Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60

Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60


Log-Analyse und Auswertung: Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 28.10.2014, 23:30   #1
sativa86
 
Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60 - Ausrufezeichen

Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60


Hallo ich habe bemerkt das mein mein browser langsamer wurde (crome) bin auf opera umgestiegen der zwar schneller (im videoladen) aber irgendwas stimmt da auch nicht es sind viel zuviele abbildnmaen von opera im taskmanager und meist 2 werden über 900mb gross. wenn ich die grossen exen schliesse läuft alles besser aber wnen ich rechtsklick auf eine der opera.exe´n mache und auf EIGENSCHAFTEN gehe steht bei ORT :\Program Files (x86)\Opera\23.0.1522.77 .... was ist das ? ich habe noch den verdacht in letzter zeit ausspioniert zu werden könnted ihr mir helfen das auf zu decken und mir helfen meiner vermutung nach zu gehen? und vielleicht noch am ende tips für ein anonymes sicheres system würde dafür auch zahlen.

im anhang habe ich meine logfiles.

ich kenne mich gut mit dem pc aus nur das ist ein thema mit dem ich mich nie so beschäfftigt habe. bin sehr lernfähig

und ich möchte gern wissen ob ich meine passwörter ändern sollte weil ich vermute die hat jetzt jemand alle...


schonmal vielen dank für eure kompetente hilfe

Alt 29.10.2014, 06:40   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60 - Standard

Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60


Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 29.10.2014, 09:13   #3
sativa86
 
Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60 - Standard

Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60


Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-28 22:30:23
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000064 ATA_____ rev.1B6Q 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\9Tower1\AppData\Local\Temp\ufdiyfob.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                 fffff80002daf000 45 bytes [00, 00, 16, 02, 4E, 74, 66, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                 fffff80002daf02f 10 bytes [00, 01, 00, 06, 00, 00, 00, ...]
.text     C:\Windows\System32\win32k.sys!W32pServiceTable                                                                                    fffff96000104200 7 bytes [00, A2, F3, FF, 01, B6, F0]
.text     C:\Windows\System32\win32k.sys!W32pServiceTable + 8                                                                                fffff96000104208 3 bytes [C0, 06, 02]

---- User code sections - GMER 2.1 ----

.text     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000075b51465 2 bytes [B5, 75]
.text     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[1920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000075b514bb 2 bytes [B5, 75]
.text     ...                                                                                                                                * 2
.text     C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                            00000000726d1a22 2 bytes [6D, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                            00000000726d1ad0 2 bytes [6D, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                            00000000726d1b08 2 bytes [6D, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                            00000000726d1bba 2 bytes [6D, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                            00000000726d1bda 2 bytes [6D, 72]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                     0000000075b51465 2 bytes [B5, 75]
.text     C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                    0000000075b514bb 2 bytes [B5, 75]
.text     ...                                                                                                                                * 2
.text     C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1664] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69       0000000075b51465 2 bytes [B5, 75]
.text     C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1664] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155      0000000075b514bb 2 bytes [B5, 75]
.text     ...                                                                                                                                * 2
.text     C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[3324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                0000000075b51465 2 bytes [B5, 75]
.text     C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[3324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155               0000000075b514bb 2 bytes [B5, 75]
.text     ...                                                                                                                                * 2
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                 0000000077839d0b 5 bytes JMP 000000011000a4d0
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\syswow64\ole32.dll!CoCreateInstanceEx                                               0000000077839d4e 5 bytes JMP 000000011000a630
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutOpen                                                      000000007241451e 5 bytes JMP 000000011000ab40
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutClose                                                     0000000072414b6d 5 bytes JMP 000000011000abb0
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutUnprepareHeader                                           0000000072414bf2 5 bytes JMP 000000011000ac90
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutPrepareHeader                                             0000000072414f0f 5 bytes JMP 000000011000ac50
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutWrite                                                     0000000072414f7b 5 bytes JMP 000000011000ac10
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInOpen                                                       0000000072419054 5 bytes JMP 000000011000ad10
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutReset                                                     000000007241adf9 5 bytes JMP 000000011000abe0
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutGetVolume                                                 00000000724352e8 5 bytes JMP 000000011000acd0
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutSetVolume                                                 000000007243535f 5 bytes JMP 000000011000acf0
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInClose                                                      00000000724359cc 5 bytes JMP 000000011000ae40
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInPrepareHeader                                              0000000072435a6a 5 bytes JMP 000000011000aec0
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInUnprepareHeader                                            0000000072435ad7 5 bytes JMP 000000011000af00
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInAddBuffer                                                  0000000072435b5b 5 bytes JMP 000000011000af40
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInStart                                                      0000000072435bba 5 bytes JMP 000000011000af80
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInStop                                                       0000000072435bee 5 bytes JMP 000000011000b000
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInReset                                                      0000000072435c22 5 bytes JMP 000000011000b060
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInGetPosition                                                0000000072435c67 5 bytes JMP 000000011000b0d0
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\DSOUND.dll!DirectSoundCreate                                               0000000074ae7e3d 5 bytes JMP 000000011000a690
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\DSOUND.dll!DirectSoundCreate8                                              0000000074b1de69 5 bytes JMP 000000011000a770
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\DSOUND.dll!DirectSoundCaptureCreate                                        0000000074b2d2c5 5 bytes JMP 000000011000a8a0
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\DSOUND.dll!DirectSoundCaptureCreate8                                       0000000074b2d371 5 bytes JMP 000000011000a990
.text     C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\DSOUND.dll!DirectSoundFullDuplexCreate                                     0000000074b2d429 5 bytes JMP 000000011000aa80
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutClose                                                     000007fefb2d36ac 5 bytes JMP 000007fefecb01f0
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutUnprepareHeader                                           000007fefb2d3770 5 bytes JMP 000007fefecb0298
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutOpen                                                      000007fefb2d38d0 5 bytes JMP 000007fefecb01b8
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutPrepareHeader                                             000007fefb2d3ca4 5 bytes JMP 000007fefecb0260
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutWrite                                                     000007fefb2d3d40 5 bytes JMP 000007fefecb0228
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInOpen                                                       000007fefb2d7fe0 7 bytes JMP 000007fefecb0378
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutReset                                                     000007fefb2da38c 5 bytes JMP 000007fefecb02d0
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutGetVolume                                                 000007fefb2f49f0 5 bytes JMP 000007fefecb0308
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutSetVolume                                                 000007fefb2f4ab0 5 bytes JMP 000007fefecb0340
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInClose                                                      000007fefb2f52e0 5 bytes JMP 000007fefecb03b0
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInPrepareHeader                                              000007fefb2f53c0 5 bytes JMP 000007fefecb0490
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInUnprepareHeader                                            000007fefb2f5454 5 bytes JMP 000007fefecb04c8
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInAddBuffer                                                  000007fefb2f5514 5 bytes JMP 000007fefecb0500
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInStart                                                      000007fefb2f55a4 6 bytes JMP 000007fefecb03e8
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInStop                                                       000007fefb2f55e4 6 bytes JMP 000007fefecb0420
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInReset                                                      000007fefb2f5624 5 bytes JMP 000007fefecb0458
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInGetPosition                                                000007fefb2f567c 5 bytes JMP 000007fefecb0538
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\DSOUND.dll!DirectSoundCreate8                                              000007feee286944 7 bytes JMP 000007fefecb0180
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\DSOUND.dll!DirectSoundCreate                                               000007feee2a5a84 7 bytes JMP 000007fefecb0148
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\DSOUND.dll!DirectSoundCaptureCreate                                        000007feee2a5b90 7 bytes JMP 000007fefecb0570
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\DSOUND.dll!DirectSoundCaptureCreate8                                       000007feee2a5c94 7 bytes JMP 000007fefecb05a8
.text     C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\DSOUND.dll!DirectSoundFullDuplexCreate                                     000007feee2a5da8 5 bytes JMP 000007fefecb05e0

---- EOF - GMER 2.1 ----
[CODE]FRST
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01
Ran by 9Tower1 (administrator) on 9TOWER1-PC on 28-10-2014 21:58:41
Running from C:\Users\9Tower1\Downloads
Loaded Profile: 9Tower1 (Available profiles: 9Tower1)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files\aquasuite\AquaComputerService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(CMedia) C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\AsusAudioCenter.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files\aquasuite\aquasuite.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-222504254-3214578368-1453069917-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410893491&from=smt&uid=CorsairXForceXGT_11436508000010731432&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410893491&from=smt&uid=CorsairXForceXGT_11436508000010731432&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

Chrome: 
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.5.671\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
CHR Profile: C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-05]
CHR Extension: (YouTube) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-10]
CHR Extension: (Google-Suche) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-10]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-08-10]
CHR Extension: (ZenMate) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-10-17]
CHR Extension: (AdBlock) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-10]
CHR Extension: (Stealthy) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-10-17]
CHR Extension: (Google Wallet) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10]
CHR Extension: (Google Mail) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Aqua Computer Service; C:\Program Files\aquasuite\AquaComputerService.exe [559776 2014-06-19] (Aqua Computer GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-22] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 892cc6a3; "C:\Windows\system32\rundll32.exe" "c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll",service

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-07-10] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-13] ()
S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 GPU-Z; \??\C:\Users\9Tower1\AppData\Local\Temp\GPU-Z.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 21:58 - 2014-10-28 21:58 - 02113024 _____ (Farbar) C:\Users\9Tower1\Downloads\FRST64.exe
2014-10-28 21:58 - 2014-10-28 21:58 - 00014912 _____ () C:\Users\9Tower1\Downloads\FRST.txt
2014-10-28 21:58 - 2014-10-28 21:58 - 00000000 ____D () C:\FRST
2014-10-28 21:57 - 2014-10-28 21:57 - 00000476 _____ () C:\Users\9Tower1\Downloads\defogger_disable.log
2014-10-28 21:57 - 2014-10-28 21:57 - 00000000 _____ () C:\Users\9Tower1\defogger_reenable
2014-10-28 21:56 - 2014-10-28 21:56 - 00050477 _____ () C:\Users\9Tower1\Downloads\Defogger.exe
2014-10-28 21:55 - 2014-10-28 21:55 - 00000088 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (7).txt
2014-10-28 18:08 - 2014-10-28 18:08 - 00000221 _____ () C:\Users\9Tower1\Desktop\Damnation.url
2014-10-27 19:40 - 2014-10-27 19:40 - 00000221 _____ () C:\Users\9Tower1\Desktop\Overlord II.url
2014-10-27 19:39 - 2014-10-28 18:09 - 00000221 _____ () C:\Users\9Tower1\Desktop\Clive Barker's Jericho.url
2014-10-27 17:38 - 2014-10-27 17:38 - 00000110 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (6).txt
2014-10-26 22:19 - 2014-10-26 23:36 - 00000192 _____ () C:\Users\9Tower1\Desktop\wunschliste.txt
2014-10-26 12:11 - 2014-10-28 17:33 - 00000168 _____ () C:\Windows\setupact.log
2014-10-26 12:11 - 2014-10-26 12:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-25 19:10 - 2014-10-25 19:10 - 00008778 _____ () C:\Users\9Tower1\Desktop\cc_20141025_201000.reg
2014-10-25 11:47 - 2014-10-28 20:50 - 00082744 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 16:56 - 2014-10-26 16:37 - 00000594 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (5).txt
2014-10-22 20:22 - 2014-10-22 20:42 - 00000000 ____D () C:\Users\9Tower1\Desktop\music handy
2014-10-22 14:20 - 2014-10-22 14:20 - 00000221 _____ () C:\Users\9Tower1\Desktop\Mirror's Edge.url
2014-10-21 22:34 - 2014-10-28 01:10 - 00000346 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (4).txt
2014-10-20 20:32 - 2014-10-20 22:26 - 00000024 _____ () C:\Users\9Tower1\Desktop\jelly joker.txt
2014-10-20 12:11 - 2014-10-26 17:29 - 00000442 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (3).txt
2014-10-19 23:24 - 2014-10-19 23:25 - 17981827 _____ () C:\Users\9Tower1\Downloads\Louis Vuitton \ Trentemoller feat Ane Trolle - Moan (1).mp4
2014-10-19 23:24 - 2014-10-19 23:24 - 03913920 _____ (New Monte Inc) C:\Users\9Tower1\Downloads\Louis_Vuitton__downloader.exe
2014-10-19 23:24 - 2014-10-19 23:24 - 03708664 _____ (hxxp://yourfile-downloader.com) C:\Users\9Tower1\Downloads\Louis_Vuitton__downloader (1).exe
2014-10-19 23:23 - 2014-10-19 23:25 - 02309857 _____ () C:\Users\9Tower1\Downloads\Louis Vuitton \ Trentemoller feat Ane Trolle - Moan.mp4.opdownload
2014-10-19 23:22 - 2014-10-19 23:22 - 19042629 _____ () C:\Users\9Tower1\Downloads\Trentemøller%20feat.%20Ane%20Trolle%20-%20Moan%20(fan%20made%20video%20clip)-SD.mp4
2014-10-18 11:25 - 2014-10-22 21:00 - 00001079 _____ () C:\Users\9Tower1\Desktop\ts.txt
2014-10-18 11:25 - 2014-10-22 21:00 - 00000000 ____D () C:\Users\9Tower1\Desktop\Neuer Ordner (3)
2014-10-18 02:30 - 2014-10-18 02:30 - 00000000 ____D () C:\Users\9Tower1\Downloads\Wise Care 365
2014-10-18 01:57 - 2014-10-18 02:15 - 13408020 _____ (WiseCleaner.com) C:\Users\9Tower1\Downloads\Wise Care 365 Pro v2.17 (portable).exe
2014-10-17 07:48 - 2014-10-17 07:48 - 00000222 _____ () C:\Users\9Tower1\Desktop\PAYDAY 2.url
2014-10-15 09:55 - 2014-10-15 09:55 - 00085151 _____ () C:\Users\9Tower1\Desktop\1223.xps
2014-10-14 09:59 - 2014-10-14 09:59 - 00000221 _____ () C:\Users\9Tower1\Desktop\Alice Madness Returns.url
2014-10-14 09:22 - 2014-10-14 09:22 - 00052497 _____ () C:\Windows\Cmicnfgp.ini.cfl
2014-10-14 09:22 - 2014-10-14 09:22 - 00000985 _____ () C:\Windows\Cmicnfgp.ini.imi
2014-10-14 09:22 - 2014-10-14 09:22 - 00000924 _____ () C:\Windows\system\Cmicnfgp.ini
2014-10-14 09:22 - 2014-10-14 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Xonar Essence STX Audio
2014-10-14 09:22 - 2013-03-28 10:23 - 00004986 ____N () C:\Windows\Cmicnfgp.ini.cfg
2014-10-14 09:22 - 2013-03-21 09:11 - 00827904 ____N () C:\Windows\system32\Cmeauoxy.exe
2014-10-14 09:22 - 2012-11-20 10:24 - 12935168 ____N (C-Media Corporation) C:\Windows\SysWOW64\CmiCnfgp.dll
2014-10-14 09:22 - 2012-09-28 14:45 - 00465408 ____N (C-Media Electronics Inc.) C:\Windows\system32\cmasiopx.dll
2014-10-14 09:22 - 2012-09-28 14:45 - 00303104 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\cmasiop.dll
2014-10-14 09:22 - 2012-06-06 08:56 - 00143360 ____N () C:\Windows\SysWOW64\VmixP8.dll
2014-10-14 09:22 - 2012-06-04 13:15 - 04533760 ____N () C:\Windows\system32\CmiCnfgp.cpl
2014-10-14 09:22 - 2010-09-28 16:35 - 00000491 ____N () C:\Windows\cmudaxp.ini
2014-10-14 09:22 - 2010-06-25 11:25 - 00000061 ____N () C:\Windows\system32\cmasiopx.ini
2014-10-14 09:22 - 2010-06-25 11:25 - 00000057 ____N () C:\Windows\SysWOW64\cmasiop.ini
2014-10-14 09:22 - 2007-12-13 16:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\SysWOW64\Cm_Oal.dll
2014-10-14 09:22 - 2007-12-13 16:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\system32\Cm_Oal.dll
2014-10-14 09:22 - 2007-11-05 00:30 - 01144983 ____N () C:\Windows\KB936225x64.msu
2014-10-14 09:22 - 2006-09-13 09:21 - 00200704 ____N (C-Media) C:\Windows\SysWOW64\Cmpaoxy.dll
2014-10-13 23:30 - 2014-10-13 23:30 - 15217928 _____ (FinalWire Ltd. ) C:\Users\9Tower1\Downloads\aida64extreme470.exe
2014-10-13 16:55 - 2014-10-13 16:55 - 11095114 _____ () C:\Users\9Tower1\Downloads\PCI_STX_7_12_8_1794_W7 (1).rar
2014-10-13 16:55 - 2014-10-13 16:55 - 00000000 ____D () C:\Users\9Tower1\Downloads\PCI-STX-110512-7.12.8.1794(W7-FR)
2014-10-13 16:53 - 2014-10-13 16:54 - 11095114 _____ () C:\Users\9Tower1\Downloads\PCI_STX_7_12_8_1794_W7.rar
2014-10-13 16:50 - 2014-10-13 16:50 - 25923908 _____ () C:\Users\9Tower1\Downloads\M.O.P.-Cold is ice-SD.mp4
2014-10-13 13:22 - 2014-10-13 13:23 - 00039100 _____ () C:\Users\9Tower1\Desktop\cc_20141013_142250.reg
2014-10-08 21:20 - 2014-10-08 21:20 - 00000000 ____D () C:\Users\9Tower1\Downloads\STX-1.06(W7-QR)
2014-10-08 21:20 - 2013-04-11 18:21 - 02734080 _____ (C-Media Inc) C:\Windows\system32\Drivers\cmudaxp.sys
2014-10-08 21:20 - 2013-04-11 18:21 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\system\CmiFltr.dll
2014-10-08 21:20 - 2013-04-11 18:21 - 00032768 _____ (C-Media Electronics Inc.) C:\Windows\system32\cmudaxp.dll
2014-10-08 21:16 - 2014-10-08 21:16 - 11797337 _____ () C:\Users\9Tower1\Downloads\PCI_STX_7_0_8_1821_Win7.rar
2014-10-08 17:42 - 2014-10-08 21:18 - 00000000 ____D () C:\ProgramData\Xfire
2014-10-08 17:42 - 2014-10-08 20:17 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\Xfire
2014-10-08 17:33 - 2014-10-13 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-10-08 17:33 - 2014-10-13 13:13 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-10-07 18:31 - 2014-10-07 18:31 - 16336696 _____ (Xfire, Inc. ) C:\Users\9Tower1\Downloads\xfire_installer_244_b761.exe
2014-10-07 18:31 - 2014-10-07 18:31 - 16336696 _____ (Xfire, Inc. ) C:\Users\9Tower1\Downloads\xfire_installer_244_b761 (1).exe
2014-10-06 04:14 - 2014-10-26 16:03 - 00000617 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (2).txt
2014-10-05 10:31 - 2014-10-28 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-05 10:31 - 2014-10-13 13:13 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-10-05 10:31 - 2014-10-08 17:33 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-10-05 10:31 - 2014-10-05 10:31 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-05 10:31 - 2014-10-05 10:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-05 10:31 - 2014-10-05 10:31 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-05 10:31 - 2014-10-05 10:31 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-05 10:31 - 2014-10-05 10:31 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-05 10:31 - 2014-10-05 10:31 - 00000000 ____D () C:\Users\9Tower1\AppData\Local\Adobe
2014-10-05 10:31 - 2014-10-05 10:31 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-05 10:22 - 2014-10-05 10:22 - 00003700 _____ () C:\Users\9Tower1\Desktop\Nmc_2014-10-05_11-22-01.log
2014-10-05 10:11 - 2014-10-05 10:11 - 353630168 _____ (Norman Shark AS) C:\Users\9Tower1\Downloads\Norman_Malware_Cleaner (1).exe
2014-10-05 10:08 - 2014-10-05 10:08 - 00895120 _____ (Google Inc.) C:\Users\9Tower1\Downloads\ChromeSetup.exe
2014-10-04 06:14 - 2014-10-13 13:13 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\Winamp
2014-10-04 06:14 - 2014-10-04 06:14 - 00000979 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-10-04 06:14 - 2014-10-04 06:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-10-04 06:14 - 2014-10-04 06:14 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-10-04 06:13 - 2014-10-04 06:13 - 17163336 _____ (Nullsoft, Inc.) C:\Users\9Tower1\Downloads\winamp5666_full_all.exe
2014-10-04 06:12 - 2014-10-04 06:12 - 00765768 _____ ( ) C:\Users\9Tower1\Downloads\winamp5666_full_all_inst.exe
2014-10-03 15:38 - 2014-10-03 15:39 - 00003462 _____ () C:\Users\9Tower1\Desktop\Nmc_2014-10-03_16-38-50.log
2014-10-02 19:29 - 2014-10-02 19:29 - 00000222 _____ () C:\Users\9Tower1\Desktop\Hammerwatch.url
2014-09-29 18:49 - 2014-09-29 18:50 - 00003702 _____ () C:\Users\9Tower1\Desktop\Nmc_2014-09-29_19-49-34.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 21:57 - 2014-08-10 11:35 - 00000000 ____D () C:\Users\9Tower1
2014-10-28 21:12 - 2014-08-10 12:07 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-28 17:56 - 2014-08-10 12:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-28 17:40 - 2009-07-14 18:58 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-10-28 17:40 - 2009-07-14 18:58 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-10-28 17:40 - 2009-07-14 06:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-28 17:39 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-28 17:39 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 17:34 - 2014-09-16 21:10 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-28 17:34 - 2014-08-10 12:07 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-28 17:33 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-28 17:33 - 2009-07-14 05:45 - 00274016 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-27 23:20 - 2014-08-10 13:05 - 00000000 ____D () C:\Users\9Tower1\AppData\Local\Warframe
2014-10-27 22:19 - 2014-08-10 13:02 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\TS3Client
2014-10-25 14:21 - 2014-08-13 19:05 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\Youtube Downloader HD
2014-10-23 21:41 - 2014-08-10 14:19 - 00001276 _____ () C:\Users\9Tower1\Desktop\CoreTemp.ini
2014-10-23 17:27 - 2014-08-16 11:06 - 00000000 ____D () C:\Users\9Tower1\AppData\Local\CrashDumps
2014-10-22 20:42 - 2014-08-17 22:24 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\vlc
2014-10-19 22:32 - 2014-09-25 16:33 - 00000000 ____D () C:\Windows\Minidump
2014-10-18 06:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-10-18 02:32 - 2014-08-10 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aquasuite
2014-10-16 22:56 - 2014-08-10 12:04 - 00000000 ____D () C:\ProgramData\aquasuite-data
2014-10-14 11:01 - 2014-08-22 17:31 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\OBS
2014-10-14 10:01 - 2014-08-22 17:31 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-10-14 09:22 - 2014-08-10 12:11 - 00000142 _____ () C:\Windows\system\Dlap.pfx
2014-10-14 09:22 - 2014-08-10 12:11 - 00000000 ____D () C:\Program Files\ASUS Xonar Essence STX Audio
2014-10-14 09:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2014-10-14 09:21 - 2014-08-10 12:12 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\ASUS
2014-10-13 13:13 - 2014-08-10 12:12 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-10-13 13:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-13 13:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-08 21:18 - 2014-09-16 20:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-08 19:50 - 2014-08-10 11:47 - 00060320 _____ () C:\Users\9Tower1\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-06 17:51 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-05 10:08 - 2014-08-10 12:07 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-03 18:40 - 2014-09-21 17:45 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\Bitcoin
2014-10-02 19:30 - 2014-08-10 12:12 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-10-02 19:30 - 2014-08-10 12:12 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-10-02 19:30 - 2014-08-10 12:12 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-10-02 19:30 - 2014-08-10 12:12 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-09-28 10:27 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 00:32

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Addition - Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01
Ran by 9Tower1 at 2014-10-28 21:59:04
Running from C:\Users\9Tower1\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ad-Aware Antivirus (HKLM\...\{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version:  - Spicy Horse Games)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASUS Xonar Essence STX Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bitcoin Core (32-bit) (HKCU\...\Bitcoin Core (32-bit)) (Version: 0.9.1 - Bitcoin Core project)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Call Of Pripyat Benchmark 1.0 (HKLM-x32\...\{151F4583-1A05-46D9-8A0E-8F61B9C3502B}_is1) (Version:  - GSC Game World)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Clive Barker's Jericho (HKLM-x32\...\Steam App 11420) (Version:  - Mercury Steam)
Damnation (HKLM-x32\...\Steam App 12790) (Version:  - Blue Omega Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Eufloria (HKLM-x32\...\Steam App 41210) (Version:  - Rudolf Kremers & Alex May)
Fallout (HKLM-x32\...\Steam App 38400) (Version:  - Interplay Inc.)
Fallout 2 (HKLM-x32\...\Steam App 38410) (Version:  - Black Isle Studios)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fallout Tactics (HKLM-x32\...\Steam App 38420) (Version:  - 14° East)
Free YouTube to MP3 Converter version 3.12.44.820 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.820 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version:  - Gazillion Entertainment)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 23.0.1522.77 (HKLM-x32\...\Opera 23.0.1522.77) (Version: 23.0.1522.77 - Opera Software ASA)
Overlord II (HKLM-x32\...\Steam App 12810) (Version:  - Triumph Studios)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Primal Carnage (HKLM-x32\...\Steam App 215470) (Version:  - Lukewarm Media)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.7.3 - Shark007)
Sparkle 2 Evo (HKLM-x32\...\Steam App 253650) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
x64 Components v4.7.3 (HKLM\...\Advanced x64Components_is1) (Version: 4.7.3 - Shark007)
Youtube Downloader HD v. 2.9.9.14 (HKLM-x32\...\Youtube Downloader HD_is1) (Version:  - YoutubeDownloaderHD.com)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

08-10-2014 20:20:33 Gerätetreiber-Paketinstallation: ASUSTeK Audio-, Video- und Gamecontroller
13-10-2014 12:48:21 Gerätetreiber-Paketinstallation: ASUSTeK Audio-, Video- und Gamecontroller
13-10-2014 15:39:32 Gerätetreiber-Paketinstallation: ASUSTeK Audio-, Video- und Gamecontroller
13-10-2014 15:56:11 Gerätetreiber-Paketinstallation: ASUSTeK Audio-, Video- und Gamecontroller
14-10-2014 08:22:35 Gerätetreiber-Paketinstallation: ASUSTeK Audio-, Video- und Gamecontroller
14-10-2014 09:00:34 Microsoft Visual C++ 2005 Redistributable wird installiert
14-10-2014 09:00:39 Microsoft Visual C++ 2005 Redistributable wird installiert
14-10-2014 09:00:55 DirectX wurde installiert
18-10-2014 05:45:25 Created by Wise Care 365
20-10-2014 11:59:55 Created by Wise Care 365

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {13BA5481-3173-4694-8BF0-E1D1277D0610} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {4E335346-8C1C-40B2-9293-B0D8378F5E81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-05] (Adobe Systems Incorporated)
Task: {5B46B9F0-0026-411D-A59E-693FC4586945} - System32\Tasks\aquasuite autostart => C:\Program Files\aquasuite\aquasuite.exe [2014-06-19] (Aqua Computer GmbH & Co. KG)
Task: {5BFADE92-363A-497C-AC17-32170A43EBE5} - System32\Tasks\Opera scheduled Autoupdate 1408825883 => C:\Program Files (x86)\Opera\launcher.exe [2014-08-14] (Opera Software)
Task: {772A68ED-03CB-4E60-A6E4-BBED92B0F4C6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {A7B12175-D7BC-44D4-8458-8FC9E6B5BD0E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {B466C3F0-322F-4F37-BFF0-EB9BEA2A55B8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {D89D6EBF-F45A-4D6A-8A52-9AC62AFF13FE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {DAA6FC58-026E-4952-9A90-84F701666B7D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10] (Google Inc.)
Task: {E36DDDA2-77E3-4CAA-91C3-4FD69BD053B6} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {F0101F66-37A3-4C6B-B7D4-E3D8807B6B2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10] (Google Inc.)
Task: {FE1480D1-129D-46C9-91B7-75E22FF2C90D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-10 12:00 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-06 08:19 - 2014-06-06 08:19 - 00008704 _____ () C:\Program Files\aquasuite\Plugins\PluginExportSHM.dll
2014-06-06 08:19 - 2014-06-06 08:19 - 00008192 _____ () C:\Program Files\aquasuite\Plugins\PluginExportXML.dll
2014-06-06 08:19 - 2014-06-06 08:19 - 00009728 _____ () C:\Program Files\aquasuite\Plugins\PluginImportAida64.dll
2014-06-06 08:19 - 2014-06-06 08:19 - 00011776 _____ () C:\Program Files\aquasuite\Plugins\PluginImportHWiFO.dll
2014-06-06 08:19 - 2014-06-06 08:19 - 00011776 _____ () C:\Program Files\aquasuite\Plugins\PluginImportOHM.dll
2014-08-27 11:32 - 2014-08-27 11:32 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
2014-08-27 11:53 - 2014-08-27 11:53 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 11947856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 02167640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00943960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01105224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00247624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00988504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01277248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00975192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01109336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00891720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00843088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 03090768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 02624848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01238848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00928072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll
2014-08-22 17:40 - 2014-08-22 17:44 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-27 11:53 - 2014-08-27 11:53 - 08886592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
2014-08-27 11:53 - 2014-08-27 11:53 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 02101568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00832848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
2014-08-10 12:11 - 2008-07-11 14:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-08-10 12:11 - 2008-07-11 14:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2012-01-11 09:23 - 2012-01-11 09:23 - 00391168 _____ () C:\Program Files\aquasuite\WPFToolkit.Extended.dll
2014-09-16 20:47 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-16 20:47 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-16 20:47 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-16 20:47 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-16 20:47 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-10-14 09:22 - 2012-06-06 08:56 - 00143360 ____N () C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\VmixP8.dll
2014-08-15 08:56 - 2014-08-15 08:56 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\7fb509dd6887788f670fac03bb2f996d\PSIClient.ni.dll
2014-08-10 11:47 - 2012-07-18 05:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-08-23 21:31 - 2014-08-14 12:19 - 00880248 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\libglesv2.dll
2014-08-23 21:31 - 2014-08-14 12:19 - 00135800 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\libegl.dll
2014-08-23 21:31 - 2014-08-14 12:19 - 00957048 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\ffmpegsumo.dll
2014-10-05 10:31 - 2014-10-05 10:31 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IePluginServices => 2
MSCONFIG\Services: ISCTAgent => 2
MSCONFIG\Services: LPTSystemUpdater => 2
MSCONFIG\startupfolder: C:^Users^9Tower1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\9Tower1\AppData\Local\Smartbar\Application\Smartbar.exe startup
MSCONFIG\startupreg: clicup-Agent => C:\Users\9Tower1\AppData\Local\Temp\clicup\clicup.exe
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: VIRTU MVP 2.0 => C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\MVPControlPanel20.Exe /hide

========================= Accounts: ==========================

9Tower1 (S-1-5-21-222504254-3214578368-1453069917-1000 - Administrator - Enabled) => C:\Users\9Tower1
Administrator (S-1-5-21-222504254-3214578368-1453069917-500 - Administrator - Disabled)
Gast (S-1-5-21-222504254-3214578368-1453069917-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-222504254-3214578368-1453069917-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/28/2014 05:39:50 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:39:48 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:39:47 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:39:45 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:39:44 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:39:42 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:34:09 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Während der Installation ist ein Fehler aufgetreten. Starten Sie die Reparatur.

Error: (10/27/2014 05:15:52 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/27/2014 05:15:51 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/27/2014 05:15:50 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))


System errors:
=============
Error: (10/28/2014 05:34:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/28/2014 05:34:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (10/28/2014 05:34:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.

Error: (10/27/2014 05:05:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/27/2014 05:05:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (10/27/2014 05:05:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.

Error: (10/26/2014 00:11:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (10/26/2014 00:11:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (10/26/2014 00:11:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.

Error: (10/25/2014 07:01:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom


Microsoft Office Sessions:
=========================
Error: (10/28/2014 05:39:50 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:39:48 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:39:47 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:39:45 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:39:44 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:39:42 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/28/2014 05:34:09 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Während der Installation ist ein Fehler aufgetreten. Starten Sie die Reparatur.

Error: (10/27/2014 05:15:52 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/27/2014 05:15:51 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))

Error: (10/27/2014 05:15:50 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 33%
Total physical RAM: 15302.31 MB
Available physical RAM: 10139.31 MB
Total Pagefile: 30602.8 MB
Available Pagefile: 24550.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.47 GB) (Free:61.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:119.26 GB) (Free:80.87 GB) NTFS
Drive f: () (Fixed) (Total:812.15 GB) (Free:139.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5F17F65B)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 971AEF83)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=812.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
danke ^^
__________________
Alt 29.10.2014, 20:29   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60 - Standard

Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60


hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60
74053d60, anhang, ausspioniert, besser, browser, eigenschaften, exe, files, fingerprint, g-data, g-data virus, grosse, langsamer, opera, passwörter, rechtsklick, schneller, sicheres, speicher, system, taskmanager, thema, verdacht, virus, windows, windows 7, wissen, würde, ändern


« Windows 7: Kaspersky wird durch eine Gruppenrichtlinie blockiert | Windows 7: Malwarefund durch Malwarebytes »


Ähnliche Themen: Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60


  1. G Data zeigt Schädling Fingerprint 1aa4be8b an
    Plagegeister aller Art und deren Bekämpfung - 22.01.2015 (11)
  2. G-Data findet Fingerprint: [9dc49c46]
    Plagegeister aller Art und deren Bekämpfung - 24.12.2014 (3)
  3. Windows - Browser langsam und viel Werbung (v.a. Ads by Softonic)
    Log-Analyse und Auswertung - 21.12.2014 (12)
  4. G-Data fingerprint: a764c38a
    Plagegeister aller Art und deren Bekämpfung - 13.12.2014 (12)
  5. G Data Bank Guard: Unbekannter Schädling Fingerprint: [11c85a72]
    Log-Analyse und Auswertung - 07.11.2014 (10)
  6. G-Data findet Fingerprint: [b668222c]
    Plagegeister aller Art und deren Bekämpfung - 16.09.2014 (15)
  7. G-Data Virus fingerprint 74053d60, was tun
    Plagegeister aller Art und deren Bekämpfung - 01.09.2014 (7)
  8. G-Data Virus fingerprint 74053d60, was tun
    Alles rund um Windows - 31.08.2014 (27)
  9. G-Data findet Fingerprint: [77d4faca]
    Plagegeister aller Art und deren Bekämpfung - 12.06.2014 (22)
  10. PC interne Festplatte zeigt VIEL zu wenig Speicher an!
    Alles rund um Windows - 01.11.2012 (3)
  11. Browser nimmt zu viel Speicher
    Alles rund um Windows - 15.10.2011 (2)
  12. Taskmanager programme verbrauchen (plötzlich) extrem viel speicher!
    Plagegeister aller Art und deren Bekämpfung - 14.02.2010 (4)
  13. svchost.exe verbraucht zu viel speicher
    Log-Analyse und Auswertung - 17.10.2009 (0)
  14. iexplore.exe frisst auffällig viel Speicher
    Plagegeister aller Art und deren Bekämpfung - 23.10.2007 (6)
  15. iexplore.exe frisst sehr viel Speicher!
    Mülltonne - 20.10.2007 (0)
  16. viel zu hoher virtueller Speicher(>2GB)
    Log-Analyse und Auswertung - 15.04.2007 (2)
  17. viel zu hoher virtueller speicher(>2GB)
    Mülltonne - 13.04.2007 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60 - Hallo ich habe bemerkt das mein mein browser langsamer wurde (crome) bin auf opera umgestiegen der zwar schneller (im videoladen) aber irgendwas stimmt da auch nicht es sind viel zuviele - Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60...
Archiv
Du betrachtest: Windows 7: Zuviele Browser im Taskmanager 2x fressen viel speicher / G-Data Virus fingerprint 74053d60 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19