| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: DirtyDecrypt.exe ! Wie entfernen?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
19.09.2013, 10:21
| #1 |
 |  DirtyDecrypt.exe ! Wie entfernen? huhu ich habe schonmal den erste schritt getan und habe mit Frst einen Scan gemacht und poste hier mal das ...hoffe der Schrauber kann helfen zumindest den Trojaner zu entfernen dateien habe ich noch auf einer Externen Festpaltte gesichert gehabt. FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013
Ran by Etienne (administrator) on ETIENNE-PC on 19-09-2013 11:09:24
Running from C:\Users\Etienne\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Systweak Inc., (www.systweak.com)) C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe
(Conduit) C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avant Force) C:\Program Files (x86)\Avant Browser\avant.exe
(Avant Force) C:\Program Files (x86)\Avant Browser\ybrowser.exe
(Avant Force) C:\Program Files (x86)\Avant Browser\ybrowser.exe
(Avant Force) C:\Program Files (x86)\Avant Browser\ybrowser.exe
(Avant Force) C:\Program Files (x86)\Avant Browser\ybrowser.exe
(Avant Force) C:\Program Files (x86)\Avant Browser\ybrowser.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(7Road) C:\Users\Etienne\Downloads\Demon_Slayer_Anmeldeclient(1).exe
(Woodtale Technology Inc) C:\Program Files (x86)\iSafe\iSafeSvc.exe
(Woodtale Technology Inc) C:\Program Files (x86)\iSafe\iSafeSvc2.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
() C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(WebConnect) C:\Program Files (x86)\WebConnect\updateWebConnect.exe
(PC Utilities Pro) C:\Program Files (x86)\Optimizer Pro\OptProStart.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-02-24] (Realtek Semiconductor)
HKLM-x32\...\Runonce: [Del15821746] - cmd.exe /Q /D /c del "C:\Users\Etienne\AppData\Local\Temp\0.del" [x]
HKCU\...\Runonce: [Del15821746] - cmd.exe /Q /D /c del "C:\Users\Etienne\AppData\Local\Temp\0.del"
MountPoints2: {91bbb407-a499-11e0-8597-806e6f6e6963} - "D:\Diablo III Setup.exe"
MountPoints2: {baae8bb9-058e-11e2-92e5-806e6f6e6963} - D:\Autorun.exe
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-03] (Avira Operations GmbH & Co. KG)
AppInit_DLLs-x32: c:\progra~3\bitguard\261673~1.238\{c16c1~1\bitguard.dll [2700768 2013-09-10] ()
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=f6b98525-17bf-42a7-92af-dcd9a33f66f8&searchtype=ds&q={searchTerms}&installDate=23/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=f6b98525-17bf-42a7-92af-dcd9a33f66f8&searchtype=ds&q={searchTerms}&installDate=23/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=500500FF24B7BB6D&affID=119357&tt=160913_m3&tsp=5010
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=342&systemid=406&v=u8708-71&apn_uid=2527234116744512&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=f6b98525-17bf-42a7-92af-dcd9a33f66f8&searchtype=ds&q={searchTerms}&installDate=23/04/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=f6b98525-17bf-42a7-92af-dcd9a33f66f8&searchtype=ds&q={searchTerms}&installDate=23/04/2013
SearchScopes: HKCU - {73B21177-6525-45C6-B228-754D19EB9CD1} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552&CUI=UN72673359230902116&UM=2
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: ICQ Sparberater - {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: No Name - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHots.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File
Toolbar: HKCU - No Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - No File
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Etienne\AppData\Roaming\Mozilla\Firefox\Profiles\8wf4o7tr.default
FF user.js: detected! => C:\Users\Etienne\AppData\Roaming\Mozilla\Firefox\Profiles\8wf4o7tr.default\user.js
FF NewTab: about:blank
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: about:blank
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3241949&SearchSource=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.11.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Etienne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\Etienne\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Etienne\AppData\Roaming\Mozilla\Firefox\Profiles\8wf4o7tr.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Etienne\AppData\Roaming\Mozilla\Firefox\Profiles\8wf4o7tr.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: VideoDownloadConverter - C:\Users\Etienne\AppData\Roaming\Mozilla\Firefox\Profiles\8wf4o7tr.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com
FF Extension: No Name - C:\Users\Etienne\AppData\Roaming\Mozilla\Firefox\Profiles\8wf4o7tr.default\Extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Users\Etienne\AppData\Roaming\Mozilla\Firefox\Profiles\8wf4o7tr.default\Extensions\ffxtlbr@delta.com
FF Extension: Movies Toolbar (Dist. by Koyote-Lab, Inc.) - C:\Users\Etienne\AppData\Roaming\Mozilla\Firefox\Profiles\8wf4o7tr.default\Extensions\{a3a8ba13-8b56-46e6-8bc6-2746089b6cb2}
FF Extension: Hotspot Shield - C:\Users\Etienne\AppData\Roaming\Mozilla\Firefox\Profiles\8wf4o7tr.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
FF Extension: No Name - C:\Users\Etienne\AppData\Roaming\Mozilla\Firefox\Profiles\8wf4o7tr.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afurladvisor@anchorfree.com
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [{184AA5E6-741D-464a-820E-94B3ABC2F3B4}] - C:\Users\Etienne\AppData\Roaming\11002
FF Extension: Java String Helper - C:\Users\Etienne\AppData\Roaming\11002
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (A Mystical Land Installer) - C:\Users\Etienne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgbokbdciknlbddfbblcochmpkilgddb\1.0.0.10_0
CHR Extension: (PricePeep) - C:\Users\Etienne\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.3_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Etienne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (ICQ Sparberater) - C:\Users\Etienne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpllndkedbnmonoomepeeglghdelffo\1.4.9_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Etienne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.172_0
CHR HKLM-x32\...\Chrome\Extension: [nmpllndkedbnmonoomepeeglghdelffo] - C:\Program Files (x86)\icq\Chrome\icq-1.3.671.crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-03] (Avira Operations GmbH & Co. KG)
S4 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-08-10] (Perfect World Entertainment Inc)
R2 ASO3DiskOptimizer; C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe [263520 2012-09-13] (Systweak Inc., (www.systweak.com))
R2 BitGuard; C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845152 2013-09-10] ()
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [97056 2013-05-08] (Conduit)
S3 DAUpdaterSvc; C:\Program Files (x86)\Origin Games\Dragon Age Origins\\bin_ship\DAUpdaterSvc.Service.exe [25832 2011-02-24] (BioWare)
S4 Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [1564368 2012-05-02] ()
S4 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [853800 2013-07-25] (AnchorFree Inc.)
S4 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2013-07-24] ()
S4 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [548136 2013-07-25] ()
S4 ICQ Service; C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE [247872 2012-03-20] ()
R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [359240 2013-09-18] (Woodtale Technology Inc)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-07-31] (Overwolf Ltd)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 Update WebConnect; C:\Program Files (x86)\WebConnect\updateWebConnect.exe [206632 2013-08-30] (WebConnect)
==================== Drivers (Whitelisted) ====================
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2011-12-18] (Advanced Micro Devices Inc.)
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-25] (Avira Operations GmbH & Co. KG)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-07-24] (AnchorFree Inc.)
R3 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [190320 2013-09-18] (Woodtale Technology Inc)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [45936 2013-09-18] (NetFilterSDK.com)
R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [41488 2008-02-29] (Logicool, Inc.)
R3 MTsensor; C:\Windows\system32\drivers\ASACPI.sys [8192 2005-03-28] ()
S3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 cpuz135; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-19 11:09 - 2013-09-19 11:09 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\Optimizer Pro
2013-09-19 11:09 - 2013-09-19 11:09 - 00000000 ____D C:\FRST
2013-09-19 11:08 - 2013-09-19 11:08 - 01950594 _____ (Farbar) C:\Users\Etienne\Downloads\FRST64.exe
2013-09-19 11:04 - 2013-09-19 11:04 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-19 11:04 - 2013-09-19 11:04 - 00001075 _____ C:\Users\Etienne\Desktop\Optimizer Pro.lnk
2013-09-19 11:04 - 2013-09-19 11:04 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-19 11:04 - 2013-09-19 11:04 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\Delta
2013-09-19 11:04 - 2013-09-19 11:04 - 00000000 ____D C:\ProgramData\BitGuard
2013-09-19 11:04 - 2013-09-19 11:04 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-09-19 11:04 - 2013-09-19 11:04 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-19 11:03 - 2013-09-19 11:07 - 00000000 ____D C:\Program Files (x86)\Image Converter
2013-09-19 11:03 - 2013-09-19 11:04 - 00000000 ____D C:\Program Files (x86)\WebConnect
2013-09-19 11:03 - 2013-09-19 11:03 - 00003248 _____ C:\Windows\System32\Tasks\DigitalSite
2013-09-19 11:03 - 2013-09-19 11:03 - 00001891 _____ C:\Users\Etienne\Desktop\Search.lnk
2013-09-19 11:03 - 2013-09-19 11:03 - 00000300 _____ C:\Windows\Tasks\DigitalSite.job
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\DigitalSite
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\Babylon
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\BabSolution
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\ProgramData\Babylon
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\Program Files (x86)\PricePeep
2013-09-19 10:38 - 2013-09-19 10:38 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\eCyber
2013-09-19 10:36 - 2013-09-19 11:07 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\iSafe
2013-09-19 10:36 - 2013-09-19 10:41 - 00000000 ____D C:\Program Files (x86)\iSafe
2013-09-19 10:36 - 2013-09-19 10:36 - 00633672 _____ (Woodtale Technology Inc) C:\Users\Etienne\Downloads\iSafedl.exe
2013-09-19 10:36 - 2013-09-19 10:36 - 00001793 _____ C:\Users\Public\Desktop\YAC.lnk
2013-09-19 10:36 - 2013-09-19 10:36 - 00000000 ____D C:\Windows\system32\log
2013-09-19 06:40 - 2013-09-19 06:40 - 98201083 _____ C:\Windows\SysWOW64\㵨䇧브7
2013-09-18 14:52 - 2013-09-18 14:52 - 00001492 _____ C:\Users\Etienne\Desktop\Star Wars - The Old Republic.lnk
2013-09-17 19:30 - 2013-09-17 19:31 - 00003619 _____ C:\Users\Etienne\Documents\Dragon Age Origins 1.05.log
2013-09-17 19:30 - 2013-09-17 19:30 - 00001129 _____ C:\Users\Etienne\Documents\Dragon Age Origins 1.02.log
2013-09-17 19:29 - 2013-09-17 19:29 - 00000000 ____D C:\ProgramData\BioWare
2013-09-17 18:27 - 2013-09-17 18:37 - 101553128 _____ (BioWare) C:\Users\Etienne\Downloads\DragonAge1.05.exe
2013-09-17 00:32 - 2013-09-17 00:32 - 00001373 _____ C:\Users\Etienne\Desktop\Dragon Age II.lnk
2013-09-16 22:29 - 2013-09-16 22:29 - 00001355 _____ C:\Users\Public\Desktop\Dragon Age II.lnk
2013-09-15 17:48 - 2013-09-15 17:52 - 00003081 _____ C:\Users\Etienne\Documents\Dragon Age Origins - dao_prc_drk.log
2013-09-15 17:47 - 2013-09-15 17:48 - 00002362 _____ C:\Users\Etienne\Documents\Dragon Age Origins - dao_prc_nrx_1.log
2013-09-15 15:28 - 2013-09-15 15:28 - 00000000 ____D C:\Program Files\7-Zip
2013-09-11 20:27 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 20:27 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 20:27 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 20:27 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 20:27 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 20:27 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 20:27 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 20:27 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 20:27 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 20:27 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 20:27 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 20:27 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 20:27 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 20:27 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 20:27 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 20:27 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 20:27 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 20:27 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 20:27 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 20:27 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 20:27 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 20:27 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 20:27 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 20:26 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 20:26 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 20:26 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 20:26 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-06 22:31 - 2013-09-06 22:31 - 00000000 ____D C:\Users\Etienne\AppData\Local\{356BD50C-FA4E-4311-BA8A-287A07E0E9C2}
2013-09-06 11:20 - 2013-09-06 11:20 - 00000000 ____D C:\Users\Etienne\AppData\Local\EA Core
2013-09-06 10:31 - 2013-09-06 10:31 - 00001494 _____ C:\Users\Etienne\Documents\DAO Addins Updater.log
2013-09-05 20:32 - 2013-09-05 20:32 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-09-05 20:32 - 2013-09-05 20:32 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-09-04 16:26 - 2013-09-04 18:28 - 00009024 _____ C:\Users\Etienne\Documents\Uninstall Dragon Age Origins.log
2013-09-04 12:28 - 2013-09-04 12:28 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-09-04 11:49 - 2013-09-04 12:30 - 00021927 _____ C:\Users\Etienne\Documents\Install Dragon Age Origins.log
2013-09-02 11:27 - 2013-09-02 11:27 - 00000000 ____D C:\Users\Etienne\AppData\Local\{40A151CE-44CF-40F2-ADDE-56D854330812}
2013-08-28 14:18 - 2013-08-28 14:18 - 00000000 ____D C:\Casino
2013-08-28 14:11 - 2013-08-28 14:19 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\RBotPlus
2013-08-28 14:11 - 2013-08-28 14:16 - 00000000 ____D C:\Users\Etienne\AppData\Local\MigsUpdater
2013-08-28 14:11 - 2013-08-28 14:11 - 00004178 _____ C:\Windows\System32\Tasks\MigrationUpdateTask
2013-08-28 14:11 - 2013-08-28 14:11 - 00001016 _____ C:\Users\Public\Desktop\Roulette Bot Plus.lnk
2013-08-28 14:11 - 2013-08-28 14:11 - 00000000 ____D C:\Program Files (x86)\RBPlus
2013-08-28 13:43 - 2013-08-28 13:43 - 00000000 ____D C:\Users\Etienne\AppData\Local\{53B31DB3-AAFE-4B51-AE06-C3066A7BC1B9}
==================== One Month Modified Files and Folders =======
2013-09-19 11:09 - 2013-09-19 11:09 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\Optimizer Pro
2013-09-19 11:09 - 2013-09-19 11:09 - 00000000 ____D C:\FRST
2013-09-19 11:08 - 2013-09-19 11:08 - 01950594 _____ (Farbar) C:\Users\Etienne\Downloads\FRST64.exe
2013-09-19 11:07 - 2013-09-19 11:03 - 00000000 ____D C:\Program Files (x86)\Image Converter
2013-09-19 11:07 - 2013-09-19 10:36 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\iSafe
2013-09-19 11:04 - 2013-09-19 11:04 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-09-19 11:04 - 2013-09-19 11:04 - 00001075 _____ C:\Users\Etienne\Desktop\Optimizer Pro.lnk
2013-09-19 11:04 - 2013-09-19 11:04 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-09-19 11:04 - 2013-09-19 11:04 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\Delta
2013-09-19 11:04 - 2013-09-19 11:04 - 00000000 ____D C:\ProgramData\BitGuard
2013-09-19 11:04 - 2013-09-19 11:04 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro
2013-09-19 11:04 - 2013-09-19 11:04 - 00000000 ____D C:\Program Files (x86)\Delta
2013-09-19 11:04 - 2013-09-19 11:03 - 00000000 ____D C:\Program Files (x86)\WebConnect
2013-09-19 11:04 - 2013-08-17 13:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-19 11:03 - 2013-09-19 11:03 - 00003248 _____ C:\Windows\System32\Tasks\DigitalSite
2013-09-19 11:03 - 2013-09-19 11:03 - 00001891 _____ C:\Users\Etienne\Desktop\Search.lnk
2013-09-19 11:03 - 2013-09-19 11:03 - 00000300 _____ C:\Windows\Tasks\DigitalSite.job
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\DigitalSite
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\Babylon
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\BabSolution
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\ProgramData\DSearchLink
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\ProgramData\Babylon
2013-09-19 11:03 - 2013-09-19 11:03 - 00000000 ____D C:\Program Files (x86)\PricePeep
2013-09-19 11:01 - 2011-08-04 01:06 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\vlc
2013-09-19 10:52 - 2011-07-20 23:54 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-19 10:41 - 2013-09-19 10:36 - 00000000 ____D C:\Program Files (x86)\iSafe
2013-09-19 10:40 - 2011-07-19 23:37 - 00000000 ____D C:\Windows\Minidump
2013-09-19 10:38 - 2013-09-19 10:38 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\eCyber
2013-09-19 10:36 - 2013-09-19 10:36 - 00633672 _____ (Woodtale Technology Inc) C:\Users\Etienne\Downloads\iSafedl.exe
2013-09-19 10:36 - 2013-09-19 10:36 - 00001793 _____ C:\Users\Public\Desktop\YAC.lnk
2013-09-19 10:36 - 2013-09-19 10:36 - 00000000 ____D C:\Windows\system32\log
2013-09-19 10:36 - 2013-03-05 17:30 - 00000870 _____ C:\Users\Etienne\Desktop\Demon Slayer - Anmeldeclient.lnk
2013-09-19 10:13 - 2012-04-02 10:28 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-19 10:08 - 2011-07-02 13:03 - 01665589 ____N C:\Windows\WindowsUpdate.log
2013-09-19 06:48 - 2009-07-14 06:45 - 00032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-19 06:48 - 2009-07-14 06:45 - 00032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-19 06:40 - 2013-09-19 06:40 - 98201083 _____ C:\Windows\SysWOW64\㵨䇧브7
2013-09-19 06:40 - 2011-07-20 23:54 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-19 06:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-18 22:37 - 2013-02-22 15:50 - 00000000 ____D C:\Program Files (x86)\Origin
2013-09-18 22:04 - 2013-07-30 10:20 - 00000000 ____D C:\Users\Etienne\Desktop\Neuer Ordner (4)
2013-09-18 15:02 - 2012-08-12 14:54 - 00000280 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-09-18 14:54 - 2012-08-12 14:54 - 00000288 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-09-18 14:52 - 2013-09-18 14:52 - 00001492 _____ C:\Users\Etienne\Desktop\Star Wars - The Old Republic.lnk
2013-09-18 14:52 - 2011-12-04 12:24 - 00000000 ____D C:\Users\Etienne\Desktop\Neuer Ordner
2013-09-17 19:31 - 2013-09-17 19:30 - 00003619 _____ C:\Users\Etienne\Documents\Dragon Age Origins 1.05.log
2013-09-17 19:31 - 2013-01-12 14:50 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2013-09-17 19:30 - 2013-09-17 19:30 - 00001129 _____ C:\Users\Etienne\Documents\Dragon Age Origins 1.02.log
2013-09-17 19:29 - 2013-09-17 19:29 - 00000000 ____D C:\ProgramData\BioWare
2013-09-17 18:37 - 2013-09-17 18:27 - 101553128 _____ (BioWare) C:\Users\Etienne\Downloads\DragonAge1.05.exe
2013-09-17 10:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-17 09:51 - 2010-11-21 08:49 - 00000000 ____D C:\Windows\system32\WCN
2013-09-17 09:51 - 2010-11-21 08:49 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2013-09-17 09:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2013-09-17 09:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2013-09-17 00:33 - 2013-08-07 17:16 - 00000000 ____D C:\Users\Etienne\Documents\BioWare
2013-09-17 00:32 - 2013-09-17 00:32 - 00001373 _____ C:\Users\Etienne\Desktop\Dragon Age II.lnk
2013-09-16 22:29 - 2013-09-16 22:29 - 00001355 _____ C:\Users\Public\Desktop\Dragon Age II.lnk
2013-09-15 23:03 - 2011-08-10 15:51 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\TS3Client
2013-09-15 17:52 - 2013-09-15 17:48 - 00003081 _____ C:\Users\Etienne\Documents\Dragon Age Origins - dao_prc_drk.log
2013-09-15 17:48 - 2013-09-15 17:47 - 00002362 _____ C:\Users\Etienne\Documents\Dragon Age Origins - dao_prc_nrx_1.log
2013-09-15 16:19 - 2012-09-23 16:19 - 00000464 _____ C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job
2013-09-15 16:16 - 2011-07-02 14:06 - 00000000 ____D C:\Windows\System32\Tasks\Games
2013-09-15 15:34 - 2012-01-19 08:51 - 00000000 ____D C:\Program Files\WinZip
2013-09-15 15:34 - 2011-07-02 13:03 - 00000000 ____D C:\Users\Etienne
2013-09-15 15:33 - 2012-01-19 08:51 - 00000000 ____D C:\ProgramData\WinZip
2013-09-15 15:28 - 2013-09-15 15:28 - 00000000 ____D C:\Program Files\7-Zip
2013-09-15 14:36 - 2013-02-22 15:54 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-09-13 23:14 - 2012-04-02 10:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 23:14 - 2012-04-02 10:28 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-13 23:14 - 2011-07-02 15:40 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 10:40 - 2013-07-14 15:32 - 00000000 ____D C:\Users\Etienne\Desktop\Bilder
2013-09-12 10:21 - 2011-07-02 13:06 - 00000000 ___RD C:\Users\Etienne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-12 10:21 - 2011-07-02 13:06 - 00000000 ___RD C:\Users\Etienne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-12 10:19 - 2009-07-14 06:45 - 00280328 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 01:19 - 2011-07-02 15:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-12 01:19 - 2011-07-02 13:26 - 01670454 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-12 01:19 - 2010-11-21 08:50 - 00707768 _____ C:\Windows\system32\perfh007.dat
2013-09-12 01:19 - 2010-11-21 08:50 - 00153102 _____ C:\Windows\system32\perfc007.dat
2013-09-12 01:18 - 2013-07-12 00:24 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 01:15 - 2011-04-27 13:44 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-10 23:21 - 2011-07-02 15:24 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\SoftGrid Client
2013-09-10 10:03 - 2012-01-03 22:34 - 00151040 _____ C:\Users\Etienne\Desktop\Mappe1d.xls
2013-09-06 22:31 - 2013-09-06 22:31 - 00000000 ____D C:\Users\Etienne\AppData\Local\{356BD50C-FA4E-4311-BA8A-287A07E0E9C2}
2013-09-06 11:20 - 2013-09-06 11:20 - 00000000 ____D C:\Users\Etienne\AppData\Local\EA Core
2013-09-06 10:31 - 2013-09-06 10:31 - 00001494 _____ C:\Users\Etienne\Documents\DAO Addins Updater.log
2013-09-05 20:32 - 2013-09-05 20:32 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2013-09-05 20:32 - 2013-09-05 20:32 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2013-09-05 20:32 - 2011-08-21 14:43 - 00000000 ____D C:\ProgramData\Adobe
2013-09-05 20:32 - 2011-07-02 15:51 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\Adobe
2013-09-05 13:02 - 2011-07-02 14:06 - 00000000 ____D C:\Users\Etienne\AppData\Local\Turbine
2013-09-04 18:28 - 2013-09-04 16:26 - 00009024 _____ C:\Users\Etienne\Documents\Uninstall Dragon Age Origins.log
2013-09-04 16:27 - 2011-07-02 14:30 - 00000000 ____D C:\Games
2013-09-04 12:30 - 2013-09-04 11:49 - 00021927 _____ C:\Users\Etienne\Documents\Install Dragon Age Origins.log
2013-09-04 12:28 - 2013-09-04 12:28 - 00000000 ____D C:\Windows\1C4551A64743409391E41477CD655043.TMP
2013-09-04 11:53 - 2013-08-06 17:27 - 00000000 ____D C:\gamigo
2013-09-03 10:20 - 2013-05-07 12:52 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-03 10:20 - 2013-03-25 15:24 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-03 10:20 - 2013-03-25 15:24 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-02 11:27 - 2013-09-02 11:27 - 00000000 ____D C:\Users\Etienne\AppData\Local\{40A151CE-44CF-40F2-ADDE-56D854330812}
2013-08-28 14:19 - 2013-08-28 14:11 - 00000000 ____D C:\Users\Etienne\AppData\Roaming\RBotPlus
2013-08-28 14:18 - 2013-08-28 14:18 - 00000000 ____D C:\Casino
2013-08-28 14:16 - 2013-08-28 14:11 - 00000000 ____D C:\Users\Etienne\AppData\Local\MigsUpdater
2013-08-28 14:11 - 2013-08-28 14:11 - 00004178 _____ C:\Windows\System32\Tasks\MigrationUpdateTask
2013-08-28 14:11 - 2013-08-28 14:11 - 00001016 _____ C:\Users\Public\Desktop\Roulette Bot Plus.lnk
2013-08-28 14:11 - 2013-08-28 14:11 - 00000000 ____D C:\Program Files (x86)\RBPlus
2013-08-28 13:43 - 2013-08-28 13:43 - 00000000 ____D C:\Users\Etienne\AppData\Local\{53B31DB3-AAFE-4B51-AE06-C3066A7BC1B9}
2013-08-27 20:19 - 2013-03-08 01:39 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-26 10:51 - 2013-05-18 18:42 - 00000000 ____D C:\Users\Etienne\AppData\Local\Conduit
2013-08-26 10:45 - 2013-08-16 06:56 - 00000000 ____D C:\Users\Etienne\AppData\Local\Overwolf
2013-08-26 10:42 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-20 07:29 - 2013-08-16 10:49 - 00000858 _____ C:\Windows\client.config.ini
2013-08-20 06:50 - 2013-08-17 10:39 - 00000000 ____D C:\Users\Etienne\Documents\Neverwinter Nights 2
Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\ProgramData\lsass.exe
Some content of TEMP:
====================
C:\Users\Etienne\AppData\Local\Temp\Optimizer_Pro.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-13 15:36
==================== End Of Log ============================
--- --- --- Application errors: ================== Error: (09/19/2013 11:02:02 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (09/19/2013 11:01:57 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (09/19/2013 06:40:07 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/18/2013 09:37:55 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/18/2013 09:38:28 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 09:55:39 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 09:52:01 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 01:14:50 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (09/16/2013 02:49:02 PM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig. Error: (09/16/2013 06:51:15 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (09/17/2013 09:59:00 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht. Error: (09/17/2013 09:54:01 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT) Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b Error: (09/17/2013 01:20:31 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: %%6701 Error: (09/16/2013 06:54:36 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X64 erreicht. Error: (09/16/2013 06:54:05 AM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht. Error: (09/14/2013 01:26:22 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: %%6701 Error: (09/13/2013 05:50:17 PM) (Source: volsnap) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (09/12/2013 10:17:51 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: %%109 Error: (09/12/2013 10:17:22 AM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT) Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005 Error: (09/12/2013 10:17:22 AM) (Source: DCOM) (User: ) Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED} Microsoft Office Sessions: ========================= Error: (09/19/2013 11:02:02 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Etienne\Downloads\SoftonicDownloader_fuer_avira-antivir.exe Error: (09/19/2013 11:01:57 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Etienne\Downloads\SoftonicDownloader_fuer_star-trek-online.exe Error: (09/19/2013 06:40:07 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/18/2013 09:37:55 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/18/2013 09:38:28 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 09:55:39 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 09:52:01 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2013 01:14:50 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Etienne\Downloads\SoftonicDownloader_fuer_avira-antivir.exe Error: (09/16/2013 02:49:02 PM) (Source: SideBySide)(User: ) Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3 Error: (09/16/2013 06:51:15 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Percentage of memory in use: 32% Total physical RAM: 8190.16 MB Available physical RAM: 5560.64 MB Total Pagefile: 16378.5 MB Available Pagefile: 12457.88 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Windows 7) (Fixed) (Total:465.76 GB) (Free:11.67 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (NWN2) (CDROM) (Total:6.29 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: A7666C95) Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
| Themen zu DirtyDecrypt.exe ! Wie entfernen? |
| administrator, adobe, antivir, avira, bitguard, browser, desktop, entfernen, explorer, farbar, farbar recovery scan tool, firefox, flash player, helper, home, homepage, hotspot, installation, mozilla, newtab, origin, plug-in, realtek, regclean, registry, richtlinie, scan, services.exe, svchost.exe, system, systweak, teamspeak, temp, trojaner, wie entfernen, wie entfernen?, winlogon.exe |
Baum-Darstellung