| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC hängt sich nach ein bis zwei Stunden auf und es funktioniert Nichts mehrWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.07.2015, 19:24
| #1 |
| |  PC hängt sich nach ein bis zwei Stunden auf und es funktioniert Nichts mehr Also zu meinem Problem, mein PC hängt sich nach ein bis zwei Stunden gebrauch immer auf/ friert ein. -Die (Computer)Zeit bleibt stehen. -Maus und Tastatur reagieren nicht. heißt, dass ich meinen PC neu starten/booten muss. mein PC scheint schneller abzustürzen/ einzufrieren, wenn ich mehrere Programme gleichzeitig laufen lasse Firefox und VLC Media Player. [Bisher unternommene Maßnahmen] PC-Case Aufgeschraubt, Lüfter abgesaugt, GraKa ausgebaut/ eingebaut, Sata & Stromkabel überprüft, wieder Zusammengebaut. [Problem besteht immer noch] danke schon einmal für eure Hilfe. |
|
14.07.2015, 19:33
| #2 |
| /// the machine /// TB-Ausbilder    |  PC hängt sich nach ein bis zwei Stunden auf und es funktioniert Nichts mehr Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
14.07.2015, 20:17
| #3 |
| | PC hängt sich nach ein bis zwei Stunden auf und es funktioniert Nichts mehrFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015 Ran by Barti (administrator) on MARVIN-PC on 14-07-2015 17:37:44 Running from C:\Users\Barti\Downloads Loaded Profiles: Barti (Available Profiles: Barti) Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe () C:\Windows\SysWOW64\ASGT.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe () C:\Windows\System\3DG4me.exe (Akamai Technologies, Inc.) C:\Users\Barti\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Barti\AppData\Local\Akamai\netsession_win.exe (CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe (ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe () C:\Users\Barti\Downloads\Defogger.exe (NVIDIA Corporation) C:\Users\Barti\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation) HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [2009952 2013-05-31] (cFos Software GmbH) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd HKLM\...\Run: [3DG4me] => C:\Windows\System\3DG4me.exe [151552 2013-05-28] () HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-06-14] (CyberLink) HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [234000 2012-06-14] (CyberLink Corp.) HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-12] (Bitleader) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-16] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-3462436160-3086328536-2913497107-1001\...\Run: [ASRockRuefi] => [X] HKU\S-1-5-21-3462436160-3086328536-2913497107-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Barti\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.) HKU\S-1-5-21-3462436160-3086328536-2913497107-1001\...\Run: [GoogleChromeAutoLaunch_3F2B484BF86EF833D714C88D251CD1DF] => C:\Google\Chrome\Application\chrome.exe [854344 2014-10-22] (Google Inc.) HKU\S-1-5-21-3462436160-3086328536-2913497107-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd) Startup: C:\Users\Barti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2014-12-13] ShortcutTarget: Curse.lnk -> C:\Users\Barti\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank HKU\S-1-5-21-3462436160-3086328536-2913497107-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File Toolbar: HKLM-x32 - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{886BCFE1-E444-4148-AB77-F36F1B5959A6}: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default FF SelectedSearchEngine: vi-view FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-05] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-05] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-06-24] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-06-24] (Intel Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll No File FF user.js: detected! => C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default\user.js [2015-06-28] FF SearchPlugin: C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default\searchplugins\google-images.xml [2014-12-08] FF SearchPlugin: C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default\searchplugins\google-maps.xml [2014-12-08] FF Extension: Avira Browser Safety - C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default\Extensions\abs@avira.com [2015-07-02] FF Extension: YouTube Unblocker - C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default\Extensions\youtubeunblocker__web@unblocker.yt [2015-06-10] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default\Extensions\elemhidehelper@adblockplus.org.xpi [2014-11-19] FF Extension: Real Player Notifier Plus - C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default\Extensions\{047fd2d7-e074-4d88-800d-51b6116ad3e3}.xpi [2014-12-15] FF Extension: {cf72360c-68a2-44ce-8c6e-c95475afba7f} - C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default\Extensions\{cf72360c-68a2-44ce-8c6e-c95475afba7f}.xpi [2014-12-07] FF Extension: Adblock Plus - C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-19] FF HKU\S-1-5-21-3462436160-3086328536-2913497107-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Barti\AppData\Roaming\Mozilla\Firefox\Profiles\Sr66pfNN.default\extensions\cliqz@cliqz.com Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com" CHR Plugin: (Shockwave Flash) - C:\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File CHR Plugin: (Chrome PDF Viewer) - C:\Google\Chrome\Application\38.0.2125.111\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) CHR Profile: C:\Users\Barti\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Barti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-09] CHR Extension: (Adblock Plus) - C:\Users\Barti\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-10] CHR Extension: (Avira Browser Safety) - C:\Users\Barti\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-09] CHR Extension: (AdBlock) - C:\Users\Barti\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-10] CHR Extension: (Google Wallet) - C:\Users\Barti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-09] CHR Extension: (YouTube Unblocker) - C:\Users\Barti\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2015-01-01] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-16] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-16] (Avira Operations GmbH & Co. KG) R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed] R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [652640 2013-05-31] (cFos Software GmbH) S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-28] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-06-24] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-04-09] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-06-24] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-16] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-06-16] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-04] (Avira Operations GmbH & Co. KG) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-14] (Intel Corporation) R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2013-07-02] (ASUSTeK Computer Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-07-14] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [125952 2014-06-24] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39240 2015-06-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation) R3 USBADVAU; C:\Windows\system32\drivers\cm11264.sys [4121088 2012-11-29] (C-Media Electronics Inc) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) S3 AsrDrv10; \??\C:\Windows\SysWOW64\Drivers\AsrDrv10.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-14 17:37 - 2015-07-14 17:37 - 00019445 _____ C:\Users\Barti\Downloads\FRST.txt 2015-07-14 17:36 - 2015-07-14 17:37 - 00000000 ____D C:\FRST 2015-07-14 17:35 - 2015-07-14 17:35 - 02133504 _____ (Farbar) C:\Users\Barti\Downloads\FRST64.exe 2015-07-14 17:33 - 2015-07-14 17:33 - 00000472 _____ C:\Users\Barti\Downloads\defogger_disable.log 2015-07-14 17:33 - 2015-07-14 17:33 - 00000000 _____ C:\Users\Barti\defogger_reenable 2015-07-14 17:32 - 2015-07-14 17:32 - 00050477 _____ C:\Users\Barti\Downloads\Defogger.exe 2015-07-14 17:22 - 2013-07-02 17:29 - 00024824 _____ (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys 2015-07-12 14:45 - 2015-07-12 14:45 - 00000202 _____ C:\Users\Barti\Desktop\Don't Starve.url 2015-07-12 12:38 - 2015-07-12 12:38 - 00002153 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2015-07-12 12:38 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-07-12 12:37 - 2015-07-12 12:38 - 00000000 ____D C:\Windows\LastGood.Tmp 2015-07-12 12:37 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-07-12 12:37 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00879000 _____ C:\Windows\system32\nvmcumd.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-07-12 12:37 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00117392 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-07-12 12:37 - 2015-06-17 11:10 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys 2015-07-12 00:10 - 2015-07-12 00:10 - 01198368 _____ C:\Users\Barti\Downloads\VLC media player 64 Bit - CHIP-Installer.exe 2015-07-09 22:14 - 2015-07-09 22:14 - 00001040 _____ C:\Users\Barti\Desktop\219740 - Verknüpfung.lnk 2015-07-09 17:22 - 2015-07-14 16:06 - 00000000 ____D C:\Users\Barti\Desktop\dont starve save 2015-07-05 21:40 - 2015-07-05 21:40 - 00001485 _____ C:\Users\Barti\Desktop\Anwendung radioaktiver Strahlung - Verknüpfung.lnk 2015-07-01 02:14 - 2015-07-01 02:14 - 00571579 _____ C:\Users\Barti\Downloads\Untitled100000000000000000000.exe 2015-07-01 02:14 - 2015-07-01 02:14 - 00000322 _____ C:\Users\Barti\Downloads\Untitled100000000000000000000.cpp 2015-07-01 01:53 - 2015-07-01 01:53 - 04711318 _____ C:\Users\Barti\Downloads\rand srand zufallszahl.exe 2015-07-01 01:53 - 2015-07-01 01:53 - 00000305 _____ C:\Users\Barti\Downloads\rand srand zufallszahl.cpp 2015-07-01 01:48 - 2015-07-01 01:48 - 00220076 _____ C:\Users\Barti\Downloads\Untitled5222222.exe 2015-07-01 01:48 - 2015-07-01 01:48 - 00000370 _____ C:\Users\Barti\Downloads\Untitled5222222.cpp 2015-07-01 00:39 - 2015-07-01 00:39 - 04711875 _____ C:\Users\Barti\Downloads\Sortieren_und_Zufall_30.06.2015.exe 2015-07-01 00:28 - 2015-07-01 00:28 - 04711878 _____ C:\Users\Barti\Downloads\Sortieren_und_Zufall_29.06.2015(1).exe 2015-07-01 00:26 - 2015-07-01 00:39 - 00002039 _____ C:\Users\Barti\Downloads\Sortieren_und_Zufall_30.06.2015.cpp 2015-07-01 00:26 - 2015-07-01 00:26 - 00001625 _____ C:\Users\Barti\Downloads\Sortieren_und_Zufall_29.06.2015(1).cpp 2015-07-01 00:26 - 2015-07-01 00:26 - 00000646 _____ C:\Users\Barti\Downloads\--bung_30.06.2015.cpp 2015-07-01 00:25 - 2015-07-01 00:25 - 00001625 _____ C:\Users\Barti\Downloads\Sortieren_und_Zufall_29.06.2015.cpp 2015-06-29 20:19 - 2015-06-29 20:19 - 00017734 _____ C:\Users\Barti\Downloads\Fachinformatiker Anwendungsentwicklung – www.fachadmin.de.txt 2015-06-29 20:07 - 2015-06-29 20:07 - 00028873 _____ C:\Users\Barti\Downloads\Fachinformatiker Anwendungsentwicklung – www.fachadmin.de.html 2015-06-26 12:01 - 2015-06-26 12:31 - 00000000 ____D C:\Users\Barti\AppData\Roaming\.minecraft 2015-06-26 12:01 - 2015-06-26 12:01 - 00000000 ____D C:\Users\Barti\AppData\Roaming\java 2015-06-26 12:00 - 2015-06-26 12:01 - 00000000 ____D C:\Program Files (x86)\Minecraft 2015-06-26 12:00 - 2015-06-26 12:00 - 02314240 _____ C:\Users\Barti\Downloads\MinecraftInstaller.msi 2015-06-26 12:00 - 2015-06-26 12:00 - 00000973 _____ C:\Users\Public\Desktop\Minecraft.lnk 2015-06-26 12:00 - 2015-06-26 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-06-26 10:54 - 2015-06-26 10:54 - 00000000 ____D C:\Users\Barti\Documents\DefendersQuest 2015-06-26 10:54 - 2015-06-26 10:54 - 00000000 ____D C:\Users\Barti\AppData\Roaming\DefendersQuest 2015-06-23 16:54 - 2015-06-23 16:54 - 01036288 _____ C:\Users\Barti\Downloads\Abfragen-Verein_leer.mdb 2015-06-23 01:57 - 2015-06-26 20:54 - 00000000 ____D C:\Users\Barti\Downloads\Ich Einfach unverbesserlich German 2010 AC3 DVD 2015-06-23 01:52 - 2015-06-23 01:52 - 00020741 _____ C:\Users\Barti\Downloads\FB464BD398F03E3C0756FCFECEA36BE3268DAE9C.torrent 2015-06-23 01:46 - 2015-06-23 01:46 - 00020869 _____ C:\Users\Barti\Downloads\Ich-Einfachunverbesserlich - ThePirateBay.TO.torrent 2015-06-17 22:12 - 2015-06-17 22:13 - 00429169 _____ C:\Users\Barti\Downloads\Arifureta Shokugyou de Sekai Saikyou - Arc 2.epub 2015-06-17 22:12 - 2015-06-17 22:12 - 00423142 _____ C:\Users\Barti\Downloads\Arifureta Shokugyou de Sekai Saikyou - Arc 1.epub 2015-06-17 22:10 - 2015-06-17 22:10 - 00591304 _____ C:\Users\Barti\Downloads\Arifureta Shokugyou de Sekai Saikyou - Arc 3.epub 2015-06-17 21:57 - 2015-06-17 21:57 - 00434306 _____ C:\Users\Barti\Downloads\Arifureta Shokugyou de Sekai Saikyou - Volume 9.epub 2015-06-16 00:08 - 2015-06-16 00:08 - 00442291 _____ C:\Users\Barti\Downloads\Arifureta - Volume 7 (Dark).epub 2015-06-15 23:59 - 2015-06-15 23:59 - 00442291 _____ C:\Users\Barti\Downloads\Arifureta - Volume 7 (Light).epub 2015-06-15 23:54 - 2015-06-15 23:54 - 00442944 _____ C:\Users\Barti\Downloads\Arifureta - Volume 6.epub 2015-06-15 23:53 - 2015-06-15 23:53 - 00420856 _____ C:\Users\Barti\Downloads\Arifureta - Volume 5.epub 2015-06-14 23:16 - 2015-06-14 23:16 - 00408297 _____ C:\Users\Barti\Downloads\Arifureta - Volume 4.epub 2015-06-14 23:16 - 2015-06-14 23:16 - 00398099 _____ C:\Users\Barti\Downloads\Arifureta - Volume 3.epub 2015-06-14 23:09 - 2015-06-14 23:09 - 00393115 _____ C:\Users\Barti\Downloads\Arifureta - Volume 2.epub 2015-06-14 22:38 - 2015-06-14 22:38 - 00000000 ____D C:\Users\Barti\AppData\Local\calibre-cache 2015-06-14 22:37 - 2015-06-29 20:21 - 00000000 ____D C:\Users\Barti\Documents\Calibre-Bibliothek 2015-06-14 22:37 - 2015-06-14 23:22 - 00000000 ____D C:\Users\Barti\AppData\Roaming\calibre 2015-06-14 22:37 - 2015-06-14 22:37 - 00000942 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk 2015-06-14 22:37 - 2015-06-14 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management 2015-06-14 22:37 - 2015-06-14 22:37 - 00000000 ____D C:\Program Files\Calibre2 2015-06-14 22:28 - 2015-06-14 22:28 - 00405920 _____ C:\Users\Barti\Downloads\Arifureta - Volume 1.epub 2015-06-14 22:26 - 2015-06-14 22:30 - 70250496 _____ C:\Users\Barti\Downloads\calibre-64bit-2.30.0.msi 2015-06-14 22:18 - 2015-06-14 22:18 - 00143598 _____ C:\Users\Barti\Downloads\Arifureta - Volume 1.mobi 2015-06-14 21:10 - 2015-06-14 21:12 - 00000000 ____D C:\Users\Barti\Downloads\Uncensored Hentai Pics 02 - Yoshicko No Yume 2015-06-14 21:05 - 2015-06-14 21:09 - 00000000 ____D C:\Users\Barti\Downloads\Uncensored Hentai Pics - Yoshicko no Yume 2015-06-14 21:05 - 2015-06-14 21:05 - 00000000 ____D C:\Users\Barti\Downloads\CL-orz11 (Love Plus) 2015-06-14 21:01 - 2015-06-14 21:03 - 30285871 _____ C:\Users\Barti\Downloads\CL-orz11 (Love Plus).rar 2015-06-14 20:54 - 2015-06-14 20:55 - 00000000 ____D C:\Users\Barti\Downloads\feet2 2015-06-14 20:47 - 2015-06-14 20:54 - 165284662 _____ C:\Users\Barti\Downloads\Feet.rar 2015-06-14 20:42 - 2015-06-14 20:42 - 00000000 ____D C:\Users\Barti\Downloads\Neuer Ordner 2015-06-14 20:41 - 2015-06-14 22:18 - 00000000 ____D C:\Users\Barti\Downloads\Fantasy 2015-06-14 20:39 - 2015-06-14 20:39 - 02058768 _____ C:\Users\Barti\Downloads\winrar-x64-521d.exe 2015-06-14 20:39 - 2015-06-14 20:39 - 00000000 ____D C:\Users\Barti\AppData\Roaming\WinRAR 2015-06-14 20:39 - 2015-06-14 20:39 - 00000000 ____D C:\Users\Barti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-06-14 20:39 - 2015-06-14 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-06-14 20:39 - 2015-06-14 20:39 - 00000000 ____D C:\Program Files\WinRAR 2015-06-14 20:34 - 2015-06-14 20:37 - 69905518 _____ C:\Users\Barti\Downloads\Fantasy.rar 2015-06-14 01:15 - 2015-07-01 23:17 - 00000000 ____D C:\Users\Barti\Downloads\xxx ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-14 17:33 - 2014-11-06 01:09 - 00000000 ____D C:\Users\Barti 2015-07-14 17:28 - 2014-11-06 01:09 - 01350354 _____ C:\Windows\WindowsUpdate.log 2015-07-14 17:23 - 2014-03-18 12:04 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-14 17:23 - 2014-03-18 11:25 - 00765378 _____ C:\Windows\system32\perfh007.dat 2015-07-14 17:23 - 2014-03-18 11:25 - 00159696 _____ C:\Windows\system32\perfc007.dat 2015-07-14 17:22 - 2014-11-06 07:33 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3462436160-3086328536-2913497107-1001 2015-07-14 17:19 - 2014-11-08 23:42 - 00006469 _____ C:\Windows\SysWOW64\Gms.log 2015-07-14 17:17 - 2015-04-04 13:14 - 00055816 _____ C:\Windows\setupact.log 2015-07-14 17:17 - 2015-01-06 15:31 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-14 17:17 - 2014-12-13 18:10 - 00000000 ____D C:\Users\Barti\AppData\Roaming\Curse Client 2015-07-14 17:17 - 2014-11-09 16:01 - 00000000 ____D C:\ProgramData\NVIDIA 2015-07-14 17:17 - 2014-11-06 07:54 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-14 17:17 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-14 17:14 - 2014-11-09 05:13 - 00000000 ____D C:\Users\Barti\AppData\Local\Battle.net 2015-07-14 17:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru 2015-07-14 16:51 - 2014-11-06 07:54 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-14 15:55 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2015-07-14 15:27 - 2014-11-06 07:42 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{30E22688-967F-44DD-B982-07C73D048A9C} 2015-07-14 15:25 - 2014-11-09 14:59 - 00000000 ____D C:\Users\Barti\AppData\Local\Akamai 2015-07-13 23:37 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2015-07-12 22:11 - 2014-11-11 21:34 - 00441344 ___SH C:\Users\Barti\Desktop\Thumbs.db 2015-07-12 12:54 - 2014-11-22 16:07 - 00000000 __SHD C:\Users\Barti\AppData\Local\EmieBrowserModeList 2015-07-12 12:54 - 2014-11-06 07:43 - 00000000 __SHD C:\Users\Barti\AppData\Local\EmieUserList 2015-07-12 12:54 - 2014-11-06 07:43 - 00000000 __SHD C:\Users\Barti\AppData\Local\EmieSiteList 2015-07-12 12:38 - 2014-11-09 16:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-07-12 12:38 - 2014-11-09 16:00 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-07-12 12:37 - 2015-06-01 18:59 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-07-12 11:51 - 2014-11-09 16:03 - 00001397 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-07-12 01:45 - 2014-11-09 21:15 - 00000000 ____D C:\Users\Barti\AppData\Roaming\TS3Client 2015-07-12 00:13 - 2014-11-09 23:29 - 00000887 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-07-10 11:41 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2015-07-09 15:40 - 2015-06-04 12:40 - 00006898 _____ C:\Windows\PFRO.log 2015-07-09 14:43 - 2015-01-06 15:30 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-07-09 14:43 - 2015-01-06 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-07-09 14:43 - 2015-01-06 15:30 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-07-08 14:04 - 2015-01-10 20:36 - 00000000 ____D C:\Users\Barti\Downloads\currentMacroTrainer 2015-07-07 00:58 - 2014-11-10 00:03 - 00000000 ____D C:\Users\Barti\AppData\Roaming\vlc 2015-07-06 23:24 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-06 23:24 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-06 15:25 - 2014-11-08 23:59 - 00000000 ____D C:\ProgramData\Package Cache 2015-07-06 15:25 - 2014-11-08 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-07-06 15:25 - 2014-11-08 23:59 - 00000000 ____D C:\Program Files (x86)\Avira 2015-07-05 01:03 - 2014-11-20 20:03 - 00000000 ____D C:\Users\Barti\AppData\Local\Adobe 2015-07-03 14:29 - 2014-11-08 23:39 - 00000368 _____ C:\Windows\lgfwup.ini 2015-07-03 14:29 - 2014-11-08 23:39 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate 2015-07-02 17:16 - 2014-11-09 05:13 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-06-27 21:58 - 2014-11-27 19:04 - 00000000 ____D C:\Users\Barti\AppData\Roaming\Skype 2015-06-26 20:55 - 2014-12-16 18:51 - 00000000 ____D C:\Users\Barti\AppData\Local\JDownloader v2.0 2015-06-24 13:36 - 2014-11-09 16:01 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-06-24 13:36 - 2014-11-09 16:01 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-06-24 13:36 - 2014-11-09 16:01 - 01320120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-06-24 13:36 - 2014-11-09 16:01 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-06-19 22:39 - 2014-11-27 19:04 - 00000000 ____D C:\ProgramData\Skype 2015-06-18 19:53 - 2015-01-11 20:27 - 00242688 ___SH C:\Users\Barti\Downloads\Thumbs.db 2015-06-17 11:10 - 2015-06-01 19:24 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll 2015-06-17 11:10 - 2014-11-09 16:00 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-06-17 11:10 - 2014-11-09 16:00 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-06-17 11:10 - 2014-11-09 16:00 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-06-17 11:10 - 2014-11-09 16:00 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-06-17 11:10 - 2014-11-09 16:00 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll 2015-06-17 11:10 - 2014-11-09 16:00 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2015-06-17 11:10 - 2014-11-09 16:00 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2015-06-17 11:10 - 2014-11-09 16:00 - 00030966 _____ C:\Windows\system32\nvinfo.pb 2015-06-17 08:48 - 2014-11-09 16:01 - 06873232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-06-17 08:48 - 2014-11-09 16:01 - 03492168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-06-17 08:48 - 2014-11-09 16:01 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-06-17 08:48 - 2014-11-09 16:01 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-06-17 08:48 - 2014-11-09 16:01 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-06-17 08:48 - 2014-11-09 16:01 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-06-16 12:14 - 2014-11-09 00:03 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2015-06-16 12:14 - 2014-11-09 00:03 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2015-06-14 01:15 - 2015-06-11 20:17 - 00000000 ____D C:\Users\Barti\Downloads\Pantsu Dungeon ni Deai o Motomeru no wa Machigatte iru Darou ka 02 db94bddb 2015-06-14 01:15 - 2015-06-11 20:13 - 00000000 ____D C:\Users\Barti\Downloads\Pantsu Dungeon ni Deai o Motomeru no wa Machigatte iru Darou ka 01 1696ed03 ==================== Files in the root of some directories ======= 2015-03-08 03:19 - 2015-03-08 16:31 - 0000346 _____ () C:\Users\Barti\AppData\Roaming\burnaware.ini 2014-11-08 23:08 - 2014-11-08 23:08 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Barti\AppData\Local\Temp\AHK.exe C:\Users\Barti\AppData\Local\Temp\avgnt.exe C:\Users\Barti\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Barti\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Barti\AppData\Local\Temp\nvStInst.exe C:\Users\Barti\AppData\Local\Temp\proxy_vole5759462496536930865.dll C:\Users\Barti\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-07 15:37 ==================== End of log ============================ Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by Barti at 2015-07-14 17:38:01
Running from C:\Users\Barti\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3462436160-3086328536-2913497107-500 - Administrator - Disabled)
Barti (S-1-5-21-3462436160-3086328536-2913497107-1001 - Administrator - Enabled) => C:\Users\Barti
Gast (S-1-5-21-3462436160-3086328536-2913497107-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3462436160-3086328536-2913497107-1009 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3462436160-3086328536-2913497107-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
ArtMoney SE v7.43 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.43 - System SoftLab)
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock Restart to UEFI v1.0.3 (HKLM-x32\...\ASRock Restart to UEFI_is1) (Version: - )
ASUS GPU Tweak (x32 Version: 2.7.1.8 - ASUSTek COMPUTER INC.) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BurnAware Free 7.9 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
calibre 64bit (HKLM\...\{2D534835-A873-4402-BEED-813FE50BF118}) (Version: 2.30.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.31 - Cliqz.com)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5220 - CyberLink Corp.)
CyberLink Media Suite 8 (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2820b - CyberLink Corp.)
CyberLink Power2Go 7 (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.2719b - CyberLink Corp.)
CyberLink PowerBackup 2.5 (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.9102 - CyberLink Corp.)
CyberLink YouCam 3.1 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.5324 - CyberLink Corp.)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Driver Restore (HKLM\...\Driver Restore) (Version: 2.3.0.0 - 383 Media, Inc.)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version: - Valve)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1048 - Intel Corporation)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SanDisk SSD Toolkit 1.0.0.1 (HKLM-x32\...\{26326B5B-3D62-4C12-8841-6B55A19B552D}_is1) (Version: 1.0.0.1 - SanDisk Corporation)
Sennheiser 3D G4ME1 (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB6}) (Version: 1.00.0001 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SPEEDLINK MEDUSA NX 7.1 (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 2.0.01.13 - SPEEDLINK)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Unity (HKLM-x32\...\Unity) (Version: 5.0.0f4 - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WinImage (HKLM\...\WinImage) (Version: - )
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XFast LAN v9.05 (HKLM\...\XFast LAN) (Version: 9.05 - cFos Software GmbH, Bonn)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
07-07-2015 16:01:16 Geplanter Prüfpunkt
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06B995D8-245C-4152-9B76-EFAECEB6C2F1} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {38C31C69-6439-4357-BEC1-DA8346D1CC04} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-25] (ASUSTek Computer Inc.)
Task: {4E04530E-877F-4AE1-89E0-B485F7624CA1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {62CC5DD2-CC6F-4213-8D03-9BF51AEF143F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {654003AC-A267-4022-953C-D0661510603B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-06-14] (CyberLink)
Task: {766DA760-50C8-4E85-B495-B46C9B8379E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {A69315CB-8D87-4F07-9F3C-3FE289EB68BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B2B0D0DB-FFA5-4D01-9CF2-CE2E3083D946} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {B7B1031D-A7C3-44E0-86C2-72E9F886BFE3} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {DD730C91-E59C-404B-811E-C1063B5FE242} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-04-09] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-11-09 16:01 - 2015-06-17 08:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-17 12:24 - 2012-01-17 12:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-01-17 19:22 - 2013-05-28 18:56 - 00151552 ____N () C:\Windows\System\3DG4me.exe
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-07-14 17:32 - 2015-07-14 17:32 - 00050477 _____ () C:\Users\Barti\Downloads\Defogger.exe
2015-06-01 18:59 - 2015-06-24 13:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-11-08 23:26 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-01-17 19:22 - 2012-06-06 11:56 - 00143360 ____N () C:\Windows\System\3DG4me.dll
2011-03-09 15:21 - 2011-03-09 15:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 15:21 - 2011-03-09 15:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-06-24 17:08 - 2014-06-24 17:08 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-16 22:49 - 2014-09-16 22:49 - 00278528 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2014-08-28 18:49 - 2014-08-28 18:49 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3462436160-3086328536-2913497107-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{FC93B2CC-9AA9-4342-86D8-9F08103CED23}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{43EF887E-C685-42EF-92A9-C991E2D0BA98}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{E7320E9E-D24B-428C-A708-59FCBB300520}C:\users\barti\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\barti\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A149E812-042F-46D9-9A3A-BD2453BA771A}C:\users\barti\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\barti\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F3E08CBD-F443-413E-9F2A-66ABE4CCDCBA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A0E149B8-EB02-4788-822D-27394FC71B52}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C144BAF8-99A7-4FFC-98D7-3E08A7022BF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EF9BE1B7-504B-488D-B8FA-66768D548CD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D6F02230-175C-418B-B9D6-3C9B919404EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B00AAD6D-37B5-48B9-96A4-5FB82A6EC5A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E1DAFEA0-42B1-4587-B55A-A462705EFE71}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{841EFF32-0725-4B1C-B43E-471EFA3F14C0}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{0BCA4047-0731-4C15-B4F8-C9E1B4F8DC20}D:\b.net\starcraft 2\versions\base32283\sc2.exe] => (Allow) D:\b.net\starcraft 2\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{B01C0617-FBF2-4DDB-B76D-036A19DF3510}D:\b.net\starcraft 2\versions\base32283\sc2.exe] => (Allow) D:\b.net\starcraft 2\versions\base32283\sc2.exe
FirewallRules: [{D413C8D0-CD49-4A32-A330-651C1513DA34}] => (Allow) D:\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{6CA09D66-A4CF-43BF-9CCF-DB18361D6A2A}] => (Allow) D:\Steam\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [TCP Query User{70CDCCB4-0A31-46AF-BE20-8AD76FCC81A1}C:\users\barti\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\barti\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{24B8D08A-86E3-42A4-AB2A-DA8A743C0B6C}C:\users\barti\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\barti\appdata\local\akamai\netsession_win.exe
FirewallRules: [{E9D89D61-677A-47DC-BD36-DB35CF34EA69}] => (Allow) D:\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{589C9655-86A8-4AEC-8439-CBB3F236D3C2}] => (Allow) D:\Steam\steamapps\common\Thief\Binaries\Win64\Shipping-ThiefGame.exe
FirewallRules: [{19671431-FAE1-4183-9AEA-F891EC4B5F8F}] => (Allow) D:\Steam\steamapps\common\Pixel Piracy\PixelPiracy.exe
FirewallRules: [{FD86DD06-F753-4BFF-8E56-CAA28FB71890}] => (Allow) D:\Steam\steamapps\common\Pixel Piracy\PixelPiracy.exe
FirewallRules: [{CDDFF40C-358E-468B-8081-FBEDD0F370E6}] => (Allow) D:\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{EB489A79-03A7-4E6A-8E33-AC6F0299C30B}] => (Allow) D:\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{A74B1794-EC6E-4653-9D46-5D6F9FF8ED61}] => (Allow) D:\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{80390D39-07EC-478D-8DAF-B85F03858043}] => (Allow) D:\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [TCP Query User{A293001E-7D41-4424-84F4-BD09F130B91E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BC33BD6C-B69C-4B3A-BF76-3F2C39F9CE5D}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{EBC9DEB6-22E4-41DB-8C55-2F2D7013BE4F}D:\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) D:\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [UDP Query User{BAAD02D6-AF69-4AD8-A5A7-270A69E3377D}D:\steam\steamapps\common\starbound\win32\starbound_server.exe] => (Allow) D:\steam\steamapps\common\starbound\win32\starbound_server.exe
FirewallRules: [{4EDA6C8F-8D78-4208-B662-B407578A6DEE}] => (Allow) D:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [{FFB85847-3001-4A59-8CC1-56179E83EFAC}] => (Allow) D:\Steam\steamapps\common\Risk of Rain\Risk of Rain.exe
FirewallRules: [TCP Query User{C7A2D698-087E-4C56-B0D5-DFD9EEC2BF62}D:\b.net\diablo iii\diablo iii.exe] => (Allow) D:\b.net\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{C78EE7BF-D666-4134-8A84-2D4FB16B886A}D:\b.net\diablo iii\diablo iii.exe] => (Allow) D:\b.net\diablo iii\diablo iii.exe
FirewallRules: [{440F2BD9-C662-426F-866F-AA76991BE9C0}] => (Allow) D:\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{21B312F5-F18C-4872-97F1-10267B744DC1}] => (Allow) D:\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{81F1C762-13DE-4786-9758-CC4DFB231D27}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{033C37B0-C562-4C12-ACE8-F36A244D1FF8}] => (Allow) D:\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{78A0706D-B624-479E-B795-DDD1721B3248}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{B4BD1384-1260-446B-BCA3-1904587B6BC6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{C52481B6-2300-4411-BDFC-957F61C5B204}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{774F5039-FD50-4CCE-99B4-65DA1584D4E3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{A7FC7FF0-CE65-4270-BE90-E1CB1E988E25}] => (Allow) D:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{87C85FEB-B840-438E-93AC-70357C786CDA}] => (Allow) D:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [TCP Query User{05883AB0-6AD7-4C84-9A37-E4B4F066E7DF}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EB7ADC82-BCC7-4221-9814-8D744D76236E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E19CA126-396C-4432-A745-8B7EB0A9B50B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{740EB725-3B32-43E8-9B5D-30C61456585D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{7BEDCB3D-1D49-4AF1-A180-F52062F1BBEA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{E77E0E56-6DAC-42BD-B02F-02419EE833A2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{492888E7-4EDB-4973-9F1C-7AD5529D37EA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{749BDD97-BFFC-4E9E-A283-3E0CDE8667FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{32427921-E821-4D08-882F-F8AE10A81392}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{55E72054-C0EB-4FDA-AD69-B72251AD172D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{30097CBA-FF27-4C15-9AEC-E2C77DDC9077}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{1B6949A1-B4FE-4AB3-A204-25864FD96CBA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{1185A3FB-D200-4FE5-8CCF-27B71F0A58FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{E15ADACF-5A0D-4D66-8B2E-08603EE853C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{24ACB474-42A3-485C-9EA6-6D36895487AB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{F62B499C-0CE4-4A31-87C2-32DED64DA21C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{5397A936-DD98-490D-8A3C-2D9314C74C55}] => (Allow) D:\Steam\steamapps\common\DefendersQuest\DefendersQuest.exe
FirewallRules: [{97BE72FA-ECD4-4D37-84F8-E821F12146ED}] => (Allow) D:\Steam\steamapps\common\DefendersQuest\DefendersQuest.exe
FirewallRules: [TCP Query User{354FA318-E44C-41F2-8729-76FD56411A69}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8872928E-4598-4117-9F4B-7F4C7B528114}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{B3DEABD3-059F-45B1-961C-BF7253BE8273}D:\b.net\starcraft 2\versions\base32283\sc2.exe] => (Block) D:\b.net\starcraft 2\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2E01EEAE-22AF-434B-902C-3C975277A701}D:\b.net\starcraft 2\versions\base32283\sc2.exe] => (Block) D:\b.net\starcraft 2\versions\base32283\sc2.exe
FirewallRules: [{BD9E1390-0DAA-4795-8198-0871D54B40BF}] => (Allow) D:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{7F25D048-BC4A-4579-812F-F046E54EA864}] => (Allow) D:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [TCP Query User{B50148AF-B31E-410A-ABC5-1594B6D13EDE}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{B9F17E12-01C6-49D9-9C51-0D57BC220EFF}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{D2FE075A-F427-4D51-A66A-095ACA8B6C09}] => (Block) C:\program files\unity\editor\unity.exe
FirewallRules: [{A37372CB-6091-4A3E-B99D-911CAE730DF5}] => (Block) C:\program files\unity\editor\unity.exe
FirewallRules: [{66D32C21-0D4F-4557-B581-8E620C4C70E6}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{8A34BC2C-DCAB-4C3B-AC5D-6F52864677B5}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3FA8DA53-D97D-4E14-B530-97C686A606C0}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{C8890E32-2FE7-43CB-A725-7218AD59466F}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{DB610BDF-8BA4-4116-A063-5A1C7415986E}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{49D9531B-CC4D-45AD-B9BD-BB9F450AE3F7}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{1D5C3710-D48E-4D45-9232-792403AF4047}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{94750673-4308-4932-A568-49B5571D7847}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{771C24DC-04F0-41F9-A1D4-07314FA71475}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{CF9A68E9-C858-46CF-8720-BCD66F6E861F}] => (Allow) D:\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{1FE80621-1C5F-4501-91FF-A965D331E56F}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{86992987-7FD0-4772-86A5-28222DBC9896}] => (Allow) D:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{FBF53F4C-D644-43B6-8222-74CFA08AD1A2}] => (Allow) D:\Steam\steamapps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{92F91497-00AC-4DB2-8CA2-3348C379C5A3}] => (Allow) D:\Steam\steamapps\common\STALKER Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{87E5F8E8-778D-432D-8B11-0E65FC3A01BA}] => (Allow) D:\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{CF78BE4F-05C1-4EBE-9142-929FD3052452}] => (Allow) D:\Steam\steamapps\common\Stalker Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{CB0BE5EE-485F-4B8C-A741-21E356E84B15}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{3CB92163-58D4-467B-9F42-52531A21617F}] => (Allow) D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{CD9329DD-9CFA-4AE6-BE29-66EF6A5E2205}] => (Allow) D:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{ABA493BE-CB9B-4699-8871-B1C8AFFF3D1A}] => (Allow) D:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{D10998BD-4F10-4784-8FC0-FF51CC5FBF3A}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{3D6AC1A4-2355-460B-9545-0EFB5D8EA5BB}] => (Allow) D:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{1501A076-668B-4ECD-ADE3-E1B0C65E7598}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{A9D6699B-A44C-4372-B193-B0112F86F6C4}] => (Allow) D:\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/14/2015 03:25:43 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (07/14/2015 03:25:22 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (07/13/2015 10:24:48 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (07/13/2015 10:24:29 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (07/13/2015 05:32:43 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (07/13/2015 05:32:23 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (07/12/2015 08:00:55 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (07/12/2015 08:00:36 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (07/12/2015 03:58:59 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
Error: (07/12/2015 03:58:39 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.
System errors:
=============
Error: (07/14/2015 05:17:39 PM) (Source: DCOM) (EventID: 10016) (User: Marvin-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Marvin-PCBartiS-1-5-21-3462436160-3086328536-2913497107-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/14/2015 05:17:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 14.07.2015 um 17:14:32 unerwartet heruntergefahren.
Error: (07/14/2015 04:11:14 PM) (Source: DCOM) (EventID: 10010) (User: Marvin-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/14/2015 04:10:44 PM) (Source: DCOM) (EventID: 10010) (User: Marvin-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/14/2015 03:45:16 PM) (Source: DCOM) (EventID: 10016) (User: Marvin-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Marvin-PCBartiS-1-5-21-3462436160-3086328536-2913497107-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/14/2015 03:45:16 PM) (Source: DCOM) (EventID: 10016) (User: Marvin-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Marvin-PCBartiS-1-5-21-3462436160-3086328536-2913497107-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/14/2015 03:45:16 PM) (Source: DCOM) (EventID: 10016) (User: Marvin-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Marvin-PCBartiS-1-5-21-3462436160-3086328536-2913497107-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/14/2015 03:45:16 PM) (Source: DCOM) (EventID: 10016) (User: Marvin-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Marvin-PCBartiS-1-5-21-3462436160-3086328536-2913497107-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/14/2015 03:45:16 PM) (Source: DCOM) (EventID: 10016) (User: Marvin-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Marvin-PCBartiS-1-5-21-3462436160-3086328536-2913497107-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (07/14/2015 03:44:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 14.07.2015 um 15:43:20 unerwartet heruntergefahren.
Microsoft Office:
=========================
Error: (07/14/2015 03:25:43 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/14/2015 03:25:22 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/13/2015 10:24:48 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/13/2015 10:24:29 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/13/2015 05:32:43 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/13/2015 05:32:23 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/12/2015 08:00:55 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/12/2015 08:00:36 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/12/2015 03:58:59 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (07/12/2015 03:58:39 PM) (Source: MsiInstaller) (EventID: 11310) (User: Marvin-PC)
Description: Produkt: Akamai NetSession Interface -- Fehler 1310. Fehler beim Schreiben in die Datei: C:\Users\Barti\AppData\Local\Akamai\admintool.exe. Systemfehler 0. Stellen Sie sicher, dass Sie auf das Verzeichnis zugreifen können.(NULL)(NULL)(NULL)(NULL)(NULL)
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 13%
Total physical RAM: 16309.58 MB
Available physical RAM: 14041.27 MB
Total Virtual: 16509.58 MB
Available Virtual: 14030.16 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.47 GB) (Free:133.22 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:1863.01 GB) (Free:1554.31 GB) NTFS ==>[system with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: EE9F8931)
Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: EE9F8939)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of log ============================
GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-07-14 18:10:31
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000034 Samsung_SSD_850_PRO_256GB rev.EXM01B6Q 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\Barti\AppData\Local\Temp\pxryypob.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files\CCleaner\CCleaner64.exe[5760] C:\Windows\system32\USER32.dll!ShowScrollBar 00007ffd59f71150 5 bytes JMP 00007ffdd9fe0018
.text C:\Program Files\CCleaner\CCleaner64.exe[5760] C:\Windows\system32\USER32.dll!SetScrollInfo 00007ffd59f7c770 5 bytes JMP 00007ffdd9f90018
.text C:\Program Files\CCleaner\CCleaner64.exe[5760] C:\Windows\system32\USER32.dll!GetScrollInfo 00007ffd59f866f0 5 bytes JMP 00007ffdd9fa0018
.text C:\Program Files\CCleaner\CCleaner64.exe[5760] C:\Windows\system32\USER32.dll!SetScrollRange 00007ffd59f890c0 5 bytes JMP 00007ffdd9fb0018
.text C:\Program Files\CCleaner\CCleaner64.exe[5760] C:\Windows\system32\USER32.dll!SetScrollPos 00007ffd59fa50d0 5 bytes JMP 00007ffdda020018
.text C:\Program Files\CCleaner\CCleaner64.exe[5760] C:\Windows\system32\USER32.dll!EnableScrollBar 00007ffd59fa7340 5 bytes JMP 00007ffdd9fc0018
.text C:\Program Files\CCleaner\CCleaner64.exe[5760] C:\Windows\system32\USER32.dll!GetScrollPos 00007ffd59fafcc0 5 bytes JMP 00007ffdd9fd0018
.text C:\Program Files\CCleaner\CCleaner64.exe[5760] C:\Windows\system32\USER32.dll!GetScrollRange 00007ffd59ffed20 5 bytes JMP 00007ffdda010018
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [752:852] fffff9600084f2d0
Thread C:\Windows\system32\csrss.exe [752:896] fffff9600084f2d0
Thread C:\Windows\SYSTEM32\ntdll.dll [6900:6904] 000000000029a56e
Thread C:\Windows\SYSTEM32\ntdll.dll [6900:6180] 00000000692ec1f0
Thread C:\Windows\SYSTEM32\ntdll.dll [6900:6176] 000000005ed78bce
Thread C:\Windows\SYSTEM32\ntdll.dll [6900:6500] 0000000073ff3730
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime 0xAC 0x35 0x60 0x35 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime 0xCD 0x5C 0x60 0x35 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime 0x96 0x83 0x94 0x62 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime 0x3F 0x57 0x94 0x62 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@de-DE 337
Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\BNQ7F3D78E01328SL0_21_07DE_17+AOC249016843009_00_07DA_C8^1BEB460D0B7F07EBF075A465938CB7F1@Timestamp 0x97 0x6A 0x53 0x2F ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid 796
Reg HKLM\SYSTEM\CurrentControlSet\Control\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}\{8D38C631-9FA0-4287-881C-AC3CB18A212F}\Connection@Name isatap.fritz.box
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -1253312108
Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID aa1c76c2-b454-42cf-a052-adfeffe
Reg HKLM\SYSTEM\CurrentControlSet\Control\WDI\Config@ServerName \BaseNamedObjects\WDI_{672edd1e-c9b4-4403-a829-51863485b6d9}
Reg HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\RAC_PS@Start 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS@Start 3
Reg HKLM\SYSTEM\CurrentControlSet\Services\BITS
Reg HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{19c1f76e-e3e0-4d08-bce5-a50cf0984319}@LastProbeTime 1436888715
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{8D38C631-9FA0-4287-881C-AC3CB18A212F}@ReusableType 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{8D38C631-9FA0-4287-881C-AC3CB18A212F}@DefunctTimestamp 0x89 0x6C 0x87 0x55 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 8824
Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 977
Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence 339
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{886BCFE1-E444-4148-AB77-F36F1B5959A6}@LeaseObtainedTime 1436881515
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{886BCFE1-E444-4148-AB77-F36F1B5959A6}@T1 1437313515
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{886BCFE1-E444-4148-AB77-F36F1B5959A6}@T2 1437637515
Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{886BCFE1-E444-4148-AB77-F36F1B5959A6}@LeaseTerminatesTime 1437745515
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU@MRUList a
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AA58ED58-01DD-4D91-8333-CF10577473F7}\iexplore@Count 36
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\GWX\Usage@UsageTime 0xB0 0x7E 0x5B 0x0D ...
---- EOF - GMER 2.1 ----
|
|
15.07.2015, 12:21
| #4 |
| /// the machine /// TB-Ausbilder | PC hängt sich nach ein bis zwei Stunden auf und es funktioniert Nichts mehr Keine Malware. Wenn alles stehen bleibt ist der RAM oder die HDD kaputt.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.07.2015, 15:39
| #5 |
| | PC hängt sich nach ein bis zwei Stunden auf und es funktioniert Nichts mehr Danke für die Hilfe aber ich habe jetzt das Arbeitsspeicher diagnose Tool von windows benutzt; Auf extended 99 mal durchlaufen lassen. Es sagt mir, dass alles bestens ist, der PC ist zwischendrinnen auch nicht abgestürzt oder hängen geblieben. Des Weiternen habe ich die Firmware tools von meiner SSD/ HDD benutzt um diese zu überprüfen, auch habe ich HDDscan3-3 benutzt. Und vorher auch alles schön auf Updates geprüft: "Sie besitzen bereits die Aktuelle version" Egal welches Diagnose tool ich benutzte mir wird gesagt, dass mein System einbahnfrei funktioniert. Ich habe das Gefühl, dass etwas mit meiner GraKa nicht stimmt oder es probleme mit meinem SLI gibt. Außerdem wollte ich noch gerne wissen ob es eine Möglichkeit gibt mein Mainboard zu überprüfen. (Ohne alles auszubauen) Danke MfG Marvin |
|
16.07.2015, 07:40
| #6 |
| /// the machine /// TB-Ausbilder | PC hängt sich nach ein bis zwei Stunden auf und es funktioniert Nichts mehr Das Mainboard kannst Du meines Wissens nach nur durch Ausschlussverfahren prüfen, oder in der PC-Werkstatt mit richtigen Testmitteln. Aber dieses Problem ist defintitiv Hardware.
__________________ --> PC hängt sich nach ein bis zwei Stunden auf und es funktioniert Nichts mehr |
|
| Themen zu PC hängt sich nach ein bis zwei Stunden auf und es funktioniert Nichts mehr |
| absturz, computer, einfrieren, eingebaut, firefox, friert, funktionier, funktioniert, gleichzeitig, graka, hängt, laufen, lüfter, maßnahmen, media, neu, neu starten, nichts, pc hängt, problem, programme, schei, schneller, starte, stehe, stunde, stunden, tastatur |
Linear-Darstellung
