EBFD996BF9AE07847F815C542DF2DASoftware Component
     S‰ä?                                                                                                                                            
 1M1hxxp://dl.emsisoft.com/updates/F176ABCAB67985CEF66C4A485B90B311.zip.datepp.infSoftware ComponentF176ABCAB67985CEF66C4A485B90B311Software Component"
 1M1hxxp://dl.emsisoft.com/updates/24C8F06F6BF0FA4E850C2F4AB750F813.zip.daten-us.chmSoftware Component ŽJ24C8F06F6BF0FA4E850C2F4AB750F813Software Component"
 1M1hxxp://dl.emsisoft.com/updates/0249489986B6EF8B4748C92259F0BBB7.zip.datde-de.chmSoftware Component 0249489986B6EF8B4748C92259F0BBB7Software ComponentG
 )KMWhxxp://dl.emsisoft.com/updates/BE9546B3CFC14F078E4E925BB4854EBE.zip.datcleanhlp32.dllCleaning engine component (x86) ŸÊBE9546B3CFC14F078E4E925BB4854EBECleaning engine component - 1.2.0.783*
 #+MChxxp://dl.emsisoft.com/updates/BEEEDEEF90AFE4AE096F92835A3C0217.zip.datclean32.dllCleaning engine<BEEEDEEF90AFE4AE096F92835A3C0217Cleaning engine - 1.0.0.198
    ™ [¶
> ™                                                                                                                                       "
 35Mhxxp://dl.emsisoft.com/updates/1C800626A327F79BA207A7DA2B43AE80.zip.datLanguages\ar-sa.lngTranslation resource?Ý1C800626A327F79BA207A7DA2B43AE80ArabicL
 !?Muhxxp://dl.emsisoft.com/updates/1E370D588367AE396EAFF9D34BD15149.zip.datfrme32.dllCleaning engine componentp1E370D588367AE396EAFF9D34BD15149Cleaning engine file and registry module - 1.0.0.478&
 #)M=hxxp://dl.emsisoft.com/updates/9E28CAA559C533A531CCEE624DA8C64E.zip.datevcdiff.dllDiff component†™9E28CAA559C533A531CCEE624DA8C64EDiff component - 1.0.0.1"
 1M1hxxp://dl.emsisoft.com/updates/9ED89A533D125C273F93C6A524A1A118.zip.datepp64.sysSoftware Component û¤9ED89A533D125C273F93C6A524A1A118Software Component"
 1M1hxxp://dl.emsisoft.com/updates/9D281B465EED4623185611F46BB6C83F.zip.datepp32.sysSoftware Component Ì—9D281B465EED4623185611F46BB6C83FSoftware Component
     Zµi à          #
 35Mhxxp://dl.emsisoft.com/updates/D9F4632A6C70E15C056A137FF0ADF26B.zip.datLanguages\fi-fi.lngTranslation resourceiÇD9F4632A6C70E15C056A137FF0ADF26BFinnish#
 35Mhxxp://dl.emsisoft.com/updates/7479F296D3AFAF48EBD0821675B34C10.zip.datLanguages\fa-ir.lngTranslation resourceu7479F296D3AFAF48EBD0821675B34C10Persian#
 35Mhxxp://dl.emsisoft.com/updates/D7DA8468C95FBD58DF90910B52ADD885.zip.datLanguages\es-es.lngTranslation resource}úD7DA8468C95FBD58DF90910B52ADD885Spanish#
 35Mhxxp://dl.emsisoft.com/updates/D3CE68F2847A4C67132D1C97CAC6B232.zip.datLanguages\en-us.lngTranslation resourceP{D3CE68F2847A4C67132D1C97CAC6B232English"
 35Mhxxp://dl.emsisoft.com/updates/D0F272FABB9244D65527A8C8CFD6E7A0.zip.datLanguages\de-de.lngTranslation resourceSD0F272FABB9244D65527A8C8CFD6E7A0German#
 35Mhxxp://dl.emsisoft.com/updates/23D8E2DFC5EA0AB0EFA60FBF2AF8624A.zip.datLanguages\ca-es.lngTranslation resource~ô23D8E2DFC5EA0AB0EFA60FBF2AF8624ACatalan
    ¶ O«] ¶                                                                                                                                                                    $
 35Mhxxp://dl.emsisoft.com/updates/A7A6193193EE658FB2142AC9B6963639.zip.datLanguages\ja-jp.lngTranslation resourceMlA7A6193193EE658FB2142AC9B6963639Japanese#
 35Mhxxp://dl.emsisoft.com/updates/BB9EC0757C3EDB7F18E30B6F79C27883.zip.datLanguages\it-it.lngTranslation resourceZÿBB9EC0757C3EDB7F18E30B6F79C27883Italian%
 35Mhxxp://dl.emsisoft.com/updates/DA6AE3E63E0A5BE34B5234A0806EF0DE.zip.datLanguages\hu-hu.lngTranslation resource'DA6AE3E63E0A5BE34B5234A0806EF0DEHungarian!
 35Mhxxp://dl.emsisoft.com/updates/F68342529AA3FF13922534408F2B97D6.zip.datLanguages\gr-gr.lngTranslation resourceKF68342529AA3FF13922534408F2B97D6Greek.
 35M1hxxp://dl.emsisoft.com/updates/936835EAA0A4DCE12FF2FB892670E9AA.zip.datLanguages\fr-fr.lngTranslation resourcea‰936835EAA0A4DCE12FF2FB892670E9AASoftware Component
     [·f ½    #%
 35Mhxxp://dl.emsisoft.com/updates/4C6EF45A2E9881A35CE46BAC2385946D.zip.datLanguages\ru-ru.lngTranslation resourceVž4C6EF45A2E9881A35CE46BAC2385946DRussian&$
 35M!hxxp://dl.emsisoft.com/updates/F4A5D743177EC4BAD46D9E5277CAAD54.zip.datLanguages\pt-pt.lngTranslation resource2VF4A5D743177EC4BAD46D9E5277CAAD54Portuguese)#
 35M'hxxp://dl.emsisoft.com/updates/EFB01C4720A0AA803985419178F20C32.zip.datLanguages\pt-br.lngTranslation resource è¹EFB01C4720A0AA803985419178F20C32Portuguese BR""
 35Mhxxp://dl.emsisoft.com/updates/592596553CDFA98C845F3F79463D9F1B.zip.datLanguages\pl-pl.lngTranslation resourcemÏ592596553CDFA98C845F3F79463D9F1BPolish!!
 35Mhxxp://dl.emsisoft.com/updates/D59B8DD2628BC09886B5FD18385C11F4.zip.datLanguages\nl-nl.lngTranslation resourceHÙD59B8DD2628BC09886B5FD18385C11F4Dutch" 
 35Mhxxp://dl.emsisoft.com/updates/F8011A26F4D84E1736EC5CA9B0A22AB9.zip.datLanguages\ko-kr.lngTranslation resourceRóF8011A26F4D84E1736EC5CA9B0A22AB9Korean
    ² X²c ²                                                                                                                                                                .*
 35M1hxxp://dl.emsisoft.com/updates/0D586810C687E7D3FB682CD60EEEE469.zip.datLanguages\zh-cn.lngTranslation resource ·³0D586810C687E7D3FB682CD60EEEE469Chinese Simplified&)
 35M!hxxp://dl.emsisoft.com/updates/75345EF18324EA0AF82A02AE9E1699BB.zip.datLanguages\vi-vn.lngTranslation resourceO=75345EF18324EA0AF82A02AE9E1699BBVietnamese#(
 35Mhxxp://dl.emsisoft.com/updates/3B94B1A369373E09AA878FF7D56BE3E1.zip.datLanguages\tr-tr.lngTranslation resource\3B94B1A369373E09AA878FF7D56BE3E1Turkish#'
 35Mhxxp://dl.emsisoft.com/updates/DF06EB8528B719FE98609DAFC67EBA46.zip.datLanguages\sv-se.lngTranslation resourceH@DF06EB8528B719FE98609DAFC67EBA46Swedish%&
 35Mhxxp://dl.emsisoft.com/updates/131F501739EC31DFD3A5C919665D6E2D.zip.datLanguages\sl-si.lngTranslation resource’131F501739EC31DFD3A5C919665D6E2DSlovenian
    F N¦Ü F                                                    G/
 )=Mghxxp://dl.emsisoft.com/updates/5AB904A76E1B29F2247DB91EB248DE65.zip.datlicense_fr.rtfLicense Agreement Frenchœ5AB904A76E1B29F2247DB91EB248DE65Emsisoft License Agreement in French languageI.
 )?Mihxxp://dl.emsisoft.com/updates/C30C98C6C9AF522170FCCE1673C3AA08.zip.datlicense_en.rtfLicense Agreement EnglishÏC30C98C6C9AF522170FCCE1673C3AA08Emsisoft License Agreement in English languageG-
 )=Mghxxp://dl.emsisoft.com/updates/764A596264C0392585A3153F3FA4BB2C.zip.datlicense_de.rtfLicense Agreement Germanš764A596264C0392585A3153F3FA4BB2CEmsisoft License Agreement in German language%,
 %1M1hxxp://dl.emsisoft.com/updates/CBCACE40CB9DF95DE0307990851640C2.zip.datlibeay32.dllSoftware Component9ÃCBCACE40CB9DF95DE0307990851640C2Software Component/+
 35M3hxxp://dl.emsisoft.com/updates/058E8CC4E5A257240AA3415C23A5D1C3.zip.datLanguages\zh-tw.lngTranslation resource3058E8CC4E5A257240AA3415C23A5D1C3Chinese Traditional
   ] Y±]                                                                                                                                                                                                                                                                                                                                             %3
 %1M1hxxp://dl.emsisoft.com/updates/44DF2A9EF4E488E952B6D495D732B963.zip.datssleay32.dllSoftware Component=‚44DF2A9EF4E488E952B6D495D732B963Software Component)2
 9M9hxxp://dl.emsisoft.com/updates/9983B1CC9E34778A8C66254B0B6CEE7E.zip.datsmart.datSmart scan definitionsY9983B1CC9E34778A8C66254B0B6CEE7ESmart scan definitions%1
 %1M1hxxp://dl.emsisoft.com/updates/182C4E206776CC46A5AB2BC65CC50B06.zip.datresource.dllSoftware Component6:‚182C4E206776CC46A5AB2BC65CC50B06Software Component$0
 #1M1hxxp://dl.emsisoft.com/updates/F30979B1D6EA28A84B31EDE6C5956C8D.zip.datlogging.dllSoftware Component
¡æF30979B1D6EA28A84B31EDE6C5956C8DSoftware Component
   	 l œ<Ûq3 Ò l                                                                                  d		 =MK		Signatures\BD\dalvik.ivdŽÚ7241CA0C492744A750D703098AB0AD24Malware signatures (dalvik.ivd)_	 9MG		Signatures\BD\cran.ivdï2937584C0475EC097648DE57ED4402B3Malware signatures (cran.ivd)h	 AMO		Signatures\BD\cevakrnl.rv8§05EFD37530E2DA3CCE0006D11A10817DMalware signatures (cevakrnl.rv8)h	 AMO		Signatures\BD\cevakrnl.rv5†b776CC0606E404E0010A759CC1A6966DDMalware signatures (cevakrnl.rv5)h	 AMO		Signatures\BD\cevakrnl.rv3·¸326B9BF2AF417C3558E8DE4398046B2BMalware signatures (cevakrnl.rv3)h	 AMO		Signatures\BD\cevakrnl.rv1 *CC6DF4323681C76A1EE5F7121C9E8158DMalware signatures (cevakrnl.rv1)_	 9MG		Signatures\BD\auto.cvd*DC8FA9ADE9DC8C070391CEE355D34DFBMalware signatures (auto.cvd)^	 ;MC		Signatures\20150904.sigáE11162C1D0F7D841E3E28D6195F1C0A0196 Signatures: 196 Trojansb	 #Mc		a2trust.datúD3926A8E05A57D16DC7910973F08E5EFSignatures to verify digitally signed files
   	 o ›5Ïiž9 Ô o                                                                                     c	 =MK		Signatures\BD\e_spyw.i21·33B6519E4BF45E94C384AAA8CE490958Malware signatures (e_spyw.i21)c	 =MK		Signatures\BD\e_spyw.i07 07DD3B264A5D1FB954AB73471B14B53CMalware signatures (e_spyw.i07)c	 =MK		Signatures\BD\e_spyw.i06aB1699FF5B28ACABA28327BAB50FE27C5Malware signatures (e_spyw.i06)c	 =MK		Signatures\BD\e_spyw.i05O0BF22D56617D123DB3234035573F3995Malware signatures (e_spyw.i05)d	 =MK		Signatures\BD\e_spyw.i04 áÜ0BA189B435587D386F0CD74EF75DEC69Malware signatures (e_spyw.i04)d
	 =MK		Signatures\BD\e_spyw.i03AÆC3DB535D14BD5DCAAC1851C687C68F02Malware signatures (e_spyw.i03)d	 =MK		Signatures\BD\e_spyw.i02 šr055A236CD0E846FC30856B499B34A98AMalware signatures (e_spyw.i02)d	 =MK		Signatures\BD\e_spyw.i01 И1F6A928845DE4B7446E043B7E6B118C2Malware signatures (e_spyw.i01)c
	 =MK		Signatures\BD\e_spyw.i00óCCBDE3DA750B7DD8E908B665CB847966Malware signatures (e_spyw.i00)
   	 e ›6Ðjž8 Î e                                                                           g	 AMO		Signatures\BD\emalware.006Ê7108A7DD7482B70C81CCE6EA9B1172A7Malware signatures (emalware.006)h	 AMO		Signatures\BD\emalware.000 é“ABA1A3509C54BA03647338517E3F10E3Malware signatures (emalware.000)d	 =MK		Signatures\BD\e_spyw.i28 ÿÛ873D345440CF88C086CAE548C341712CMalware signatures (e_spyw.i28)d	 =MK		Signatures\BD\e_spyw.i27 ÙA3F26A2B3779850EC937ABF6F3BDBF39Malware signatures (e_spyw.i27)d	 =MK		Signatures\BD\e_spyw.i26 ŨC89707CA6133677F993F63CF250262F5Malware signatures (e_spyw.i26)d	 =MK		Signatures\BD\e_spyw.i25 Ø+92923DD7BC2EDB07EBC4E6E8020A95C8Malware signatures (e_spyw.i25)d	 =MK		Signatures\BD\e_spyw.i24 ݯ26951FA21F07AD583E6921EF4B5E762EMalware signatures (e_spyw.i24)c	 =MK		Signatures\BD\e_spyw.i23
C5FA54B9D146BB838A3DC0DFE6B3BC35Malware signatures (e_spyw.i23)c	 =MK		Signatures\BD\e_spyw.i22„9188B808F1C5005C7AD59B34EE10F8F2Malware signatures (e_spyw.i22)
   	 O —.Å\óŠ! ¸ O                                                     g$	 AMO		Signatures\BD\emalware.030c47CBDDF79303CDF4DC3F64DA89646A74Malware signatures (emalware.030)g#	 AMO		Signatures\BD\emalware.029,D0B768CF3D4DB141D82BE05A9BD4480EMalware signatures (emalware.029)g"	 AMO		Signatures\BD\emalware.028j14B0929A23F4096657DCAF9B1CD5A870Malware signatures (emalware.028)g!	 AMO		Signatures\BD\emalware.027Å9427C929F29184CBDB0F006E81916964Malware signatures (emalware.027)g 	 AMO		Signatures\BD\emalware.026Æ2F5974144D30020B9E7EB5C234BB7E5BMalware signatures (emalware.026)g	 AMO		Signatures\BD\emalware.025 C6D862AE804D99DF11DBA0E42D0F43EBMalware signatures (emalware.025)g	 AMO		Signatures\BD\emalware.024òDB9EB2BFBF4C7E2E2F5C007893B123B4Malware signatures (emalware.024)g	 AMO		Signatures\BD\emalware.023ä5F1E3F7656CDE73A57713704F3BE337EMalware signatures (emalware.023)g	 AMO		Signatures\BD\emalware.022625F7B840838AE82FC72DE72D00590560Malware signatures (emalware.022)
   	 O —.Å\óŠ! ¸ O                                                     g-	 AMO		Signatures\BD\emalware.04038A0B69876C8A770FE8383D87484E7ABMalware signatures (emalware.040)g,	 AMO		Signatures\BD\emalware.039ÆE385D6A972F984AB1B11EC097CB875C1Malware signatures (emalware.039)g+	 AMO		Signatures\BD\emalware.038çEE72E9EBACFB2C9C6A051154AA36D244Malware signatures (emalware.038)g*	 AMO		Signatures\BD\emalware.0375AF687688338D5A779AE9C95AE653E16Malware signatures (emalware.037)g)	 AMO		Signatures\BD\emalware.036˜93C7DB2FDFE1F5003021D0833A0B4CE8Malware signatures (emalware.036)g(	 AMO		Signatures\BD\emalware.035C5E7F16355D4E2107A192B2099A0A30CMalware signatures (emalware.035)g'	 AMO		Signatures\BD\emalware.034‚769952F79AD207214C10C68DEA6B3979Malware signatures (emalware.034)g&	 AMO		Signatures\BD\emalware.033ß9BBEC507C413F2545EC51FD63E9F2928Malware signatures (emalware.033)g%	 AMO		Signatures\BD\emalware.032s30B2A8DCCD1D471CE89E209D576B32FFMalware signatures (emalware.032)
   	 O —.Å\óŠ! ¸ O                                                     g6	 AMO		Signatures\BD\emalware.155=3118F03CE7F5A61779B725D31FDE5CEDMalware signatures (emalware.155)g5	 AMO		Signatures\BD\emalware.14391688AA764D38AC480343F2CD8A5FD384Malware signatures (emalware.143)g4	 AMO		Signatures\BD\emalware.111tD585A9EDF186288FD5CB89AD62650155Malware signatures (emalware.111)g3	 AMO		Signatures\BD\emalware.107ÿ4E7876BDB48E114EDEC96E2934118C6BMalware signatures (emalware.107)g2	 AMO		Signatures\BD\emalware.10675160BE2F1B72901E125464A4A369FC9Malware signatures (emalware.106)g1	 AMO		Signatures\BD\emalware.105
25267DD1EB806589590333EBE30E223FMalware signatures (emalware.105)g0	 AMO		Signatures\BD\emalware.094 FA90DD6F37F6C4B18EAAC5B65468235BMalware signatures (emalware.094)g/	 AMO		Signatures\BD\emalware.042ãACE268A7FAE995CBF3A44BFA873322B7Malware signatures (emalware.042)g.	 AMO		Signatures\BD\emalware.04137F596234966E7D2689684EFD7BD4D01Malware signatures (emalware.041)
   	 O —.Å\óŠ! ¸ O                                                     g?	 AMO		Signatures\BD\emalware.260#E979EFD60E691551FB7F6614F4AFB437Malware signatures (emalware.260)g>	 AMO		Signatures\BD\emalware.2592B7ABF15329F1629913897FB7598950BMalware signatures (emalware.259)g=	 AMO		Signatures\BD\emalware.258}ED6F497AFAB6C2F98C97DAB9842C77C7Malware signatures (emalware.258)g<	 AMO		Signatures\BD\emalware.251272EB8EAB7630D5F30FF0918AD73A3ABMalware signatures (emalware.251)g;	 AMO		Signatures\BD\emalware.201=FF90FC92B5F27A20CECC91A257B6BB7FMalware signatures (emalware.201)g:	 AMO		Signatures\BD\emalware.194Ú4559B58D50B80C735FC08E181F83AA67Malware signatures (emalware.194)g9	 AMO		Signatures\BD\emalware.168!Ì8B08C3ACF2463EE05636BC52FC2AA346Malware signatures (emalware.168)g8	 AMO		Signatures\BD\emalware.163	êF3FC2E2BFD148909520FC9DFE31842A0Malware signatures (emalware.163)g7	 AMO		Signatures\BD\emalware.158ˆ31ECEE7BCB00B82E5B563D4CA46D689CMalware signatures (emalware.158)
   	 O —.Å\óŠ! ¸ O                                                     gH	 AMO		Signatures\BD\emalware.283K198199BD4A34F87FCC0B5602C8331248Malware signatures (emalware.283)gG	 AMO		Signatures\BD\emalware.281T6486A611968D06BCAA2A307BBA71DEA8Malware signatures (emalware.281)gF	 AMO		Signatures\BD\emalware.279â3707CC006F32E59164D8DB21122E4761Malware signatures (emalware.279)gE	 AMO		Signatures\BD\emalware.2787CB4FD2986AFECC42EE9C553176753F0Malware signatures (emalware.278)gD	 AMO		Signatures\BD\emalware.274{957AA29EBD029864792A111CFD9B37B2Malware signatures (emalware.274)gC	 AMO		Signatures\BD\emalware.272)D3724613DB518C818972AD9632A144EFMalware signatures (emalware.272)gB	 AMO		Signatures\BD\emalware.268úB7967AC7F15DFE5B767A3FC9C3DE862CMalware signatures (emalware.268)gA	 AMO		Signatures\BD\emalware.266=BEF50B88A6DBD48960483092BB8242FBMalware signatures (emalware.266)g@	 AMO		Signatures\BD\emalware.265Ç10F4C2548299ADAC87CDF6DA3297DC5EMalware signatures (emalware.265)
   	 O —.Å\óŠ! ¸ O                                                     gQ	 AMO		Signatures\BD\emalware.297k3B7FA8D3EC2F736B9C8796FE4D32D356Malware signatures (emalware.297)gP	 AMO		Signatures\BD\emalware.295‹8AB2903F1F623AD1315141AB6ED8844DMalware signatures (emalware.295)gO	 AMO		Signatures\BD\emalware.294‹6CE9D41EF84BBC35E6A5F88495D451BEMalware signatures (emalware.294)gN	 AMO		Signatures\BD\emalware.293ÈF9E58FC88B42A557E1C180D381FBC5B9Malware signatures (emalware.293)gM	 AMO		Signatures\BD\emalware.290¿255769C9180C298D7DCB62D07D66AA7DMalware signatures (emalware.290)gL	 AMO		Signatures\BD\emalware.288)931D9866029CF034283B4EBDD242DC86Malware signatures (emalware.288)gK	 AMO		Signatures\BD\emalware.287?D995025F2A7946E0E41DB2528474CEC4Malware signatures (emalware.287)gJ	 AMO		Signatures\BD\emalware.286!FF94BDCA1692C2B8E803F2E77A86FA65Malware signatures (emalware.286)gI	 AMO		Signatures\BD\emalware.284y5562D9B623F5EA79D2D7278BF662B443Malware signatures (emalware.284)
   	 O —.Å\óŠ! ¸ O                                                     gZ	 AMO		Signatures\BD\emalware.386[¥D18AD02D5372B439228F787A5D3589E9Malware signatures (emalware.386)gY	 AMO		Signatures\BD\emalware.3859îF7D45209EC6447655CF25DBE60C54740Malware signatures (emalware.385)gX	 AMO		Signatures\BD\emalware.384ÃD96F7E64F1A6D79FD2A9C0DF7104110AMalware signatures (emalware.384)gW	 AMO		Signatures\BD\emalware.383„01246DD4AE07D5838F6CC7E5870B93D5Malware signatures (emalware.383)gV	 AMO		Signatures\BD\emalware.382]A78C4CE25F8C391066A2047D48B7B4FBMalware signatures (emalware.382)gU	 AMO		Signatures\BD\emalware.378$4A728AA890EEA10DE67CED8CD44D8013Malware signatures (emalware.378)gT	 AMO		Signatures\BD\emalware.375k0D72AE06CD0D11EF8F33CE3B03921006Malware signatures (emalware.375)gS	 AMO		Signatures\BD\emalware.371¡094831F64C8D84AC4B5DD5BB149272FFMalware signatures (emalware.371)gR	 AMO		Signatures\BD\emalware.2983735D40676DF4C4E772A751D1CD73A28Malware signatures (emalware.298)
   	 O —.Å\óŠ! ¸ O                                                     gc	 AMO		Signatures\BD\emalware.3953
1726825DE576DA7B99ABC335F22CF7CCMalware signatures (emalware.395)gb	 AMO		Signatures\BD\emalware.394092CD1F08AEB1B74066A7A3D6E7DC447DMalware signatures (emalware.394)ga	 AMO		Signatures\BD\emalware.3934E5BE584D87D3E4CBFAA4C93B0DCB9A0ADMalware signatures (emalware.393)g`	 AMO		Signatures\BD\emalware.392@~E014C5594B6D64C55B03E9BD9A11C726Malware signatures (emalware.392)g_	 AMO		Signatures\BD\emalware.391/·1387D2BA29D7C86F9B785766E9CEB29FMalware signatures (emalware.391)g^	 AMO		Signatures\BD\emalware.390#²585923854DCDFCB20DF84CA86D9C3EB6Malware signatures (emalware.390)g]	 AMO		Signatures\BD\emalware.389K13F52861886A42453A81D18EB5E1AA53Malware signatures (emalware.389)g\	 AMO		Signatures\BD\emalware.388c16B43C31E0A7C1B9EAD28F98196892F6Malware signatures (emalware.388)g[	 AMO		Signatures\BD\emalware.387;47797C749F29DEF96C386C58D4E7D65CFMalware signatures (emalware.387)
   	 J —.Ä[òˆ ´ J                                                hl	 AMO		Signatures\BD\emalware.i10kF64B02720DE8398CBDF57B256D5780DD8Malware signatures (emalware.i10)hk	 AMO		Signatures\BD\emalware.i09ÊlD3E1AF4116D417FC12ECDC9361D1AFA0Malware signatures (emalware.i09)hj	 AMO		Signatures\BD\emalware.i07Ä”2AC240F3C3EA1231443B7F1204DA10F0Malware signatures (emalware.i07)hi	 AMO		Signatures\BD\emalware.i06Ï'AE3A2BFDE557B04A6E1C3913CE47878AMalware signatures (emalware.i06)gh	 AMO		Signatures\BD\emalware.i05uõ2D3E63FAA67930F1D2AC0EA967781AACMalware signatures (emalware.i05)gg	 AMO		Signatures\BD\emalware.i04'441A2ED1A4BDEA9C711C3DC22E99FA73Malware signatures (emalware.i04)hf	 AMO		Signatures\BD\emalware.i02…3152C9D61A6AE74E6340E64CE924633CAMalware signatures (emalware.i02)ge	 AMO		Signatures\BD\emalware.i01wCD078EED1A75BF0001FA86C2EE2B75E7Malware signatures (emalware.i01)gd	 AMO		Signatures\BD\emalware.396/[5A3962D800F1E7D39C566DDADA6EE8F3Malware signatures (emalware.396)
   	 I –-ÃYð† ² I                                               gu	 AMO		Signatures\BD\emalware.i23*×182AD6D4E09EC5BA2109466195A8B9C2Malware signatures (emalware.i23)ht	 AMO		Signatures\BD\emalware.i22Ñj11417740C94F0A1679B5AACC193D3F0DMalware signatures (emalware.i22)hs	 AMO		Signatures\BD\emalware.i21ÃAA016BFA99E47720469E2921D53E852FMalware signatures (emalware.i21)hr	 AMO		Signatures\BD\emalware.i20UY444B0E6AC8CF51FBBEBD1680EBDE84C5Malware signatures (emalware.i20)gq	 AMO		Signatures\BD\emalware.i18äDDC07AFD1DFDDA9F1CD91F488A92C894Malware signatures (emalware.i18)hp	 AMO		Signatures\BD\emalware.i16Ê	39AC6AC42CF786E0291B7F77DD7F3850Malware signatures (emalware.i16)ho	 AMO		Signatures\BD\emalware.i15UÔ755F990E6147731F95B67F8B4B70B9C3Malware signatures (emalware.i15)gn	 AMO		Signatures\BD\emalware.i14r7C6CBEC5B315B2F097A74DCC2A842936Malware signatures (emalware.i14)hm	 AMO		Signatures\BD\emalware.i12{Ü0D3E5E443984455783B7D5CFE17258E2Malware signatures (emalware.i12)
   	 J –-ÃZð† ³ J                                                g~	 AMO		Signatures\BD\emalware.i33vtFE03462ABA07A849038736E4CCEB2BE9Malware signatures (emalware.i33)g}	 AMO		Signatures\BD\emalware.i323ÖD7B84429FA07832891B49525159F553CMalware signatures (emalware.i32)h|	 AMO		Signatures\BD\emalware.i31 ¼&8C7E6748C61E6F88B78DC34D194658DCMalware signatures (emalware.i31)h{	 AMO		Signatures\BD\emalware.i30ñˆD2EE9BB488E9713584285F2E8BF8E827Malware signatures (emalware.i30)hz	 AMO		Signatures\BD\emalware.i29í03591AC8C16638187A620BCA5F72F514Malware signatures (emalware.i29)gy	 AMO		Signatures\BD\emalware.i281¸7D009EA41A25BBFC90D1FED2C59346C9Malware signatures (emalware.i28)hx	 AMO		Signatures\BD\emalware.i27 À7B1871F7CEB3866BBA917986E38F7E2EMalware signatures (emalware.i27)gw	 AMO		Signatures\BD\emalware.i26c 1ED1E8ADE034FC118853CF6D880A7083Malware signatures (emalware.i26)hv	 AMO		Signatures\BD\emalware.i24Y48101627393AF654CF243AB1D1FFE137Malware signatures (emalware.i24)
   	 D —-ÃXîƒ ¯ D                                          h	 AMO		Signatures\BD\emalware.i44 óB29951CFE31B2E3CC2B093E9DEC1CB7EMalware signatures (emalware.i44)g	 AMO		Signatures\BD\emalware.i43H9229A95578C1318050ED2CE402537F60Malware signatures (emalware.i43)g	 AMO		Signatures\BD\emalware.i407B8A3EDDF6C00CCC142DD4BA204EBF9A2Malware signatures (emalware.i40)h	 AMO		Signatures\BD\emalware.i39O®61C0B448A87ED39DF8B1AB944672D184Malware signatures (emalware.i39)g	 AMO		Signatures\BD\emalware.i38>‚CDC7076C091B6AE89A19A839C30F4050Malware signatures (emalware.i38)h	 AMO		Signatures\BD\emalware.i37 E905C85B6C80A61769F7F5767C9C45D6Malware signatures (emalware.i37)g	 AMO		Signatures\BD\emalware.i36^{306FA7C55B479F3E7703921872591D6EMalware signatures (emalware.i36)g 	 AMO		Signatures\BD\emalware.i35wùE374C9F98B0D3CE6B48C57BDE7F5AF44Malware signatures (emalware.i35)g	 AMO		Signatures\BD\emalware.i34zWEDFB1EC6E7A138B74C1064C6CBD675C2Malware signatures (emalware.i34)
   	 @ –+ÀVì « @                                      h	 AMO		Signatures\BD\emalware.i54¥“0AB3C8DD48F5FEF67008DA59565991DBMalware signatures (emalware.i54)h	 AMO		Signatures\BD\emalware.i53ÜÅ1C3BA7CFA7EE3B791082743DF7737430Malware signatures (emalware.i53)h	 AMO		Signatures\BD\emalware.i51Ýä95C89DEE928486128F50163DC9D98C8FMalware signatures (emalware.i51)h
	 AMO		Signatures\BD\emalware.i50_…45653F492AB883FDE06EB094B2D40679Malware signatures (emalware.i50)g	 AMO		Signatures\BD\emalware.i49CF1B0D5CA1F29FE3CBC217EB0EB4EBC4Malware signatures (emalware.i49)g	 AMO		Signatures\BD\emalware.i48CÕ5DB95F2280044BF59D8FF19F83E6E990Malware signatures (emalware.i48)h
	 AMO		Signatures\BD\emalware.i47ñ½BC278CA851040E691055D9E9A8143B31Malware signatures (emalware.i47)h		 AMO		Signatures\BD\emalware.i46ø\BEC629300A3A755F91EC16CBB6941AFCMalware signatures (emalware.i46)g	 AMO		Signatures\BD\emalware.i45|9D30A274189D7B05BF954E7B6BA35E23Malware signatures (emalware.i45)
   	 B •*ÀVì‚ * B                                        h	 AMO		Signatures\BD\emalware.i65?$CFF5401FED6EA397C01168E0FCBD7DA3Malware signatures (emalware.i65)g	 AMO		Signatures\BD\emalware.i64s5A957682B070D72A8BACE6D07F8948F7Malware signatures (emalware.i64)h	 AMO		Signatures\BD\emalware.i63ÐH6F309A95CD8031985BECB40CDA37591EMalware signatures (emalware.i63)g	 AMO		Signatures\BD\emalware.i62MëA7B9BA4D7F09B6F1E8BAF661F05F1469Malware signatures (emalware.i62)g	 AMO		Signatures\BD\emalware.i61&C95D5AC61CBCA039DF91F2962FDEA2BCBMalware signatures (emalware.i61)g	 AMO		Signatures\BD\emalware.i58xÙB9F244FE57D5DFD78163FD54CB36C01AMalware signatures (emalware.i58)g	 AMO		Signatures\BD\emalware.i57ˆFD16C2C5919211F42BBAB3AEF102E135Malware signatures (emalware.i57)h	 AMO		Signatures\BD\emalware.i56A8B526800CE14B83E1D2A325598EE235BMalware signatures (emalware.i56)h	 AMO		Signatures\BD\emalware.i55 €¸8069E5893A25FB988FC9CD0F4896A6BEMalware signatures (emalware.i55)
   	 A •+ÀUë ¬ A                                       h"	 AMO		Signatures\BD\emalware.i75Ô3E37CBF52DFABFED8A64BA32A58E7036Malware signatures (emalware.i75)h!	 AMO		Signatures\BD\emalware.i74àS87343EE8417A1838EE742F0BEE4D6334Malware signatures (emalware.i74)g 	 AMO		Signatures\BD\emalware.i72³01F2F94691E098DF2B1BFEA266CD61C5Malware signatures (emalware.i72)g	 AMO		Signatures\BD\emalware.i71cü11F69107BE31ADE84F8F2FA675893B3AMalware signatures (emalware.i71)g	 AMO		Signatures\BD\emalware.i70¨D8A36FF28240B9D09F6E8212DA2E3183Malware signatures (emalware.i70)h	 AMO		Signatures\BD\emalware.i69Ž_AAEACF1420865D40F70F26374D2B5F8EMalware signatures (emalware.i69)h	 AMO		Signatures\BD\emalware.i68–001AF81375C80715677D0B982FB3265AMalware signatures (emalware.i68)g	 AMO		Signatures\BD\emalware.i67zåC41DB5DE5C216FAB83B32DDFF2FA1FC5Malware signatures (emalware.i67)h	 AMO		Signatures\BD\emalware.i66ÙsB948DB7926C8A21AB4B25A663B69EE3EMalware signatures (emalware.i66)
   	 V •+ÁWí‚ ¶ V                                                            ]+	 7ME		Signatures\BD\sdx.ivd,Ž7B30F18196F8225059687A406192F1C0Malware signatures (sdx.ivd)c*	 =MK		Signatures\BD\mdx_97.ivd)0776BC6A00482F4F6BC20EEA3E4AEE51Malware signatures (mdx_97.ivd)c)	 =MK		Signatures\BD\mdx_97.cvdn F2032EBEC54A1DF90FCC3AF6DF49F89BMalware signatures (mdx_97.cvd)h(	 AMO		Signatures\BD\emalware.i81Ë3594AE0477AD3930D3BC0F9CDDFFE6F3Malware signatures (emalware.i81)g'	 AMO		Signatures\BD\emalware.i80a4863C92F30275A7808AA4CA2A3D4D6FCMalware signatures (emalware.i80)g&	 AMO		Signatures\BD\emalware.i79¢17BC545B78D26779E373AA65C7F916EBMalware signatures (emalware.i79)g%	 AMO		Signatures\BD\emalware.i78@æ5DE05BCBB5B8966FEA76F31EB166BBC5Malware signatures (emalware.i78)g$	 AMO		Signatures\BD\emalware.i77xC5763F2090170FAFD54531997E4DAA9DMalware signatures (emalware.i77)h#	 AMO		Signatures\BD\emalware.i76 ¯ú96698CFD0CE9D56D073916FD92BACF41Malware signatures (emalware.i76)
   š š                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                c,	 =MK		Signatures\BD\update.txtZ2CE953A394FD2C5EF5504BC1E178E30EMalware signatures (update.txt)   û    9û8 ‚                                                                                                                3
 ?'3YApplication.InstallAd (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\CIUVOUéñÿ2015-09-04 19:33:190{9296A2A8-3E3A-43FD-86AB-DAD31FD51C86} M_3YApplication.Win32.WebToolbar (A)C:\Users\Margarete\AppData\Local\Temp\apnUéñè2015-09-04 19:32:560{E28A0786-E003-4BA2-B83E-FFDAD36293C1}x A13YApplication.AppInstall (A)C:\ProgramData\apnUéñè2015-09-04 19:32:560{831C92E9-401D-43E8-A0E5-37CD892C7F46}1
 9)3YApplication.AdLink (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\LINKEYUéñæ2015-09-04 19:32:540{2FBD37D9-D3C4-4249-A5A4-E3B6D2D16C6A}
 9‚E3YApplication.AdLink (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{54739D49-AC03-4C57-9264-C5195596B3A1}Uéñæ2015-09-04 19:32:540{30A8C848-DBA3-41D7-960F-15D8A7E1   8
   ¼ ¼                                                                                                                                                                                                                                                                                                                                                                                                                                                  „A/ˆGtriggerILogs_AfterInsertILogsCREATE TRIGGER ILogs_AfterInsert AFTER INSERT ON ILogs
BEGIN
	UPDATE ILogs SET Date = CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 
		StrDate = DateTime(CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 'unixepoch')
		WHERE ROWID = New.ROWID;

	DELETE FROM ILogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'ILogs') = 0 THEN 0
		ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='ILogs') END;
END
    ‚ þJÐ8 ‚                                                                                                                3
 ?'3YApplication.InstallAd (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\CIUVOUéñÿ2015-09-04 19:33:190{9296A2A8-3E3A-43FD-86AB-DAD31FD51C86} M_3YApplication.Win32.WebToolbar (A)C:\Users\Margarete\AppData\Local\Temp\apnUéñè2015-09-04 19:32:560{E28A0786-E003-4BA2-B83E-FFDAD36293C1}x A13YApplication.AppInstall (A)C:\ProgramData\apnUéñè2015-09-04 19:32:560{831C92E9-401D-43E8-A0E5-37CD892C7F46}1
 9)3YApplication.AdLink (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\LINKEYUéñæ2015-09-04 19:32:540{2FBD37D9-D3C4-4249-A5A4-E3B6D2D16C6A}
 9‚E3YApplication.AdLink (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{54739D49-AC03-4C57-9264-C5195596B3A1}Uéñæ2015-09-04 19:32:540{30A8C848-DBA3-41D7-960F-15D8A7E1488D}
   w Gw                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           M
 ?[3YApplication.InstallAd (A)Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SEARCHTHEWEBARPUéò2015-09-04 19:33:210{29E064AE-DC96-4795-B7DD-9ED4684C7F1F}6
 ?-3YApplication.InstallAd (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\SOFTONICUéò 2015-09-04 19:33:200{6F07CB46-C6A4-49E6-A031-C5F5E0E3EF86}
    @ K Ñ @                                               A1   ]	YApplication.AppInstall (A)C:\ProgramData\apn6UéõC9563417-0B45-47CB-9402-12D0010A22FB.EQF{831C92E9-401D-43E8-A0E5-37CD892C7F46}+ M_   ]	YApplication.Win32.WebToolbar (A)C:\Users\Margarete\AppData\Local\Temp\apn6Uéõ97888C95-9A43-4B91-AA7E-45BBBC314C8F.EQF{E28A0786-E003-4BA2-B83E-FFDAD36293C1}I ?'   ]	YApplication.InstallAd (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\CIUVO7Uéõ6F2E5559-FE27-46AC-8058-24439566C1D5.EQF{9296A2A8-3E3A-43FD-86AB-DAD31FD51C86}L ?-   ]	YApplication.InstallAd (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\SOFTONIC7Uéõ4894FFF2-B7D3-4555-8263-7B39A1FCA814.EQF{6F07CB46-C6A4-49E6-A031-C5F5E0E3EF86}c ?[   ]	YApplication.InstallAd (A)Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SEARCHTHEWEBARP7UéõCD26FF77-0224-4111-8FDC-8D6395E6BC98.EQF{29E064AE-DC96-4795-B7DD-9ED4684C7F1F}
    6                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ‚ 9‚E   ]	YApplication.AdLink (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{54739D49-AC03-4C57-9264-C5195596B3A1}7UéõDDE97943-DF67-46B2-8F23-345465337FB2.EQF{30A8C848-DBA3-41D7-960F-15D8A7E1488D}G 9)   ]	YApplication.AdLink (A)Key: HKEY_USERS\S-1-5-21-4080927462-3844598824-2763787523-1001\SOFTWARE\LINKEY7Uéõ6C47EDFE-B909-408A-8EF7-8946740EA511.EQF{2FBD37D9-D3C4-4249-A5A4-E3B6D2D16C6A}
Jetzt installiere ich Avira noch neu.

Alt 05.09.2015, 13:53   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Ehm, schau bitte nochmal ob es ein weitres Log gibt. Wurde was gefunden?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.09.2015, 12:19   #9
sweet_cherry
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Ja, es wurden 7 Elemente gefunden, glaube ich, die habe ich dann in Quarantäne verschoben.

In dem Ordner von EEK wurde noch ein anderes Log gespeichert, das ist sehr lang, deswegen hier die ersten Zeilen:

Code:
ATTFilter
MZP      ÿÿ  ¸       @                                     º ´	Í!¸LÍ!This program must be run under Win32
$7                                                                                                                                        PE  L *ÎU        à Ž£ Ì  †     Àã     ð   @                       )    ¯Ÿ  @                      P& Ó     & +   ð'  *          V (H   `& ˜                                                 d(& „                          .text   <·     ¸                   `.itext  Ø   Ð     ¼                `.data   ìŸ   ð  *   Ð             @  À.bss     Œ        p                À.idata  +    &  ,   p             @  À.edata  Ó    P&     œ             @  @.reloc  ˜  `&  Ž  ž             @  B.rsrc    *  ð'  *  ,             @  @              )      V             @  @                                                                                                                                                                @ Boolean        @ FalseTrueSystem ‹À4@ AnsiChar    ÿ    @ P@ 	Char    ÿÿ   @ h@ ShortInt €ÿÿÿ    @ „@ SmallInt €ÿÿÿ   @ *@ Integer   €ÿÿÿ ¸@ Byte    ÿ    @ Ð@ Word    ÿÿ   @ è@ Pointer     ü@ Cardinal    ÿÿÿÿ @ @ Int64       €ÿÿÿÿÿÿÿ @ 8@ UInt64        ÿÿÿÿÿÿÿÿ ‹ÀX@ 
NativeUInt    ÿÿÿÿ t@ Single  „@ Extended @ ˜@ Double ¨@ Comp @ ¸@ Currency @ Ì@ ShortStringÿ à@ 	PAnsiChar0@  @ ø@ 	PWideCharL@  @ @ WordBool   €ÿÿÿ@ FalseTrueSystem @@ LongBool   €ÿÿÿ<@ FalseTrueSystem p@ string ‹À€@ 
WideString ‹À”@ 

AnsiString   ¨@ Variant ¸@ TClass@@  ‹ÀÌ@ HRESULT   €ÿÿÿ ä@ PGUIDô@  @ ø@ TGUID           ø@     D1 Ì@    D2 Ì@    D3        D4  ‹ÀL@ PInterfaceEntryd@  h@ TInterfaceEntry           ô@     IID ä@    VTable œ@    IOffset œ@    
ImplGetter  ‹ÀØ@ PInterfaceTableð@  ô@ TInterfaceTableÄE         œ@     
EntryCount        Entries  @ D@ TMethod           ä@     Code ä@    Data  Ô@             D@     Ô@     Ð@        ìX@ ôX@ [@ [@ $[@ ([@ ,[@  [@ ÈW@ äW@  X@    Ø@ D ôÿþ@ B ôÿ"@ C ôÿ`@ B ôÿ@ B ôÿ¸@ C ôÿì@ C ôÿ%@ C ôÿP@ C ôÿy@ C ôÿ¥@ C ôÿá@ C ôÿ@ C ôÿW@ C ôÿ@ B ôÿ×@ B ôÿ@ B ôÿW@ C ôÿ•@ C ôÿÆ@ C ôÿù@ J õÿ,@ J öÿW@ J ÷ÿŠ@ J øÿå@ J ùÿ@ J úÿG@ J ûÿ€@ J üÿ¿@ K ýÿê@ J þÿ@ M ÿÿTObject&  X@ Create      @@   Self  $ 0X@ Free      @@   Self  > <X@ InitInstance @@         Self  ä@  Instance  / ”X@ CleanupInstance      @@   Self  )  W@ 	ClassType ´@  @@   Self  4 W@ 	ClassName l@         Self @l@    9  W@ ClassNameIs  @         Self l@  Name  + ¼W@ ClassParent ´@         Self  ) üZ@ 	ClassInfo ä@         Self  , øW@ InstanceSize œ@         Self  < èZ@ InheritsFrom  @         Self  ´@  AClass  ; à[@ 
MethodAddress ä@         Self È@  Name  ; P\@ 
MethodAddress ä@         Self l@  Name  F x\@ 
MethodName l@         Self  ä@  Address @l@    : Ä\@ FieldAddress ä@  @@   Self È@  Name  : 8]@ FieldAddress ä@  @@   Self l@  Name  F øX@ GetInterface  @  @@   Self ô@  IID       Obj  > ÈY@ GetInterfaceEntry H@         Self ô@  IID  1 Z@ GetInterfaceTable Ô@         Self  3 Z@ UnitName l@         Self @l@    3 ìX@ Equals  @  @@   Self @@  Obj  + ôX@ GetHashCode œ@  @@   Self  3 [@ ToString l@  @@   Self @l@    [ [@ SafeCallException È@  @@   Self @@  ExceptObject  ä@  
ExceptAddr  1 $[@ AfterConstruction      @@   Self  1 ([@ BeforeDestruction      @@   Self  9 ,[@ Dispatch      @@   Self      Message  ?  [@ DefaultHandler      @@   Self      Message  + ÈW@ NewInstance @@         Self  , äW@ FreeInstance      @@   Self  '  X@ Destroy      @@   Self  @ D@ TObjectÔ@       System     h@ 
IInterface            À      FSystem ÿÿ ‹Àœ@ IEnumerabled@                  System ÿÿ Ð@ 	IDispatchd@       À      FSystem ÿÿ @ ̃D$øé5’  ƒD$øéS’  ƒD$øé]’  Ì@ @ @            À      F @        ¤@ ,@         €@ ¤@ Á@     Ý@    |@ ìX@ ôX@ [@ [@ ¯@  ¯@ ,[@  [@ 0¯@ äW@  X@        œ@    	FRefCount    ï@ J ùÿ @ J úÿQ@ K ýÿTInterfacedObject1 ¯@ AfterConstruction      |@   Self  1  ¯@ BeforeDestruction      |@   Self  + 0¯@ NewInstance @@         Self  €@ TInterfacedObject¤@ @@   System   ±@   œ@   ÿ          €   €ÿÿRefCount,@             D@             ,@    |@ ìX@ ôX@ [@ [@ $[@ ([@ ,[@  [@ ÈW@ äW@  X@ TCustomAttribute@ D@ TCustomAttribute,@ @@   System     @ t@ PShortStringÈ@  Œ@ 

UTF8Stringéý *@ 

RawByteStringÿÿ ¸@ TBoundArray          œ@ Systemœ@  ‹Àè@ PIntegerœ@  ü@ PByte´@  @  @ 	TDateTime ‹À$ @ TVarArrayBound           œ@     ElementCount œ@    LowBound  t @ 
TVarArrayBoundArray        @      * @ 	PVarArray´ @  @ ¸ @ 	TVarArray           Ì@     DimCount Ì@    Flags œ@    ElementSize œ@    	LockCount ä@    Data p @    Bounds  @ L!@ TVarData           Ì@     VType Ì@    	Reserved1 Ì@    	Reserved2 Ì@    	Reserved3 €@    	VSmallInt œ@    VInteger p@    VSingle ”@    VDouble ´@    	VCurrency  @    VDate ô@    VOleStr ä@    	VDispatch È@    VError @    VBoolean ä@    VUnknown d@    	VShortInt ´@    VByte Ì@    VWord ø@    	VLongWord @    VInt64 4@    VUInt64 ä@    VString ä@    VAny œ @    VArray ä@    VPointer ä@    VUString        VLongs        VWords        VBytes         RawData  ¨#@ 
TTypeTableüÿÿÿÿÿä@      Ì#@ 
PTypeTable¤#@  ‹Àä#@ PPackageTypeInfoü#@   $@ TPackageTypeInfo           œ@     	TypeCount È#@    	TypeTable œ@    	UnitCount p@    	UnitNames  @ |$@ TThreadFunc      œ@  ä@ 	Parameter ¬$@ 
PLibModuleÀ$@  ‹ÀÄ$@ 
TLibModule           ¨$@     Next ø@    Instance ø@    CodeInstance ø@    DataInstance ø@    ResInstance à#@    TypeInfo œ@    Reserved  ‹Àx%@ 
PResStringRec%@  @ ”%@ 
TResStringRec                   Module œ@    
Identifier  ‹Àº   ’ðÁ@úÿÿÿÿ’ðÁHÃÿ%p)f ‹Àÿ%l)f ‹Àÿ%h)f ‹Àÿ%d)f ‹Àÿ%`)f ‹Àÿ%\)f ‹Àÿ%X)f ‹Àÿ%T)f ‹Àÿ%P)f ‹Àÿ%L)f ‹Àÿ%H)f ‹Àÿ%D)f ‹Àÿ%@)f ‹Àÿ%<)f ‹Àÿ%8)f ‹Àÿ%4)f ‹Àÿ%Œ(f ‹Àÿ%0)f ‹Àÿ%0)f ‹Àÿ%,)f ‹Àÿ%()f ‹Àÿ%$)f ‹Àÿ%ˆ(f ‹Àÿ% )f ‹Àÿ%)f ‹Àÿ%)f ‹Àÿ%)f ‹Àÿ%)f ‹Àÿ%)f ‹Àÿ%)f ‹Àÿ%)f ‹Àÿ% )f ‹Àÿ%ü(f ‹Àÿ%ø(f ‹Àÿ%ô(f ‹Àÿ%ð(f ‹Àÿ%ì(f ‹Àÿ%è(f ‹Àÿ%„(f ‹Àÿ%ä(f ‹Àÿ%à(f ‹Àÿ%Ü(f ‹Àÿ%Ø(f ‹Àÿ%|(f ‹Àÿ%x(f ‹Àÿ%t(f ‹Àÿ%Ô(f ‹Àÿ%Ð(f ‹Àÿ%Ì(f ‹Àÿ%È(f ‹Àÿ%l(f ‹Àÿ%h(f ‹Àÿ%d(f ‹Àÿ%Ä(f ‹Àÿ%À(f ‹Àÿ%¼(f ‹Àÿ%¸(f ‹Àÿ%´(f ‹ÀSƒÄ¼»
   Ç$D   Tè*ÿÿÿöD$,t·\$0‹ÃƒÄD[Ã@ ÿ%°(f ‹Àÿ%¬(f ‹Àÿ%¨(f ‹Àä ÿÿÿÿZ   FastMM Borland Edition (c) 2004 - 2008 Pierre le Riche / Professional Software Development  An unexpected memory leak has occurred.     The unexpected small block leaks are:
 The sizes of unexpected leaked medium and large blocks are:      bytes:     Unknown AnsiString  UnicodeString
Hilft das weiter?

Alt 07.09.2015, 08:57   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Nee, is aber egal. Wie läuft der Rechner aktuell?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.09.2015, 09:02   #11
sweet_cherry
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Ich habe noch einmal einen Scan mit Avira versucht, aber er ist wieder nicht weiter gekommen als 6,8% :/

Alt 07.09.2015, 19:57   #12
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


EEK ist aber sauber durchgelaufen?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.09.2015, 11:56   #13
sweet_cherry
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Ja, EEK ist durchgelaufen, hat Funde angezeigt und die habe ich in Quarantäne verschoben.

Alt 09.09.2015, 06:41   #14
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Deinstalliere Avira komplett.

Installiere Emsisoft.

Updaten, scannen.

Funktioniert auch?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.09.2015, 17:54   #15
sweet_cherry
 
Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Standard

Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


Entschuldige bitte die späte Antwort, ich war außer Landes.

Emisoft funktioniert, hat nach einem Malware-Scan 3 Objekte gefunden und 2 in Quarantäne verschoben. Es wird aber angezeigt, dass der Computer geschützt ist.

Soll ich Avira wieder installieren?

Antwort
Seite 1 von 2 1 2

Themen zu Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch
adware, antivirus, avira, avira -scan, beschädigung, bonjour, browser, cpu, desktop, dnsapi.dll, fehler, firefox, flash player, homepage, mozilla, programm, prozess, realtek, registry, rundll, scan, server, software, svchost.exe, system, udp, updates, windows, windowsapps


« Win 7 extrem verlangsamt | Windows 10 Trojaner mit Malwarebytes? »


Ähnliche Themen: Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch


  1. Windows 7: Computer stürtzt bei Scan mit Avira ab
    Log-Analyse und Auswertung - 01.06.2015 (14)
  2. Windows 7: Avira Scan bleibt stehen
    Log-Analyse und Auswertung - 14.04.2015 (13)
  3. Windows 7 stürzt bei Malwarebytes-Scan ab
    Plagegeister aller Art und deren Bekämpfung - 05.02.2015 (7)
  4. Avira Scan, Trojaner TR/Crypt.ZPACK.50636 gefunden, Fehlalarm oder echter Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 04.12.2014 (17)
  5. Windows 7 64 bit home: Malware oder Spyware gefunden, Avira Scan hat das Problem nicht behoben
    Log-Analyse und Auswertung - 29.10.2014 (13)
  6. 22 Trojaner oder Viren nach Avira-Scan entdeckt
    Plagegeister aller Art und deren Bekämpfung - 12.09.2014 (17)
  7. Avira wird durch Gruppenrichtlinie blockiert - kein Öffnen, Deinstallieren oder neu herunterladen
    Plagegeister aller Art und deren Bekämpfung - 31.08.2014 (43)
  8. Win7 64Bit - Email Account wurde kompromittiert, vermutlich durch Virus, Trojaner, Malware oder Hijacker. Nach Scan mit ESET Online Scanner
    Log-Analyse und Auswertung - 17.04.2014 (9)
  9. Malwarebyte Scan führt zu Absturz
    Plagegeister aller Art und deren Bekämpfung - 06.04.2014 (3)
  10. McAfee lässt keinen Scan zu!
    Plagegeister aller Art und deren Bekämpfung - 01.01.2014 (9)
  11. Windows 7 : PC ist sehr langsam Avira Scan 20 Funde
    Log-Analyse und Auswertung - 23.12.2013 (9)
  12. Laptop lahm, hängt oft, führt Sachen nicht aus oder fährt runter (Windows XP)
    Log-Analyse und Auswertung - 22.11.2013 (21)
  13. Virus TR/ATRAPS.Gen2 durch Avira entdeckt. Keine Lösung durch Avira
    Log-Analyse und Auswertung - 29.10.2013 (3)
  14. Windows 7: TR/Dropper.gen beim Avira-Scan gefunden
    Log-Analyse und Auswertung - 31.08.2013 (11)
  15. Avira System Speedup scan und rechner stürzt ab oder läuft extrem langsam
    Log-Analyse und Auswertung - 18.02.2013 (28)
  16. Virus führt zu vorgetäuschtem Antivirus Scan
    Log-Analyse und Auswertung - 26.12.2010 (3)
  17. AVIRA Scan Unverständlich - Problem oder OK?
    Log-Analyse und Auswertung - 22.03.2009 (19)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch - Hallo liebes Trojaner-Board-Team, vor zwei Tagen habe ich versucht, von Ariva einen Virenscan durchführern zu lassen. Als ich mir das Ergebnis anschauen wollte habe ich gemerkt, dass das Programm wohl - Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch...
Archiv
Du betrachtest: Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129