| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Probleme mit dem PCWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
11.10.2014, 19:27
| #1 |
 |  Probleme mit dem PC Hallo habe zur Zeit einige Probleme mit dem Rechner Programme lassen sich nicht uptaden es werden dinge gemcht die ich nicht will alles sehr komisch und bitte mal um Hilfe?Wäre sehr nett Anbei FRST Logs Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-10-2014 Ran by akaFreshy (administrator) on FRESHY-PC on 13-10-2014 20:24:16 Running from C:\Users\akaFreshy\Desktop Loaded Profiles: UpdatusUser & akaFreshy (Available profiles: UpdatusUser & akaFreshy) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360rps.exe (Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\deepscan\QHActiveDefense.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360sd.exe (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Alexander Miehlke Softwareentwicklung) C:\Program Files (x86)\TraXEx\TraXEx.exe (Microsoft Corporation) C:\Windows\System32\wscript.exe (Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe (Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360rp.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe () C:\Program Files (x86)\Opera\24.0.1558.64\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Opera Software) C:\Program Files (x86)\Opera\24.0.1558.64\opera.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-09-11] (Realtek Semiconductor) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters). HKLM\...\Run: [360sd] => C:\Program Files\360\360 Internet Security\360sdrun.exe [287560 2014-04-16] (Qihu 360 Software Co., Ltd.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2747077779-324020259-1240218971-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd) HKU\S-1-5-21-2747077779-324020259-1240218971-1004\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [111320 2014-10-09] (Siber Systems) Startup: C:\Users\akaFreshy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TraXEx 6.0.lnk ShortcutTarget: TraXEx 6.0.lnk -> C:\Program Files (x86)\TraXEx\TraXEx.exe (Alexander Miehlke Softwareentwicklung) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x617CDC2A13E0CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files\360\360 Internet Security\safemon\safemon64.dll (Qihu 360 Software Co., Ltd.) BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.) Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\akaFreshy\AppData\Roaming\Mozilla\Firefox\Profiles\lrseblx8.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon) FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-10-09] FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox FF Extension: No Name - C:\Users\akaFreshy\AppData\Roaming\Mozilla\Firefox\Profiles\lrseblx8.default\extensions\518dcd9f-ae80-4097-80aa-a9dae0ad4d7b@4dd9787b-93a4-45e4-b828-6df475da9388.com [Not Found] Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 360rp; C:\Program Files\360\360 Internet Security\360rps.exe [310352 2014-04-16] (Qihu 360 Software Co., Ltd.) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S3 scan; C:\Program Files\360\360 Internet Security\scan.dll [423144 2013-02-20] (S.C. BitDefender S.R.L) R2 ZhuDongFangYu; C:\Program Files\360\360 Internet Security\deepscan\QHActiveDefense.exe [236360 2014-04-23] (Qihu 360 Software Co., Ltd.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [97872 2014-04-21] (Qihu 360 Software Co., Ltd.) R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [67664 2014-04-23] (Qihu 360 Software Co., Ltd.) R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305744 2014-04-29] (Qihu 360 Software Co., Ltd.) S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [41552 2014-04-29] (Qihu 360 Software Co., Ltd.) R1 360fsflt; C:\Windows\System32\DRIVERS\360FsFlt.sys [304208 2014-05-07] (Qihu 360 Software Co., Ltd.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2014-04-18] (Qihu 360 Software Co., Ltd.) R1 ElRawDisk; C:\Windows\system32\drivers\SITRawdsk.sys [32056 2011-08-10] (SafeIT Security Sweden AB) R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24496 2011-12-19] (Intel Corporation) S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [637360 2011-12-19] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-13] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 PciIsaSerial; C:\Windows\system32\drivers\PciIsaSerial.sys [68608 2008-12-19] (Windows (R) Codename Longhorn DDK provider) S3 PciPPorts; C:\Windows\system32\drivers\PciPPorts.sys [96768 2009-07-23] () S3 PciSPorts; C:\Windows\system32\drivers\PciSPorts.sys [122880 2008-12-19] () S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 AppObserver; \??\C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\appobserver64.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-13 20:24 - 2014-10-13 20:24 - 00014140 _____ () C:\Users\akaFreshy\Desktop\FRST.txt 2014-10-13 20:24 - 2014-10-13 20:24 - 00000000 ____D () C:\FRST 2014-10-13 20:24 - 2014-10-13 20:22 - 02109952 _____ (Farbar) C:\Users\akaFreshy\Desktop\FRST64.exe 2014-10-13 20:22 - 2014-10-13 20:22 - 02109952 _____ (Farbar) C:\Users\akaFreshy\Downloads\FRST64.exe 2014-10-13 20:18 - 2014-10-13 20:18 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-10-13 20:18 - 2014-10-13 20:17 - 02347384 _____ (ESET) C:\Users\akaFreshy\Desktop\esetsmartinstaller_deu.exe 2014-10-13 20:17 - 2014-10-13 20:17 - 02347384 _____ (ESET) C:\Users\akaFreshy\Downloads\esetsmartinstaller_deu.exe 2014-10-13 20:01 - 2014-10-13 20:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-13 20:01 - 2014-10-13 20:01 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-13 20:01 - 2014-10-13 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-10-13 20:01 - 2014-10-13 20:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-13 20:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-13 20:01 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-13 20:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-13 20:00 - 2014-10-13 20:01 - 00006167 _____ () C:\Windows\WindowsUpdate.log 2014-10-13 19:59 - 2014-10-13 19:59 - 00060160 _____ () C:\Users\akaFreshy\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-13 19:58 - 2014-10-13 19:58 - 00000056 _____ () C:\Windows\setupact.log 2014-10-13 19:58 - 2014-10-13 19:58 - 00000000 _____ () C:\Windows\setuperr.log 2014-10-13 19:57 - 2014-10-13 19:57 - 00275160 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-13 19:57 - 2014-10-13 19:57 - 00005470 _____ () C:\Windows\PFRO.log 2014-10-13 19:28 - 2014-10-13 19:28 - 01705755 _____ (Thisisu) C:\Users\akaFreshy\Desktop\JRT.exe 2014-10-13 07:34 - 2014-10-13 07:34 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\PopCap Games 2014-10-13 07:34 - 2014-10-13 07:34 - 00000000 ____D () C:\ProgramData\EA Core 2014-10-10 04:58 - 2014-10-10 04:58 - 00000000 ____D () C:\Users\akaFreshy\Documents\BioWare 2014-10-10 04:21 - 2014-10-13 19:42 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\CrashDumps 2014-10-09 11:44 - 2014-10-09 11:44 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\OpenOffice 2014-10-09 04:57 - 2014-10-09 04:57 - 00004122 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm 2014-10-09 04:57 - 2014-10-09 04:57 - 00003502 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon 2014-10-09 04:57 - 2014-10-09 04:57 - 00000000 ____D () C:\Users\akaFreshy\Documents\My RoboForm Data 2014-10-09 04:57 - 2014-10-09 04:57 - 00000000 ____D () C:\ProgramData\RoboForm 2014-10-09 04:57 - 2014-10-09 04:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm 2014-10-09 04:56 - 2014-10-09 04:56 - 00000000 ____D () C:\Program Files (x86)\Siber Systems 2014-10-08 03:44 - 2014-10-10 01:37 - 00000037 _____ () C:\Users\akaFreshy\Desktop\Neues Textdokument.txt 2014-10-08 01:32 - 2014-10-08 01:32 - 00002004 _____ () C:\Users\Public\Desktop\TraXEx-Schredder.lnk 2014-10-08 01:32 - 2014-10-08 01:32 - 00001982 _____ () C:\Users\Public\Desktop\TraXEx-Löschautomat.lnk 2014-10-08 01:32 - 2014-10-08 01:32 - 00001974 _____ () C:\Users\Public\Desktop\TraXEx 6.0.lnk 2014-10-08 01:32 - 2014-10-08 01:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TraXEx 6.0 2014-10-08 01:32 - 2014-10-08 01:32 - 00000000 ____D () C:\Program Files (x86)\TraXEx 2014-10-08 01:15 - 2014-10-13 07:40 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\NVIDIA 2014-10-08 01:15 - 2014-10-08 01:16 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\CSO 2014-10-08 01:15 - 2014-10-08 01:15 - 00000000 ____D () C:\ProgramData\Nexon 2014-10-08 00:28 - 2014-10-08 00:28 - 00000000 ____D () C:\Users\akaFreshy\Documents\my games 2014-10-07 23:53 - 2014-10-08 02:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon 2014-10-07 22:58 - 2014-10-07 22:58 - 00000000 ____D () C:\ProgramData\NexonEU 2014-10-07 01:14 - 2014-10-13 20:22 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\360safe 2014-10-07 01:14 - 2014-10-07 01:14 - 00000981 _____ () C:\Users\Public\Desktop\360 Internet Security.lnk 2014-10-07 01:14 - 2014-10-07 01:14 - 00000000 _RSHD () C:\360SANDBOX 2014-10-07 01:14 - 2014-10-07 01:14 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\360SD 2014-10-07 01:14 - 2014-10-07 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Internet Security 2014-10-07 01:14 - 2014-10-07 01:14 - 00000000 ____D () C:\Program Files\360 2014-10-07 01:14 - 2014-05-07 11:44 - 00304208 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360FsFlt.sys 2014-10-07 01:14 - 2014-04-29 08:20 - 00305744 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360Box64.sys 2014-10-07 01:14 - 2014-04-29 05:50 - 00041552 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360Camera64.sys 2014-10-07 01:14 - 2014-04-23 10:32 - 00067664 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360AvFlt.sys 2014-10-07 01:14 - 2014-04-21 08:38 - 00097872 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360AntiHacker64.sys 2014-10-07 01:14 - 2014-04-18 08:42 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\BAPIDRV64.SYS 2014-10-07 01:14 - 2013-12-06 14:03 - 00022584 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\efimon.sys 2014-10-06 15:16 - 2014-10-09 05:21 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\Skype 2014-10-06 15:16 - 2014-10-06 15:16 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\Skype 2014-10-06 02:15 - 2014-10-06 02:15 - 00000000 ____D () C:\Program Files (x86)\NetRatingsNetSight 2014-10-05 23:03 - 2014-10-05 23:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_nnfwdk64_01009.Wdf 2014-10-05 16:45 - 2014-10-09 07:22 - 00001154 _____ () C:\Users\Public\Desktop\FIFA 15.lnk 2014-10-05 16:33 - 2014-10-13 19:35 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-10-05 15:38 - 2014-10-05 15:38 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\00900368.sys 2014-10-05 03:50 - 2014-10-05 03:50 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\Gomez 2014-10-05 03:50 - 2014-10-05 03:50 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\Gomez 2014-10-05 03:43 - 2014-10-05 04:00 - 00000000 ____D () C:\Program Files (x86)\Gomez 2014-10-05 03:31 - 2014-10-05 03:31 - 00000385 _____ () C:\Windows\system32\user_gensett.xml 2014-10-05 03:31 - 2014-10-05 03:31 - 00000385 _____ () C:\Users\akaFreshy\AppData\Roaminguser_gensett.xml 2014-10-05 03:28 - 2014-10-05 04:32 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender 2014-10-05 03:28 - 2014-10-05 03:28 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\QuickScan 2014-10-05 03:04 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-10-05 03:04 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-10-05 03:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-10-05 03:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-10-05 03:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-10-05 03:04 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-10-05 03:04 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-10-05 03:04 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-10-05 03:03 - 2014-10-13 19:22 - 00000000 ____D () C:\Qoobox 2014-10-05 03:03 - 2014-10-05 03:03 - 05582481 ____R (Swearware) C:\Users\akaFreshy\Desktop\ComboFix.exe 2014-10-05 02:24 - 2014-10-13 19:25 - 00000000 ____D () C:\AdwCleaner 2014-10-05 02:23 - 2014-10-05 02:24 - 01375089 _____ () C:\Users\akaFreshy\Desktop\adwcleaner_3.311.exe 2014-10-04 23:22 - 2014-10-04 23:22 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\Macromedia 2014-10-04 23:20 - 2014-10-04 23:20 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\Mozilla 2014-10-04 23:20 - 2014-10-04 23:20 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\Mozilla 2014-10-04 23:15 - 2014-10-04 23:15 - 00001166 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-10-04 23:15 - 2014-10-04 23:15 - 00001154 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-10-04 23:15 - 2014-10-04 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-04 23:15 - 2014-10-04 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-04 04:17 - 2014-10-04 04:17 - 00000000 ____D () C:\Users\akaFreshy\Documents\Fax 2014-10-01 13:31 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-01 13:31 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-29 19:50 - 2014-09-29 19:50 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-09-25 00:10 - 2014-09-25 03:14 - 00000000 ____D () C:\Users\akaFreshy\Documents\FIFA 15 2014-09-24 01:23 - 2014-09-24 01:23 - 00000000 __SHD () C:\Users\akaFreshy\AppData\Local\EmieUserList 2014-09-24 01:23 - 2014-09-24 01:23 - 00000000 __SHD () C:\Users\akaFreshy\AppData\Local\EmieSiteList 2014-09-23 22:08 - 2014-09-23 22:08 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\Adobe 2014-09-23 20:46 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-23 20:46 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-23 20:41 - 2014-09-23 20:41 - 00002862 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (akaFreshy) 2014-09-23 20:41 - 2014-09-23 20:41 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\IObit 2014-09-23 17:48 - 2014-09-23 17:48 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\Stardock 2014-09-23 17:48 - 2014-09-23 17:48 - 00000000 ____D () C:\ProgramData\Stardock 2014-09-23 17:47 - 2014-09-23 17:48 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\Stardock 2014-09-23 17:39 - 2014-09-23 17:39 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\Lavasoft 2014-09-23 00:00 - 2014-09-23 00:01 - 00000000 ____D () C:\Users\akaFreshy\Documents\FIFA 15 Demo 2014-09-22 23:49 - 2014-09-23 20:52 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\Origin 2014-09-22 23:49 - 2014-09-23 16:44 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\Origin 2014-09-22 22:57 - 2014-10-13 19:59 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\TS3Client 2014-09-22 14:39 - 2014-09-22 14:49 - 00000000 ____D () C:\Windows\erdnt 2014-09-22 14:36 - 2014-09-22 14:37 - 00000000 ____D () C:\Windows\pss 2014-09-22 14:25 - 2014-09-22 14:25 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\Macromedia 2014-09-22 14:24 - 2014-09-22 14:24 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\Opera Software 2014-09-22 14:24 - 2014-09-22 14:24 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\Opera Software 2014-09-22 14:22 - 2014-09-22 14:22 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\Intel Corporation 2014-09-22 14:19 - 2014-09-23 22:08 - 00000000 ____D () C:\Users\akaFreshy\AppData\Roaming\Adobe 2014-09-22 14:19 - 2014-09-22 14:19 - 00001428 _____ () C:\Users\akaFreshy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-22 14:19 - 2014-09-22 14:19 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\NVIDIA 2014-09-22 14:18 - 2014-09-29 19:42 - 00000000 ____D () C:\Users\akaFreshy 2014-09-22 14:18 - 2014-09-22 14:19 - 00000000 ____D () C:\Users\akaFreshy\AppData\Local\VirtualStore 2014-09-22 14:18 - 2014-09-22 14:18 - 00000020 ___SH () C:\Users\akaFreshy\ntuser.ini 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\Vorlagen 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\Startmenü 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\Netzwerkumgebung 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\Lokale Einstellungen 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\Eigene Dateien 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\Druckumgebung 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\Documents\Eigene Musik 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\Documents\Eigene Bilder 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\AppData\Local\Verlauf 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\AppData\Local\Anwendungsdaten 2014-09-22 14:18 - 2014-09-22 14:18 - 00000000 _SHDL () C:\Users\akaFreshy\Anwendungsdaten 2014-09-22 14:18 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\akaFreshy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-09-22 14:18 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\akaFreshy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-09-22 14:12 - 2014-10-05 16:30 - 00000000 ____D () C:\Users\TEMP.Freshy-PC 2014-09-22 06:31 - 2014-10-05 02:08 - 00000000 ____D () C:\ProgramData\360SD 2014-09-22 06:31 - 2014-09-22 06:45 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\360safe 2014-09-22 06:03 - 2014-10-05 16:30 - 00000000 ____D () C:\Users\TEMP 2014-09-22 05:58 - 2014-09-22 05:58 - 00000000 ____D () C:\Users\Freshy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker 2014-09-22 05:52 - 2014-09-22 05:53 - 238003336 _____ (Qihu 360 Software Co., Ltd.) C:\Users\Freshy\Downloads\360is_4.9.0.4900D (1).exe 2014-09-22 05:50 - 2014-09-22 05:51 - 238003336 _____ (Qihu 360 Software Co., Ltd.) C:\Users\Freshy\Downloads\360is_4.9.0.4900D.exe 2014-09-22 05:41 - 2014-09-22 05:41 - 03731400 _____ () C:\Users\Freshy\Downloads\The_New_Bitdefender_UninstallTool.exe 2014-09-22 02:01 - 2014-09-22 02:01 - 08646824 _____ (CyberGhost S.R.L. ) C:\Users\Freshy\Downloads\CG_5.0.13.17.exe 2014-09-20 05:44 - 2014-09-20 05:44 - 00000684 ____H () C:\bdr-cf06 2014-09-20 05:43 - 2014-09-20 05:44 - 00253404 ____H () C:\bdr-ld06 2014-09-20 05:43 - 2014-09-20 05:44 - 00009216 ____H () C:\bdr-ld06.mbr 2014-09-20 05:43 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im06.gz 2014-09-20 05:43 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz06 2014-09-20 05:21 - 2014-10-05 16:30 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-09-19 01:27 - 2014-09-19 01:27 - 00000569 _____ () C:\Users\Public\Desktop\Fraps.lnk 2014-09-19 01:27 - 2014-09-19 01:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2014-09-19 01:27 - 2014-09-19 01:27 - 00000000 ____D () C:\Fraps 2014-09-18 19:28 - 2014-09-18 19:28 - 00000000 ____D () C:\Users\Freshy\AppData\Roaming\Unity 2014-09-18 19:28 - 2014-09-18 19:28 - 00000000 ____D () C:\Users\Freshy\AppData\Local\Unity 2014-09-18 19:04 - 2014-09-18 19:04 - 00001731 _____ () C:\Users\Public\Desktop\Defraggler.lnk 2014-09-18 19:03 - 2014-09-18 19:05 - 00000000 ____D () C:\Program Files\Defraggler 2014-09-17 23:28 - 2014-09-17 23:28 - 00000000 ___HD () C:\ProgramData\CanonBJ 2014-09-17 23:27 - 2013-03-24 05:00 - 00391168 _____ (CANON INC.) C:\Windows\system32\CNMLMBX.DLL 2014-09-17 23:27 - 2013-02-04 15:12 - 00367104 _____ (CANON INC.) C:\Windows\system32\CNC_BXL.dll 2014-09-17 23:27 - 2012-11-09 10:43 - 00088064 _____ () C:\Windows\system32\CNC176DD.TBL 2014-09-17 23:27 - 2012-11-08 13:04 - 00282624 _____ (CANON INC.) C:\Windows\system32\CNC_BXC.dll 2014-09-17 23:27 - 2012-11-08 13:03 - 00106496 _____ (CANON INC.) C:\Windows\system32\CNC_BXI.dll 2014-09-17 23:27 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll 2014-09-17 05:05 - 2014-09-17 05:05 - 00000000 ____D () C:\Users\Freshy\AppData\Local\Golden_Frog,_GmbH 2014-09-17 05:05 - 2014-09-17 05:05 - 00000000 ____D () C:\Users\Freshy\AppData\Local\Golden Frog, GmbH 2014-09-17 05:04 - 2014-09-17 05:04 - 00000000 ____D () C:\Users\Freshy\AppData\Roaming\Microsoft\Windows\Start Menu\Golden Frog, GmbH 2014-09-17 05:04 - 2014-09-17 05:04 - 00000000 ____D () C:\ProgramData\Golden Frog, GmbH 2014-09-17 01:34 - 2014-09-17 01:34 - 00000000 ____D () C:\Users\Freshy\AppData\Local\Macromedia 2014-09-17 01:32 - 2014-09-17 01:33 - 00000000 ____D () C:\Users\Freshy\AppData\Roaming\Mozilla 2014-09-17 01:32 - 2014-09-17 01:33 - 00000000 ____D () C:\Users\Freshy\AppData\Local\Mozilla 2014-09-17 01:32 - 2014-09-17 01:32 - 00000000 ____D () C:\ProgramData\Mozilla 2014-09-17 01:30 - 2014-09-17 01:30 - 00000000 __SHD () C:\Users\Freshy\AppData\Local\EmieUserList 2014-09-17 01:30 - 2014-09-17 01:30 - 00000000 __SHD () C:\Users\Freshy\AppData\Local\EmieSiteList 2014-09-17 01:23 - 2014-09-22 06:00 - 00000000 ____D () C:\Program Files (x86)\Google 2014-09-17 01:22 - 2014-09-22 06:00 - 00000000 ____D () C:\Users\Freshy\AppData\Local\Google 2014-09-16 19:24 - 2014-09-22 05:21 - 00000000 ____D () C:\Users\Freshy\AppData\Roaming\TS3Client 2014-09-16 18:52 - 2014-09-16 18:52 - 00000974 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2014-09-16 18:52 - 2014-09-16 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client 2014-09-16 18:52 - 2014-09-16 18:52 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-09-15 02:33 - 2014-09-16 20:34 - 00000000 ____D () C:\Users\Freshy\AppData\Local\CrashDumps 2014-09-15 02:32 - 2014-09-15 02:34 - 00000000 ____D () C:\Users\Freshy\Documents\MOHW 2014-09-14 14:08 - 2014-09-14 14:08 - 00000000 ____D () C:\Users\Freshy\Documents\FIFA 15 Demo 2014-09-14 14:07 - 2014-10-08 00:40 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-14 09:06 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-09-14 09:06 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-13 20:17 - 2014-09-11 02:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-13 20:05 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-13 20:05 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-13 19:58 - 2012-09-14 07:50 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-10-13 19:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-13 19:42 - 2014-09-11 02:47 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-10-13 19:36 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-10-13 19:21 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-10-13 07:34 - 2014-09-11 02:30 - 00000000 ____D () C:\ProgramData\Origin 2014-10-13 07:34 - 2014-09-11 02:30 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-10-10 04:57 - 2012-09-14 07:50 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-10-08 02:40 - 2014-08-29 03:50 - 00000000 ____D () C:\Spiele 2014-10-08 01:40 - 2012-09-03 14:39 - 00000000 ____D () C:\Windows\Panther 2014-10-06 15:16 - 2014-09-11 02:46 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-10-06 15:16 - 2014-09-11 02:46 - 00000000 ____D () C:\ProgramData\Skype 2014-10-06 15:16 - 2014-09-11 02:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-10-06 00:07 - 2014-09-11 02:31 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-10-06 00:07 - 2014-09-11 02:31 - 00000829 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-10-06 00:07 - 2014-09-11 02:31 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-05 04:28 - 2014-09-11 06:54 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll 2014-10-05 04:15 - 2014-09-11 06:24 - 00000000 ____D () C:\ProgramData\BDLogging 2014-09-28 17:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-26 22:41 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-09-26 14:29 - 2014-09-11 01:04 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1410390239 2014-09-26 14:29 - 2014-09-11 01:03 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-24 01:17 - 2014-09-11 02:41 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-24 01:17 - 2014-09-11 02:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-24 01:17 - 2014-09-11 02:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-23 15:06 - 2014-09-11 00:54 - 00000000 ____D () C:\Users\Freshy 2014-09-22 15:01 - 2014-09-11 21:22 - 00000000 ____D () C:\Windows\ERUNT 2014-09-22 03:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Vss 2014-09-22 01:01 - 2014-09-11 17:31 - 00000000 ____D () C:\Users\Freshy\Documents\FIFA 14 2014-09-20 05:47 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\Offline Web Pages 2014-09-18 15:01 - 2014-09-12 14:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-09-17 14:24 - 2014-09-11 00:56 - 00060160 _____ () C:\Users\Freshy\AppData\Local\GDIPFONTCACHEV1.DAT 2014-09-17 01:28 - 2014-09-11 00:54 - 00000000 ____D () C:\Users\Freshy\AppData\Local\VirtualStore 2014-09-16 19:28 - 2011-04-12 09:43 - 00699092 _____ () C:\Windows\system32\perfh007.dat 2014-09-16 19:28 - 2011-04-12 09:43 - 00149232 _____ () C:\Windows\system32\perfc007.dat 2014-09-16 19:28 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-15 09:06 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-09-13 16:16 - 2014-09-11 02:41 - 00000000 ____D () C:\Users\Freshy\AppData\Roaming\Adobe 2014-09-13 16:16 - 2014-09-11 02:41 - 00000000 ____D () C:\Users\Freshy\AppData\Local\Adobe 2014-09-13 16:01 - 2014-09-11 02:46 - 00000000 ____D () C:\Users\Freshy\AppData\Roaming\Skype Files to move or delete: ==================== C:\ProgramData\winiml.dat ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-07 02:09 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2014
Ran by akaFreshy at 2014-10-13 20:24:41
Running from C:\Users\akaFreshy\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: 360 Internet Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Internet Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
360 Internet Security (HKLM-x32\...\360 Internet Security) (Version: 4.9.0.4900 - Qihu 360 Software Co., Ltd.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.5 - IObit)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.0.0.2 - Electronic Arts)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
IM Lock (HKLM-x32\...\IMLock) (Version: - Comvigo, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lavasoft File Shredder (HKLM-x32\...\Lavasoft File Shredder) (Version: 7.7.2.2 - Lavasoft)
Lavasoft File Shredder (Version: 7.7.2.2 - Lavasoft) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NVIDIA 3D Vision Controller-Treiber 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1150 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.4.0 - NVIDIA Corporation) Hidden
Opera Stable 24.0.1558.64 (HKLM-x32\...\Opera 24.0.1558.64) (Version: 24.0.1558.64 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.21.2812 - Electronic Arts, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RoboForm 7-9-10-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-10-1 - Siber Systems)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TraXEx 6.0 (HKLM-x32\...\TraXEx_is1) (Version: 6.0.0.0 - Alexander Miehlke Softwareentwicklung)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-10-13 19:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1051D925-364A-446E-8199-5C699228E6C5} - System32\Tasks\Driver Booster SkipUAC (Freshy) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {17A125F4-7C95-4C14-90AA-DA88D2CFEE11} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {1AEF6E70-DD04-44D7-BE06-B94248051919} - System32\Tasks\Driver Booster SkipUAC (akaFreshy) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-08-06] (IObit)
Task: {453B8502-D64D-4C3D-AD66-930D5E2E68B7} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2747077779-324020259-1240218971-1004
Task: {45BEF281-2E99-4801-8075-740C26E2FD87} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-10-09] (Siber Systems)
Task: {5F7539B3-6252-42AE-BE58-13C9964C912F} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMPMOJKMNMMJGMKJKMCNHMNJKMMJCNLMLMLMIMCNGMLMGMJMCNMMOMKMHMMMLJGMMMJMKJMMPMJNJICMIMCNGMCNOMPMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMLMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMOJEJOJJLNIKJMIHJGIJNKJCMJNNICMJNDJCMLJKJJNMJCMPMFMPMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {CC306CD1-925C-467E-A7C3-996855AA1DE5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {CD29472B-7BEB-4CD6-A093-1DCCBD94A4D0} - System32\Tasks\Opera scheduled Autoupdate 1410390239 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2012-09-14 07:50 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-25 20:44 - 2014-09-25 20:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-09-26 14:29 - 2014-09-26 14:29 - 01372280 _____ () C:\Program Files (x86)\Opera\24.0.1558.64\opera_crashreporter.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Freshy\Downloads\CG_5.0.13.17.exe:BDU
AlternateDataStreams: C:\Users\Freshy\Downloads\The_New_Bitdefender_UninstallTool.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse-Agent => "C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe"
MSCONFIG\startupreg: CyberGhost =>
========================= Accounts: ==========================
Administrator (S-1-5-21-2747077779-324020259-1240218971-500 - Administrator - Disabled)
akaFreshy (S-1-5-21-2747077779-324020259-1240218971-1004 - Administrator - Enabled) => C:\Users\akaFreshy
Gast (S-1-5-21-2747077779-324020259-1240218971-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2747077779-324020259-1240218971-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-2747077779-324020259-1240218971-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/13/2014 08:18:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/13/2014 08:18:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/13/2014 08:18:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/13/2014 08:18:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/13/2014 08:18:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/13/2014 07:58:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Microsoft Office Sessions:
=========================
Error: (10/13/2014 08:18:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\akaFreshy\Desktop\esetsmartinstaller_deu.exe
Error: (10/13/2014 08:18:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\akaFreshy\Desktop\esetsmartinstaller_deu.exe
Error: (10/13/2014 08:18:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\akaFreshy\Desktop\esetsmartinstaller_deu.exe
Error: (10/13/2014 08:18:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\akaFreshy\Desktop\esetsmartinstaller_deu.exe
Error: (10/13/2014 08:18:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\akaFreshy\Downloads\esetsmartinstaller_deu.exe
Error: (10/13/2014 07:58:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3330 CPU @ 3.00GHz
Percentage of memory in use: 26%
Total physical RAM: 8134.46 MB
Available physical RAM: 6015.89 MB
Total Pagefile: 16267.1 MB
Available Pagefile: 13382.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:921.41 GB) (Free:863.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 55939DDC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=921.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10 GB) - (Type=27)
==================== End Of Log ============================
|
| Themen zu Probleme mit dem PC |
| 4d36e972-e325-11ce-bfc1-08002be10318, adware, alternate, association, bitdefender 2015, browser, combofix, cpu, cyberghost, driver booster, error, failed, farbar, fehler, flash player, helper, home, iexplore.exe, kaspersky, langs, mozilla, realtek, registry, rundll, scan, security, services.exe, software, start menu, svchost.exe, system, teamspeak, teredo, usb, windows |
Baum-Darstellung