| Sakashima | 10.04.2015 22:03 |
Hallo Jürgen,
vielen Dank, dass du mir hilfst :)
Hier ist die frst.txt
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Chibichan (administrator) on CHIBICHAN-PC on 10-04-2015 22:52:10
Running from C:\Users\Chibichan\Downloads
Loaded Profiles: Chibichan (Available profiles: Chibichan & Arbeit & Administrator)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
() C:\Windows\System32\Rezip.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Check Point Software Technologies LTD) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Mozilla Corporation) C:\Users\Chibichan\Desktop\Tor Browser\Browser\firefox.exe
() C:\Users\Chibichan\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ISW] => [X]
HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [73360 2011-12-18] (Check Point Software Technologies LTD)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-21] (Realtek Semiconductor)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [726320 2015-03-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Run: [Windows Time] => rundll32.exe
HKU\S-1-5-21-1675562717-242507097-1823633445-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1037600 2014-01-20] (Conduit)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-1675562717-242507097-1823633445-1000] => 208.188.3.9:3128
HKU\S-1-5-21-1675562717-242507097-1823633445-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3281675&octid=CT3281675&SearchSource=61&CUI=UN13984548031528263&UM=2&UP=SPCDFB5174-8A00-4653-9E92-F001E8C8094D&SSPV=
URLSearchHook: HKLM - entrusted Toolbar - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - C:\Program Files\entrusted\prxtbentr.dll (Conduit Ltd.)
URLSearchHook: HKU\S-1-5-21-1675562717-242507097-1823633445-1000 - (No Name) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No File
URLSearchHook: HKU\S-1-5-21-1675562717-242507097-1823633445-1000 - entrusted Toolbar - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - C:\Program Files\entrusted\prxtbentr.dll (Conduit Ltd.)
SearchScopes: HKLM -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
SearchScopes: HKU\S-1-5-21-1675562717-242507097-1823633445-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN13984548031528263&UM=2
SearchScopes: HKU\S-1-5-21-1675562717-242507097-1823633445-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-1675562717-242507097-1823633445-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-1675562717-242507097-1823633445-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\S-1-5-21-1675562717-242507097-1823633445-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN13984548031528263&UM=2
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-28] (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03] (Check Point Software Technologies)
BHO: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-28] (Oracle Corporation)
BHO: entrusted Toolbar -> {e44a1809-4d10-4ab8-b343-3326b64c7cdd} -> C:\Program Files\entrusted\prxtbentr.dll [2013-03-05] (Conduit Ltd.)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03] (Check Point Software Technologies)
Toolbar: HKLM - entrusted Toolbar - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - C:\Program Files\entrusted\prxtbentr.dll [2013-03-05] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-1675562717-242507097-1823633445-1000 -> ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2011-11-03] (Check Point Software Technologies)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Chibichan\AppData\Roaming\Mozilla\Firefox\Profiles\vq9cw3ls.default
FF DefaultSearchEngine: Startpage (SSL)
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}
FF Homepage: about:blank
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3281675&SearchSource=2&CUI=UN89646785518971970&UM=2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll [2011-11-03] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-08-13] (DivX, LLC)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-01-12] (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\windows\system32\npDeployJava1.dll [2012-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-10-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-10-20] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-10-20] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2010-08-27] (the VideoLAN Team)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-10-20] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-11-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-11-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-11-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-11-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-11-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-10-20] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF SearchPlugin: C:\Users\Chibichan\AppData\Roaming\Mozilla\Firefox\Profiles\vq9cw3ls.default\searchplugins\avira-safesearch.xml [2014-03-22]
FF SearchPlugin: C:\Users\Chibichan\AppData\Roaming\Mozilla\Firefox\Profiles\vq9cw3ls.default\searchplugins\englische-ergebnisse.xml [2014-05-31]
FF SearchPlugin: C:\Users\Chibichan\AppData\Roaming\Mozilla\Firefox\Profiles\vq9cw3ls.default\searchplugins\ixquick-https.xml [2014-11-28]
FF SearchPlugin: C:\Users\Chibichan\AppData\Roaming\Mozilla\Firefox\Profiles\vq9cw3ls.default\searchplugins\lastminute.xml [2014-05-31]
FF SearchPlugin: C:\Users\Chibichan\AppData\Roaming\Mozilla\Firefox\Profiles\vq9cw3ls.default\searchplugins\startpage-ssl.xml [2014-12-02]
FF Extension: Avira Browser Safety - C:\Users\Chibichan\AppData\Roaming\Mozilla\Firefox\Profiles\vq9cw3ls.default\Extensions\abs@avira.com [2015-03-31]
FF Extension: HTTPS-Everywhere - C:\Users\Chibichan\AppData\Roaming\Mozilla\Firefox\Profiles\vq9cw3ls.default\Extensions\https-everywhere@eff.org [2015-04-02]
FF Extension: WEB.DE MailCheck - C:\Users\Chibichan\AppData\Roaming\Mozilla\Firefox\Profiles\vq9cw3ls.default\Extensions\toolbar@web.de.xpi [2013-09-23]
FF Extension: Adblock Plus - C:\Users\Chibichan\AppData\Roaming\Mozilla\Firefox\Profiles\vq9cw3ls.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-11]
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2012-05-20]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-20]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-03-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424 2015-03-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424 2015-03-31] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-03-31] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S4 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [497280 2011-11-03] (Check Point Software Technologies)
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [File not signed]
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2420616 2011-12-18] (Check Point Software Technologies LTD)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 CltMngSvc; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2015-03-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [27016 2011-11-03] (Check Point Software Technologies)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [721904 2010-07-05] () [File not signed]
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2015-03-17] (Avira GmbH)
R1 Vsdatant; C:\windows\System32\DRIVERS\vsdatant.sys [455256 2011-05-07] (Check Point Software Technologies LTD)
U3 a34fq07l; C:\windows\system32\Drivers\a34fq07l.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-10 22:52 - 2015-04-10 22:54 - 00020483 _____ () C:\Users\Chibichan\Downloads\FRST.txt
2015-04-10 22:51 - 2015-04-10 22:53 - 00000000 ____D () C:\FRST
2015-04-10 22:48 - 2015-04-10 22:48 - 01135104 _____ (Farbar) C:\Users\Chibichan\Downloads\FRST.exe
2015-04-09 21:05 - 2015-04-09 21:05 - 00000536 _____ () C:\Users\Chibichan\Desktop\fehler.txt
2015-03-25 20:04 - 2015-03-25 20:05 - 00985600 _____ () C:\Users\Chibichan\Downloads\MicrosoftFixit50123.msi
2015-03-25 19:17 - 2015-03-31 16:30 - 00000000 ____D () C:\Users\Chibichan\AppData\Roaming\Avira
2015-03-25 19:06 - 2015-03-17 14:02 - 00028520 _____ (Avira GmbH) C:\windows\system32\Drivers\ssmdrv.sys
2015-03-25 19:06 - 2015-03-17 14:01 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-03-25 19:06 - 2015-03-17 14:01 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-03-25 19:06 - 2015-03-17 14:01 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-25 19:06 - 2015-03-17 14:01 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2015-03-25 19:02 - 2015-03-25 19:02 - 00001161 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-03-25 19:00 - 2015-03-25 19:00 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-25 18:45 - 2015-03-25 18:45 - 04625104 _____ (Avira Operations GmbH & Co. KG) C:\Users\Chibichan\Downloads\avira_en_av_53e20cb6eb072__ws.exe
2015-03-24 19:30 - 2015-03-11 05:30 - 00623616 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-24 19:30 - 2015-03-11 05:30 - 00534528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-24 19:30 - 2015-03-11 05:29 - 00818176 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-24 19:30 - 2015-03-11 05:29 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-24 19:30 - 2015-03-11 05:29 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-24 19:30 - 2015-03-11 05:29 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-24 19:30 - 2015-03-11 05:29 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-03-24 19:30 - 2015-03-11 05:26 - 00892928 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-24 10:32 - 2015-03-24 10:33 - 34391223 _____ () C:\Users\Chibichan\Downloads\torbrowser-install-4.0.4_de.exe
2015-03-22 21:05 - 2015-04-10 13:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-11 12:51 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-11 12:51 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-11 12:51 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-11 12:50 - 2015-02-26 05:11 - 02381312 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-11 12:50 - 2015-02-24 04:32 - 00342696 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-11 12:50 - 2015-02-21 02:41 - 12827648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-11 12:50 - 2015-02-21 02:27 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-11 12:50 - 2015-02-21 02:27 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-11 12:50 - 2015-02-21 02:25 - 19720192 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-11 12:50 - 2015-02-21 01:32 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-11 12:50 - 2015-02-20 04:22 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-11 12:50 - 2015-02-20 04:22 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-11 12:50 - 2015-02-20 04:09 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-11 12:50 - 2015-02-20 04:08 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-11 12:50 - 2015-02-20 04:08 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-11 12:50 - 2015-02-20 04:06 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-11 12:50 - 2015-02-20 04:03 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-11 12:50 - 2015-02-20 04:01 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-11 12:50 - 2015-02-20 04:00 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-11 12:50 - 2015-02-20 03:58 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-11 12:50 - 2015-02-20 03:56 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-11 12:50 - 2015-02-20 03:56 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-11 12:50 - 2015-02-20 03:56 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-11 12:50 - 2015-02-20 03:50 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-11 12:50 - 2015-02-20 03:41 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 12:50 - 2015-02-20 03:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-11 12:50 - 2015-02-20 03:30 - 04300288 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-11 12:50 - 2015-02-20 03:24 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-11 12:50 - 2015-02-20 03:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-11 12:50 - 2015-02-20 03:24 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-11 12:50 - 2015-02-20 03:23 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-11 12:50 - 2015-02-20 03:01 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-11 12:50 - 2015-02-20 02:57 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-11 12:50 - 2015-02-20 02:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-11 12:49 - 2015-03-06 07:15 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-11 12:49 - 2015-03-06 07:15 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-11 12:49 - 2015-03-06 07:10 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-11 12:49 - 2015-03-06 07:10 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-11 12:49 - 2015-03-06 07:10 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-11 12:49 - 2015-03-06 07:10 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-11 12:49 - 2015-03-06 07:10 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-11 12:49 - 2015-03-06 07:10 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-11 12:49 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-11 12:48 - 2015-03-06 07:10 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-11 12:48 - 2015-03-06 07:10 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-11 12:48 - 2015-03-06 07:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-11 12:48 - 2015-03-06 07:10 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-11 12:48 - 2015-03-06 07:10 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-11 12:48 - 2015-03-06 07:09 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-11 12:48 - 2015-03-06 07:09 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-11 12:48 - 2015-03-06 07:07 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-11 12:48 - 2015-03-06 07:07 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-11 12:48 - 2015-03-06 07:06 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-11 12:48 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-11 12:48 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-11 12:48 - 2015-02-20 06:13 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-11 12:48 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-11 12:48 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-11 12:48 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-11 12:48 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-11 12:48 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-11 12:47 - 2015-02-03 05:16 - 03973048 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-03-11 12:47 - 2015-02-03 05:16 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-11 12:47 - 2015-02-03 05:16 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-11 12:47 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-11 12:47 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-11 12:47 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-11 12:47 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-11 12:47 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-11 12:47 - 2015-02-03 05:11 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-11 12:47 - 2015-02-03 05:11 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-11 12:47 - 2015-02-03 05:11 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-11 12:47 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-11 12:47 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-11 12:47 - 2015-02-03 05:11 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-11 12:47 - 2015-02-03 05:11 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-11 12:47 - 2015-02-03 05:11 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-11 12:47 - 2015-02-03 05:10 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-11 12:47 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-11 12:47 - 2015-02-03 05:08 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-11 12:47 - 2015-02-03 05:00 - 00593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-11 12:47 - 2015-02-03 04:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-11 12:47 - 2015-01-31 01:56 - 00370488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-11 12:47 - 2014-11-01 00:22 - 00521384 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-11 12:47 - 2014-06-28 02:21 - 00455752 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-11 12:47 - 2014-06-28 02:21 - 00409272 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-10 22:51 - 2009-08-28 02:32 - 01605401 _____ () C:\windows\WindowsUpdate.log
2015-04-10 22:48 - 2009-07-14 06:34 - 00027744 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-10 22:48 - 2009-07-14 06:34 - 00027744 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-10 22:12 - 2014-12-09 16:45 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-10 21:57 - 2010-10-15 08:30 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-10 17:57 - 2010-10-15 08:30 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-10 14:15 - 2014-11-28 14:51 - 00000000 ____D () C:\Users\Chibichan\Desktop\Tor Browser
2015-04-10 11:48 - 2014-10-19 16:06 - 00013160 _____ () C:\windows\setupact.log
2015-04-10 11:48 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-09 21:42 - 2009-07-26 22:06 - 01620612 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-09 21:30 - 2013-05-11 06:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-09 21:30 - 2012-09-10 12:02 - 00000000 ____D () C:\Users\Administrator
2015-04-09 21:30 - 2012-04-25 10:24 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-09 21:30 - 2010-10-15 07:52 - 00000000 ____D () C:\Users\Arbeit
2015-04-09 21:30 - 2010-09-09 18:10 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-04-09 21:30 - 2009-11-05 21:58 - 00000000 ____D () C:\Users\Chibichan
2015-04-09 21:30 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\wfp
2015-04-09 21:30 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\registration
2015-04-09 21:29 - 2012-04-30 09:35 - 00000000 ____D () C:\ProgramData\Real
2015-04-09 21:29 - 2011-06-11 15:55 - 00000000 ____D () C:\Users\Chibichan\AppData\Local\Mozilla
2015-04-09 19:13 - 2011-11-21 11:42 - 00000000 ____D () C:\Users\Chibichan\Calibre Bibliothek
2015-04-01 17:14 - 2015-01-19 15:08 - 00301056 _____ () C:\windows\PFRO.log
2015-03-28 18:25 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-03-25 19:18 - 2013-05-11 06:16 - 00000000 ____D () C:\Program Files\Avira
2015-03-25 19:06 - 2013-05-11 06:16 - 00000000 ____D () C:\ProgramData\Avira
2015-03-25 18:52 - 2014-12-12 22:11 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-25 18:52 - 2014-05-11 06:28 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-19 16:47 - 2013-02-03 02:27 - 00000000 ____D () C:\windows\rescache
2015-03-12 10:55 - 2009-07-14 06:33 - 00478008 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-12 10:51 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2015-03-12 00:38 - 2009-11-05 22:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-12 00:36 - 2009-07-14 04:04 - 00000531 _____ () C:\windows\win.ini
2015-03-12 00:34 - 2013-07-31 20:31 - 00000000 ____D () C:\windows\system32\MRT
2015-03-12 00:17 - 2009-11-20 09:54 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
==================== Files in the root of some directories =======
2013-12-05 23:07 - 2013-12-05 23:07 - 49940480 _____ () C:\Program Files\GUTCAA5.tmp
2010-07-06 13:40 - 2010-07-06 13:40 - 0000337 _____ () C:\Users\Chibichan\AppData\Local\Perfmon.PerfmonCfg
2010-05-17 12:27 - 2012-03-15 14:55 - 0007594 _____ () C:\Users\Chibichan\AppData\Local\Resmon.ResmonCfg
2009-11-05 22:02 - 2009-08-17 07:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
ZeroAccess:
C:\Users\Chibichan\AppData\Local\7a5f2920
C:\Users\Chibichan\AppData\Local\7a5f2920\@
Some content of TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\AskSLib.dll
C:\Users\Administrator\AppData\Local\Temp\pidgenx.dll
C:\Users\Arbeit\AppData\Local\Temp\DelayInst.exe
C:\Users\Arbeit\AppData\Local\Temp\DivXSetup.exe
C:\Users\Arbeit\AppData\Local\Temp\gtb.exe
C:\Users\Arbeit\AppData\Local\Temp\installservice.exe
C:\Users\Arbeit\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Arbeit\AppData\Local\Temp\jre-6u23-windows-i586-iftw-rv.exe
C:\Users\Arbeit\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Arbeit\AppData\Local\Temp\vpnclient_setup.exe
C:\Users\Chibichan\AppData\Local\Temp\avgnt.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup1187027.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup1350578.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup1508623.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup1660412.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup1811187.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup1959637.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup2112159.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup2269549.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup2424130.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup2584936.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup2725883.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup2873226.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup3016466.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup3157990.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup3306550.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup3458760.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup3602733.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup3745927.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup3882724.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup4025262.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup4169423.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup4310806.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup4453906.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup4595867.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup463806.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup4737048.exe
C:\Users\Chibichan\AppData\Local\Temp\AviraSetup924586.exe
C:\Users\Chibichan\AppData\Local\Temp\DivXSetup.exe
C:\Users\Chibichan\AppData\Local\Temp\RSPUpgradeInstaller.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-07 13:27
==================== End Of Log ============================
--- --- ---
--- --- ---
und hier die addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Chibichan at 2015-04-10 22:56:52
Running from C:\Users\Chibichan\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall (Disabled) {E6380B7E-D4B2-19F1-083E-56486607704B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - )
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.99 - NOS Microsystems Ltd.)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.5) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Agenda (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Agenda) (Version: - Leonardo Javier Alassia)
Amazon Kindle (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Amazon Kindle) (Version: - Amazon)
Analog Clock (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Analog Clock) (Version: - Opera widgets)
AnyPC Client (HKLM\...\{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}) (Version: 1.0.0.12 - Doctorsoft)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.1.0805 - Atheros)
Avira (HKLM\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
BatteryLifeExtender (HKLM\...\{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}) (Version: 1.0.0 - Samsung)
Black Daily Calendar (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Black Daily Calendar) (Version: - Philip Seyfi)
Calendar (2) (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Calendar (2)) (Version: - Opera widgets)
Calendar (3) (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Calendar (3)) (Version: - Opera widgets)
Calendar (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Calendar) (Version: - Opera widgets)
Calendar Clock (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Calendar Clock) (Version: - Opera widgets)
calibre (HKLM\...\{7D59CEDD-C68B-4506-A7E2-E4D13FC5373B}) (Version: 0.8.27 - Kovid Goyal)
cCalendar euro_mod (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\cCalendar euro_mod) (Version: - RedElf)
CCleaner (HKLM\...\CCleaner) (Version: 3.06 - Piriform)
Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden
ComicRack v0.9.150 (HKLM\...\ComicRack) (Version: v0.9.150 - cYo Soft)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2907 - CyberLink Corp.)
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{A7581D39-EA20-4883-A480-80C21047052B}) (Version: 4.0.2 - Samsung)
Easy Resolution Manager (HKLM\...\{45535A5E-1F81-4F35-BE1D-43D10A7D03B4}) (Version: 1.0.0 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.4 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.2 - Samsung)
entrusted Toolbar (HKLM\...\entrusted Toolbar) (Version: 6.11.2.6 - entrusted) <==== ATTENTION
Feedback Tool (HKLM\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
FLV Player 2.0 (build 25) (HKLM\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Foxit Reader (HKLM\...\Foxit Reader) (Version: 4.3.0.1110 - Foxit Corporation)
Game Pack (HKLM\...\{63eafc52-b963-4297-a7eb-d412944e7065}_is1) (Version: 5.3.0.10 - Oberon Media, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GPL Ghostscript 8.71 (HKLM\...\GPL Ghostscript 8.71) (Version: - )
GSview 4.9 (HKLM\...\GSview 4.9) (Version: - )
Heart Clock (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Heart Clock) (Version: - Opera widgets)
Inkscape 0.48.0 (HKLM\...\Inkscape) (Version: 0.48.0 - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2176 - Intel Corporation)
Java 7 Update 9 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Junk Mail filter update (Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Magical Jelly Bean KeyFinder (HKLM\...\KeyFinder_is1) (Version: 2.0.8.4 - Magical Jelly Bean)
Malwarebytes Anti-Malware Version 1.60.1.1000 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.60.1.1000 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 97, Professional Edition (HKLM\...\Office8.0) (Version: - )
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MiKTeX 2.8 (HKLM\...\MiKTeX 2.8) (Version: 2.8 - MiKTeX.org)
MoonClock (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\MoonClock) (Version: - MobilAstuces)
Mozilla Firefox 36.0.4 (x86 de) (HKLM\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
multiWeather (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\multiWeather) (Version: - Isidoro Russo)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
pdfsam (HKLM\...\pdfsam) (Version: 2.2.1 - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM\...\{F2BC3383-F000-410C-A038-3846ADBE8D90}) (Version: 1.01.0088 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
rSMS (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\rSMS) (Version: - Romka)
Samsung Support Center (HKLM\...\{91DE5A42-8D5E-42EB-BA32-A80682FA94D7}) (Version: 1.0.0 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Search Protect (HKLM\...\SearchProtect) (Version: 2.9.60.20 - Conduit) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
TeXnicCenter Version 1.0 Stable RC1 (HKLM\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
Time and Date 1.32 (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\Time and Date 1.32) (Version: - Rune Kenneth Meisingset)
touchtheSky for Opera 10.50+ (HKU\S-1-5-21-1675562717-242507097-1823633445-1000\...\touchtheSky for Opera 10.50+) (Version: - James Howat)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.4 (HKLM\...\VLC media player) (Version: 1.1.4 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
XnView 1.98 (HKLM\...\XnView_is1) (Version: 1.98 - Gougelet Pierre-e)
ZoneAlarm Firewall (Version: 10.1.079.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free (HKLM\...\ZoneAlarm Free) (Version: 10.1.065.000 - Check Point)
ZoneAlarm Security (Version: 10.1.079.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Toolbar (Version: - Check Point Software Technologies) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
04-04-2015 23:49:53 Windows Update
09-04-2015 21:46:05 Windows-Sicherung
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0099F39D-E1A1-4A85-8FDB-74BC39FB388E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1675562717-242507097-1823633445-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {11A6F713-4E66-40BF-BF80-C4AADE337D1D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {23FACCC6-3E58-409A-88DA-913CA9A231CA} - System32\Tasks\{0FD1B736-D096-4922-BB41-192FD4BB81EC} => pcalua.exe -a C:\Users\Chibichan\Downloads\QuickTimeInstaller.exe -d C:\Users\Chibichan\Downloads
Task: {3568518E-9885-4E3B-891D-EDDB811C8D8B} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-08-27] (SAMSUNG Electronics)
Task: {3BF1E712-1A57-4C8A-AF80-4EAA2F97D697} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1675562717-242507097-1823633445-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4B8F66B5-6544-42F2-9000-DA02F8C0BE11} - System32\Tasks\{F6ED1A90-613D-47F9-9DAB-FA94680E0CFB} => pcalua.exe -a "C:\Program Files\McAfee\MSC\mcuninst.exe"
Task: {57A18AAE-18F3-417E-8916-5695CF646F24} - System32\Tasks\{59CEB575-37DE-4DDD-9ED3-98525D4B9070} => pcalua.exe -a C:\Users\Chibichan\Downloads\vpnclient-win-msi-5.0.07.0290-k9.exe -d "C:\Program Files\Mozilla Firefox"
Task: {623C28C8-67AC-4C1B-9AE3-FA6935B26D93} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-08-12] (Samsung Electronics. Co. Ltd.)
Task: {6510D4D4-0015-4BB8-94C9-9FF7CC942A0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {6AB99BE2-28FD-4418-BF44-B789BBC7E0B8} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {83717461-1E29-496D-84FC-AB58EC027F06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {959E0EAF-0527-47ED-AC67-734143880525} - System32\Tasks\ChkWiz4VistaWin7 => C:\Sysprep\ChkWiz4VistaWin7.exe
Task: {A609AE63-E879-459D-9DBE-ED0FD29819AC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A76B08BE-F6DA-460B-8432-F6A3E58748EA} - System32\Tasks\{95176F31-591C-4E3A-9197-E7F67463BA6E} => pcalua.exe -a C:\Users\Chibichan\Downloads\OOo_3.2.1_Win_x86_install_de.exe -d "C:\Program Files\Mozilla Firefox"
Task: {A84FBE85-1CDB-4F9B-9116-253255EF3719} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {B6551D5A-F8EC-46F8-9102-7BC3671269D0} - System32\Tasks\{AAFE4797-1FC4-48AF-B025-B48931E03A88} => pcalua.exe -a G:\SETUP.EXE -d G:\
Task: {B749F7C6-B858-4A9B-8ABA-5104B0AFFA70} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-08-23] (Samsung Electronics Co., Ltd.)
Task: {BB4F83E7-F5EB-4FA1-A9EA-F6B44DA8A10A} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-08-01] (SAMSUNG Electronics co., LTD.)
Task: {C3F80E4D-F1AB-47A7-AD44-26C3EB28CC59} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-08-22] (Samsung Electronics Co., Ltd.)
Task: {C9D02581-F3C5-498F-A64A-3082B86E5D58} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {CF236C8A-C222-4585-B51B-94A23B939068} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1675562717-242507097-1823633445-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {DF212E63-AD2F-4AE6-B7BE-DC4B80619607} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1675562717-242507097-1823633445-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {EEB46367-473E-4BDD-B9BF-E36EBE20931D} - System32\Tasks\{DFB60E03-BDA9-4C9B-9460-BFA89AAF6881} => pcalua.exe -a C:\ProgramData\DivX\Setup\DivXSetup.exe -c /uninstall /bundleGroupId divx.com
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2009-11-05 22:10 - 2009-08-13 22:58 - 00044312 _____ () C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
2009-08-27 10:39 - 2009-03-05 11:54 - 00311296 _____ () C:\windows\SYSTEM32\Rezip.exe
1997-09-04 00:00 - 1997-09-04 00:00 - 00022016 _____ () C:\windows\system32\docobj.dll
2009-08-27 10:48 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2015-02-05 18:12 - 2015-02-05 18:12 - 16852144 _____ () C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
2015-03-24 10:49 - 2015-03-24 10:49 - 00091026 _____ () C:\Users\Chibichan\Desktop\Tor Browser\Browser\libssp-0.dll
2015-03-24 10:49 - 2015-04-01 17:54 - 05057038 _____ () C:\Users\Chibichan\Desktop\Tor Browser\Browser\mozjs.dll
2015-03-24 10:49 - 2015-04-01 17:54 - 01967616 _____ () C:\Users\Chibichan\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
2015-03-24 10:49 - 2015-03-24 10:49 - 00714452 _____ () C:\Users\Chibichan\Desktop\Tor Browser\Browser\TorBrowser\Tor\libevent-2-0-5.dll
2015-03-24 10:49 - 2015-03-24 10:49 - 00091026 _____ () C:\Users\Chibichan\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssp-0.dll
2015-03-24 10:49 - 2015-03-24 10:49 - 00517814 _____ () C:\Users\Chibichan\Desktop\Tor Browser\Browser\TorBrowser\Tor\libgcc_s_sjlj-1.dll
2015-03-24 10:49 - 2015-03-24 10:49 - 00110592 _____ () C:\Users\Chibichan\Desktop\Tor Browser\Browser\TorBrowser\Tor\zlib1.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:5C5A503E
AlternateDataStreams: C:\ProgramData\Temp:A42A9F39
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1675562717-242507097-1823633445-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: IswSvc => 3
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: McSysmon => 3
MSCONFIG\Services: MpfService => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft-Indexerstellung.lnk => C:\windows\pss\Microsoft-Indexerstellung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Office-Start.lnk => C:\windows\pss\Office-Start.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: mcagent_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
==================== Accounts: =============================
Administrator (S-1-5-21-1675562717-242507097-1823633445-500 - Administrator - Enabled) => C:\Users\Administrator
Arbeit (S-1-5-21-1675562717-242507097-1823633445-1002 - Limited - Enabled) => C:\Users\Arbeit
Chibichan (S-1-5-21-1675562717-242507097-1823633445-1000 - Administrator - Enabled) => C:\Users\Chibichan
Gast (S-1-5-21-1675562717-242507097-1823633445-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Atheros AR9285 Wireless Network Adapter
Description: Atheros AR9285 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/08/2015 08:28:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.1.5570, Zeitstempel: 0x551e23ee
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.1.5570, Zeitstempel: 0x551e1536
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x15e0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (04/07/2015 01:36:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/07/2015 01:36:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/07/2015 01:33:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/07/2015 01:31:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/07/2015 01:30:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/03/2015 07:07:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/03/2015 07:07:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/03/2015 07:02:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (04/03/2015 07:02:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (04/10/2015 00:10:18 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004
Error: (04/10/2015 11:48:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/09/2015 09:43:30 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004
Error: (04/09/2015 09:31:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/09/2015 09:26:08 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (04/09/2015 09:23:55 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (04/09/2015 05:57:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/09/2015 05:57:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/09/2015 05:43:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (04/09/2015 05:42:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (04/08/2015 08:28:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.1.5570551e23eemozalloc.dll37.0.1.5570551e15368000000300001aa115e001d07225c188f911C:\Program Files\Mozilla Firefox\plugin-container.exeC:\Program Files\Mozilla Firefox\mozalloc.dll0e9cf4e4-de1d-11e4-ae99-00245437845f
Error: (04/07/2015 01:36:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung update plus\Archives\it00000526\WinWDF\x64\dpinst.exe
Error: (04/07/2015 01:36:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\Samsung\samsung update plus\Archives\it00000421\WinWDF\x64\dpinst.exe
Error: (04/07/2015 01:33:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest
Error: (04/07/2015 01:31:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Samsung\Samsung Support Center\Drv\drv2x64\KStartMem.exe.Manifest
Error: (04/07/2015 01:30:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe
Error: (04/03/2015 07:07:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\samsung\samsung update plus\archives\it00000526\winwdf\x64\dpinst.exe
Error: (04/03/2015 07:07:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\samsung\samsung update plus\archives\it00000421\winwdf\x64\dpinst.exe
Error: (04/03/2015 07:02:46 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest
Error: (04/03/2015 07:02:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Samsung\Samsung Support Center\Drv\drv2x64\KStartMem.exe.Manifest
CodeIntegrity Errors:
===================================
Date: 2012-09-10 12:36:14.664
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-10 12:30:59.786
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-10 12:13:03.923
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-10 12:00:29.944
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-10 11:54:27.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-09-02 22:14:51.934
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-31 15:10:23.462
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-31 13:34:31.216
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-31 12:56:02.801
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-08-30 22:39:00.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Atom(TM) CPU N270 @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 2038.37 MB
Available physical RAM: 661.58 MB
Total Pagefile: 4076.73 MB
Available Pagefile: 1833.26 MB
Total Virtual: 2047.88 MB
Available Virtual: 1902.29 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:73.67 GB) (Free:9.18 GB) NTFS
Drive d: () (Fixed) (Total:60.28 GB) (Free:42.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 829A415E)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=73.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=60.3 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
Hinweis:
FRST 32-Bit | FRST 64-Bit
AdwCleaner auf deinen Desktop.
Farbar Service Scanner 