![]() |
|
Antiviren-, Firewall- und andere Schutzprogramme: Windows 7, Firewall funktioniert nicht (Error Code 0x8007042c)Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen. |
![]() | #1 |
| ![]() Windows 7, Firewall funktioniert nicht (Error Code 0x8007042c) Guten Abend liebe Community, ich hoffe hier mein "kleines" Problem lösen zu können. Deshalb frage ich einfach mal Experten : Meine Firewall lässt sich nicht über die Systemsteuerung starten, weder noch kann ich den Windows Firewall-Dienst nicht aktivieren. In der Systemsteuerung wird mir vorbehalten, dass meine Firewall nicht die empfohlenen Einstellungen benutzt. Ein Klick auf die Schaltfläche "use recommended settings" erbringt mir nur die Anzeige "Windows Firewall can't change some of your settings. Error code 0x8007042c". Das Starten des Dienstes wird mit "Windows could not start the Windows Firewall service on local Computer" abgebrochen. Ich benutze Windows 7 Ultimate 64 bit Installiert habe ich dies vor einiger Zeit und mein dazu beigelegter Schlüssel hat nicht funktioniert. Ich habe dann einen Ersatzkey für das Aktivieren von Windows zugeschickt bekommen und dieser funktionierte, seitdem die Firewall aber nicht mehr. Ich habe meinen Account (eigentlich) als Administrator eingestellt und so wird er mir auch angezeigt, ich hatte bislang keine Probleme mit irgendwelchen fehlenden Zugriffsrechten. Ein Scan per Avira, Windows Defender und Glary Utilities PRO brachte immer dasselbe Resultat : Keine Viren oder Trojaner gefunden. Auch das FixIt Programm von Microsoft selbst für Malware (MicrosoftFixit.malware.RNP.Run.exe) und WinSecurity (MicrosoftFixit.WinSecurity.RNP.Run.exe) hat nichts erbracht. Es wurde lediglich ein Benutzer Problem gelöst, anstatt die Firewall. Den Scan von FRST lege ich als Anhang bei. FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01 Ran by Sebastian (administrator) on SEBASTIAN-PC (29-09-2015 00:11:13) Running from C:\Users\Sebastian\Desktop Loaded Profiles: Sebastian (Available Profiles: Sebastian) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Akamai Technologies, Inc.) C:\Users\Sebastian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Sebastian\AppData\Local\Akamai\netsession_win.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] explorer.exe, C:\Users\Sebastian\Downloads\Counter Strike Global Offensive skin generator v4.4.exe [ ] () <=== ATTENTION HKLM\...\Policies\Explorer: [HideSCAHealth] 1 HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Sebastian\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-07-21] (Glarysoft Ltd) HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\Policies\Explorer: [HideSCAHealth] 1 HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\MountPoints2: F - F:\Launcher.exe HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\MountPoints2: {09f675f1-6a64-11e4-b973-002522244cea} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\MountPoints2: {300f7dc7-b615-11e4-b578-002522244cea} - E:\iLinker.exe HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\MountPoints2: {322b6ae7-efa6-11e3-a92a-002522244cea} - E:\DLC_setup.exe HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\MountPoints2: {5a5dd440-ccbb-11e4-badf-002522244cea} - F:\Launcher.exe HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\MountPoints2: {5a5dd444-ccbb-11e4-badf-002522244cea} - H:\RunGame.exe HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\MountPoints2: {9b91e911-fed8-11e4-aef9-002522244cea} - E:\pushinst.exe HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\MountPoints2: {a798d358-5b62-11e4-addf-002522244cea} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\Winlogon: [Shell] explorer.exe, C:\Users\Sebastian\Downloads\Counter Strike Global Offensive skin generator v4.4.exe <==== ATTENTION Startup: C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk [2015-09-13] ShortcutTarget: IMVU.lnk -> C:\Users\Sebastian\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe () BootExecute: autocheck autochk * BootDefrag.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{22C59305-49D5-4BA9-8BF1-60AD6F69C9C1}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{28B36D87-CD5F-4CB2-9EA8-226D45F9E653}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{377D1EB0-3BE5-4C9F-8E03-B65FD366FAA4}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{42C326A8-54E1-4730-B551-49A42192B68C}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{74EA7251-30F1-41FE-9A9A-44ED6DD54FF6}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{7E99F149-6098-46F9-BD69-A51C805D9AA5}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{97B3965E-BD65-4CE0-A58C-3526ED05B532}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{C4E114F4-E6FB-4899-8CDD-59F2158204E0}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{ED163E40-2604-49BE-AEE9-A09318B83A39}: [DhcpNameServer] 7.254.254.254 Tcpip\..\Interfaces\{F0E47A82-3989-4501-981C-6A837C3266DA}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.omniboxes.com/web/?type=ds&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF&q={searchTerms} HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.omniboxes.com/?type=hp&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.omniboxes.com/?type=hp&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF&q={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF&q={searchTerms} SearchScopes: HKLM -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF&q={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?type=ds&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF&q={searchTerms} SearchScopes: HKU\.DEFAULT -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} SearchScopes: HKU\S-1-5-21-1798516267-2414223650-3212704099-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.omniboxes.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=395049983_1052514_601AB3BF&ts=1432925535&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1798516267-2414223650-3212704099-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.omniboxes.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=395049983_1052514_601AB3BF&ts=1432925535&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1798516267-2414223650-3212704099-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.omniboxes.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=395049983_1052514_601AB3BF&ts=1432925535&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1798516267-2414223650-3212704099-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.omniboxes.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=395049983_1052514_601AB3BF&ts=1432925535&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1798516267-2414223650-3212704099-1000 -> {637D6E3C-DF93-48A5-8362-159A8AC56B11} URL = hxxp://www.omniboxes.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=395049983_1052514_601AB3BF&ts=1432925535&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1798516267-2414223650-3212704099-1000 -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.omniboxes.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=395049983_1052514_601AB3BF&ts=1432925535&type=default&q={searchTerms} SearchScopes: HKU\S-1-5-21-1798516267-2414223650-3212704099-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.omniboxes.com/web/?utm_source=b&utm_medium=amt&utm_campaign=install_ie&utm_content=ds&from=amt&uid=395049983_1052514_601AB3BF&ts=1432925535&type=default&q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-06-02] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-06-02] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-06-05] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-06-05] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.omniboxes.com/?type=sc&ts=1432925504&z=3a173728f798e7ec80ae6ecgcz2cdo2tco0wcz7m3z&from=amt&uid=395049983_1052514_601AB3BF FireFox: ======== FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\mb8gfr6v.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] () FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-06-02] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-06-05] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-06-05] (Oracle Corporation) FF Plugin-x32: @live.heroesandgenerals.com/npretox -> C:\Program Files (x86)\Heroes & Generals\live\npretox-1.0.6.1\npretoxlive-1.0.6.1.dll [No File] FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [No File] FF Plugin HKU\S-1-5-21-1798516267-2414223650-3212704099-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sebastian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-27] (Unity Technologies ApS) FF Extension: No Name - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\mb8gfr6v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-09] Chrome: ======= CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-02] CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-02] CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-02] CHR Extension: (Adblock Plus) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-04] CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-02] CHR Extension: (Bookmark Manager) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13] CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-02] CHR Extension: (YouTube Unblocker) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-11-27] CHR Extension: (Diablo 3 - Dark) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfnbkjlapbofhmbaeabglnbgjacmmmdj [2014-06-03] CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-02] CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Bookmark Manager) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-29] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-29] CHR Extension: (Google Wallet) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-29] CHR Profile: C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Google Präsentationen) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-29] CHR Extension: (Google Docs) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-29] CHR Extension: (Google Drive) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-29] CHR Extension: (YouTube) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-29] CHR Extension: (Adblock Plus) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-29] CHR Extension: (Google-Suche) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-29] CHR Extension: (Auto-HD für YouTube™) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-06-15] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-29] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-29] CHR Extension: (Google Mail) - C:\Users\Sebastian\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-29] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-09-17] (NVIDIA Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2015-01-18] (Electronic Arts) S3 Realtek11nCU; C:\Program Files (x86)\REALTEK\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [File not signed] S3 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.) R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-08-04] (Microsoft Corporation) [File not signed] S3 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [X] S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin) R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-07-18] (Glarysoft Ltd) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-18] (Disc Soft Ltd) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-08-04] (Glarysoft Ltd) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2014-07-29] (Huawei Technologies Co., Ltd.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation) S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1047144 2015-05-17] (Realtek Semiconductor Corporation ) S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider) R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) S3 usbser; C:\Windows\System32\DRIVERS\USBSER.sys [33280 2014-07-29] (Microsoft Corporation) [File not signed] S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X] S3 mpsdrv; System32\drivers\mpsdrv.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S2 {09BB444F-B2E2-4009-BAF2-7B727681223E}; \??\C:\Program Files (x86)\VMLaunch\BuddyVM.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-29 00:11 - 2015-09-29 00:11 - 00025383 _____ C:\Users\Sebastian\Desktop\FRST.txt 2015-09-29 00:11 - 2015-09-29 00:11 - 00000000 ____D C:\FRST 2015-09-29 00:10 - 2015-09-29 00:03 - 02192384 _____ (Farbar) C:\Users\Sebastian\Desktop\FRST64.exe 2015-09-29 00:03 - 2015-09-29 00:03 - 02192384 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST64.exe 2015-09-28 23:51 - 2015-09-28 23:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\MicrosoftFixit.malware.RNP.Run.exe 2015-09-28 23:49 - 2015-09-28 23:49 - 00000000 _____ C:\Windows\system32\netsh 2015-09-28 23:48 - 2015-09-28 23:48 - 00059200 _____ C:\Users\Sebastian\AppData\Local\GDIPFONTCACHEV1.DAT 2015-09-28 23:47 - 2015-09-28 23:47 - 00347816 _____ (Microsoft Corporation) C:\Users\Sebastian\Downloads\MicrosoftFixit.WinSecurity.RNP.Run.exe 2015-09-28 23:18 - 2015-09-28 23:19 - 00000000 ____D C:\Users\Sebastian\Desktop\Textdokumente 2015-09-28 23:17 - 2015-09-28 23:37 - 00000000 ____D C:\Users\Sebastian\Desktop\Wichtige Programme 2015-09-28 23:17 - 2015-09-28 23:20 - 00000000 ____D C:\Users\Sebastian\Desktop\Spiele 2015-09-28 23:17 - 2015-09-28 23:20 - 00000000 ____D C:\Users\Sebastian\Desktop\Anderes Zeug 2015-09-20 17:23 - 2015-09-20 17:23 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-09-18 18:31 - 2015-09-21 19:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-09-28 23:59 - 2014-06-02 17:09 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-28 23:41 - 2015-01-20 16:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-09-28 23:37 - 2014-08-04 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2015-09-28 23:37 - 2014-08-04 02:06 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5 2015-09-28 23:24 - 2014-06-02 13:18 - 00000000 ____D C:\Users\Sebastian 2015-09-28 23:22 - 2014-06-09 09:37 - 00000000 ____D C:\Users\Sebastian\Documents\My Games 2015-09-28 23:22 - 2014-06-03 17:57 - 00000000 ___RD C:\Users\Sebastian\Desktop\Bilder 2015-09-28 23:21 - 2015-01-04 04:52 - 00000000 ____D C:\Users\Sebastian\Desktop\Musik 2015-09-28 23:14 - 2014-06-02 17:55 - 00000000 ____D C:\Program Files (x86)\Steam 2015-09-28 21:40 - 2014-06-02 17:11 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Skype 2015-09-28 18:36 - 2014-06-02 17:27 - 00000000 ____D C:\Users\Sebastian\AppData\Local\LogMeIn Hamachi 2015-09-28 17:44 - 2009-07-14 06:45 - 00036144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-09-28 17:44 - 2009-07-14 06:45 - 00036144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-09-28 17:40 - 2014-06-03 01:41 - 01167894 _____ C:\Windows\WindowsUpdate.log 2015-09-28 17:40 - 2009-07-14 07:13 - 00781914 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-28 17:36 - 2015-03-23 02:11 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\IMVU 2015-09-28 17:35 - 2014-08-04 02:06 - 00000340 _____ C:\Windows\Tasks\GlaryInitialize 5.job 2015-09-28 17:33 - 2014-06-02 17:09 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-28 17:33 - 2014-06-02 17:00 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-28 17:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-09-28 02:36 - 2014-12-06 16:13 - 00000000 ____D C:\Users\Sebastian\AppData\Local\ftblauncher 2015-09-27 17:53 - 2014-06-03 16:36 - 00000000 ____D C:\Program Files (x86)\osu! 2015-09-27 13:33 - 2014-08-04 23:14 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\TS3Client 2015-09-23 20:02 - 2015-06-30 01:34 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Akamai 2015-09-23 15:59 - 2014-06-09 16:13 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\.minecraft 2015-09-22 18:29 - 2014-06-06 13:17 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Battle.net 2015-09-22 15:41 - 2015-01-20 16:38 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-09-22 15:41 - 2015-01-20 16:38 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-09-22 15:41 - 2014-06-12 01:23 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-09-22 14:51 - 2014-09-20 06:44 - 00000000 ____D C:\Program Files (x86)\Diablo III 2015-09-22 14:50 - 2014-06-06 13:16 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-09-22 14:46 - 2015-07-09 06:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-09-20 17:23 - 2015-02-20 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-09-20 17:23 - 2014-11-23 20:28 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\uTorrent 2015-09-20 00:49 - 2015-02-20 20:57 - 00000000 ____D C:\Program Files (x86)\Minecraft 2015-09-13 17:06 - 2015-03-23 02:10 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\IMVUClient 2015-09-13 04:03 - 2014-06-06 13:17 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Battle.net 2015-09-12 22:19 - 2014-06-02 17:09 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Google 2015-09-03 12:22 - 2014-12-06 16:13 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\ftblauncher 2015-08-31 15:37 - 2015-05-17 17:14 - 00000366 _____ C:\Windows\Tasks\DriverToolkit Autorun.job 2015-08-31 01:07 - 2015-05-17 17:14 - 00002740 _____ C:\Windows\System32\Tasks\DriverToolkit Autorun 2015-08-31 01:01 - 2014-09-06 15:17 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\DAEMON Tools Lite ==================== Files in the root of some directories ======= 2015-03-15 21:16 - 2015-03-15 21:16 - 0000000 ___SH () C:\Users\Sebastian\AppData\Local\LumaEmu Some files in TEMP: ==================== C:\Users\Sebastian\AppData\Local\Temp\gusetup0.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe [2010-11-21 05:24] - [2010-11-21 05:24] - 4773888 ____A (Microsoft Corporation) FD52F5EA481E3CF5D763E80A86F3A2E5 C:\Windows\SysWOW64\explorer.exe [2010-11-21 05:24] - [2010-11-21 05:24] - 4517888 ____A (Microsoft Corporation) 6ECDEE497748D04851DE0D7631343446 C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-09-22 23:41 ==================== End of FRST.txt ============================ --- --- --- Addition.txt [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01 Ran by Sebastian (2015-09-29 00:12:02) Running from C:\Users\Sebastian\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2014-06-02 11:18:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1798516267-2414223650-3212704099-500 - Administrator - Disabled) Guest (S-1-5-21-1798516267-2414223650-3212704099-501 - Limited - Disabled) Sebastian (S-1-5-21-1798516267-2414223650-3212704099-1000 - Administrator - Enabled) => C:\Users\Sebastian ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\uTorrent) (Version: 3.4.5.41073 - BitTorrent Inc.) Ace of Spades (HKLM-x32\...\Steam App 224540) (Version: - Jagex Limited) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated) Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden Akamai NetSession Interface (HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\Akamai) (Version: - Akamai Technologies, Inc) APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions) Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts) CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Echo of Soul (HKLM-x32\...\Steam App 290140) (Version: - Nvius) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) Glary Utilities 5.4 (HKLM-x32\...\Glary Utilities 5) (Version: 5.4.0.11 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.89 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) IMVU Avatar Chat Software (HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\IMVU Avatar chat client software BETA) (Version: - ) Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.186 - Logitech Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden Magic 2015 Demo (HKLM-x32\...\Steam App 255440) (Version: - Stainless Games) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla) NEKOPARA Vol. 1 Demo (HKLM-x32\...\Steam App 334660) (Version: - NEKO WORKs) NEKOPARA vol.1 (HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\{64DC04AF-BD7C-4CF4-9CA4-938953224328}) (Version: - NEKO WORKs) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team) NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.) osu! (HKLM-x32\...\{5415a005-4f91-4436-9ae1-13db6955a13f}) (Version: latest - ppy Pty Ltd) PlanetSide 2 (HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment) QuickTime (HKLM-x32\...\QuickTime) (Version: - ) Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.) REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4A0C-A916-1D12314F45EB}) (Version: 1.00.0184.1 - REALTEK Semiconductor Corp.) RPG Maker VX Ace (HKLM-x32\...\{835D562C-B72C-461D-A9C3-B8206B66E85A}) (Version: 1.01 - RPG MAKER) Sacred Underworld (HKLM-x32\...\Sacred Underworld_is1) (Version: - Ascaron Entertainment GmbH) SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) tAPI version 1.2.4.1 r14a (HKLM-x32\...\{6D47E78A-A9FE-41B8-A5C6-8A6A04FB8F71}_is1) (Version: 1.2.4.1 r14a - tAPI Development Team) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl) Time Clickers (HKLM-x32\...\Steam App 385770) (Version: - Proton Studio Inc) TP-LINK TL-WN727N Driver (HKLM-x32\...\{E796AA87-FE52-49A8-AD93-0236A9F87632}) (Version: 1.2.1 - TP-LINK) Unity Web Player (HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 18-09-2015 17:32:47 Windows Update 22-09-2015 15:00:02 Windows Update 25-09-2015 19:24:35 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-22 09:18 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {194826E4-0EC4-4230-B40D-66E1A4920BD1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - System32\Tasks\Microsoft\Windows\WindowsBackup\ConfigNotification => C:\Windows\System32\sdclt.exe Task: {68A78A2B-08DC-477E-95CE-81259277CDE0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe Task: {A3A53087-B8D5-4E92-9456-2D61A38710E2} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-07-21] (Glarysoft Ltd) Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe Task: {C8ACEA93-ED2D-4876-BB89-A8651F5E5789} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe Task: {CE239D31-64A1-4530-8C64-4EED4CE9634E} - System32\Tasks\AmiUpdXp => C:\Users\Sebastian\AppData\Local\28342\a23207.exe <==== ATTENTION Task: {D06E6894-CCC0-4D71-924D-481EF208E1D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {E495149C-3445-435B-B1AB-BBEA392FEA73} - System32\Tasks\{7B02836B-1F9B-4042-BA33-760343F39CA7} => Chrome.exe hxxp://ui.skype.com/ui/0/7.3.0.101/en/abandoninstall?page=tsMain Task: {E91F2FD0-A7B5-43AD-9D13-9BB400D34BE1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Sebastian\AppData\Local\28342\a23207.exe <==== ATTENTION Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-06-02 17:00 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-07-22 00:00 - 2015-07-14 07:55 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.89\libglesv2.dll 2015-07-22 00:00 - 2015-07-14 07:55 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.89\libegl.dll 2014-06-02 17:59 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-01-20 22:35 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-01-20 22:35 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-01-20 22:35 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-06-02 17:59 - 2015-08-19 22:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll 2014-08-30 17:00 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-30 17:00 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-30 17:00 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-30 17:00 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2014-08-30 17:00 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2014-06-02 17:59 - 2015-08-19 22:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-07-22 03:15 - 2015-07-27 03:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2014-06-02 17:59 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2014-07-21 05:01 - 2014-07-21 05:01 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1798516267-2414223650-3212704099-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1) mpsdrv Firewall Service is not running. MpsSvc Firewall Service is not running. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent MSCONFIG\startupreg: AVMWlanClient => C:\Program Files (x86)\avmwlanstick\FRITZWLANMini.exe MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{48DF6BCC-686F-4D38-B5F0-5277108FB29C}] => (Allow) LPort=80 FirewallRules: [{FD69E350-B9D1-4C26-B378-579DF3F772AD}] => (Allow) LPort=80 FirewallRules: [{8275D868-492E-4B66-945C-56E59DC84702}] => (Allow) LPort=80 ==================== Faulty Device Manager Devices ============= Name: Microsoft PS/2 Mouse Description: Microsoft PS/2 Mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Standard PS/2 Keyboard Description: Standard PS/2 Keyboard Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard keyboards) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (09/28/2015 05:34:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/27/2015 11:44:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/26/2015 05:12:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/25/2015 07:47:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvBackend.exe, version: 16.13.42.0, time stamp: 0x5418ec0a Faulting module name: NvBackend.exe, version: 16.13.42.0, time stamp: 0x5418ec0a Exception code: 0xc0000005 Fault offset: 0x0007b023 Faulting process id: 0x518 Faulting application start time: 0xNvBackend.exe0 Faulting application path: NvBackend.exe1 Faulting module path: NvBackend.exe2 Report Id: NvBackend.exe3 Error: (09/24/2015 07:12:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/24/2015 02:05:42 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/24/2015 12:47:49 AM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe Error: (09/23/2015 10:52:41 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Steam.exe version 2.92.69.85 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 92c Start Time: 01d0f641bf011b29 Termination Time: 0 Application Path: C:\Program Files (x86)\Steam\Steam.exe Report Id: 05b8b262-6235-11e5-87b7-002522244cea Error: (09/23/2015 10:52:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/23/2015 08:27:23 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe System errors: ============= Error: (09/29/2015 12:10:17 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: %%2 Error: (09/29/2015 12:10:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Firewall Authorization Driver service failed to start due to the following error: %%2 Error: (09/29/2015 12:10:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: %%2 Error: (09/29/2015 12:10:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Firewall Authorization Driver service failed to start due to the following error: %%2 Error: (09/29/2015 12:09:57 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: %%2 Error: (09/29/2015 12:09:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Firewall Authorization Driver service failed to start due to the following error: %%2 Error: (09/29/2015 12:09:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: %%2 Error: (09/29/2015 12:09:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Firewall Authorization Driver service failed to start due to the following error: %%2 Error: (09/29/2015 12:09:12 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: %%2 Error: (09/29/2015 12:09:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Firewall Authorization Driver service failed to start due to the following error: %%2 CodeIntegrity: =================================== Date: 2015-09-28 17:36:29.579 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-28 17:36:29.547 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-27 11:45:53.750 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-27 11:45:53.719 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-26 17:13:28.000 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-26 17:13:27.969 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-24 19:13:31.704 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-24 19:13:31.672 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-24 14:05:55.281 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-09-24 14:05:55.171 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\VMLaunch\BuddyVM.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: AMD Athlon(tm) II X2 250 Processor Percentage of memory in use: 55% Total physical RAM: 4095.3 MB Available physical RAM: 1817.12 MB Total Virtual: 64093.48 MB Available Virtual: 61684.64 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:596.07 GB) (Free:176.9 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 7603C0BB) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================ --- --- --- Ich hoffe ihr könnt mir weiterhelfen. Mit freundlichen Grüßen, xaont Geändert von xaont (28.09.2015 um 23:25 Uhr) |