| sativa86 | 29.10.2014 09:13 |
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-28 22:30:23
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000064 ATA_____ rev.1B6Q 238,47GB
Running: Gmer-19357.exe; Driver: C:\Users\9Tower1\AppData\Local\Temp\ufdiyfob.sys
---- Kernel code sections - GMER 2.1 ----
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002daf000 45 bytes [00, 00, 16, 02, 4E, 74, 66, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575 fffff80002daf02f 10 bytes [00, 01, 00, 06, 00, 00, 00, ...]
.text C:\Windows\System32\win32k.sys!W32pServiceTable fffff96000104200 7 bytes [00, A2, F3, FF, 01, B6, F0]
.text C:\Windows\System32\win32k.sys!W32pServiceTable + 8 fffff96000104208 3 bytes [C0, 06, 02]
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075b51465 2 bytes [B5, 75]
.text C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe[1920] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075b514bb 2 bytes [B5, 75]
.text ... * 2
.text C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 00000000726d1a22 2 bytes [6D, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 00000000726d1ad0 2 bytes [6D, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 00000000726d1b08 2 bytes [6D, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 00000000726d1bba 2 bytes [6D, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 00000000726d1bda 2 bytes [6D, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075b51465 2 bytes [B5, 75]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1048] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075b514bb 2 bytes [B5, 75]
.text ... * 2
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1664] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075b51465 2 bytes [B5, 75]
.text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[1664] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000075b514bb 2 bytes [B5, 75]
.text ... * 2
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[3324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075b51465 2 bytes [B5, 75]
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[3324] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075b514bb 2 bytes [B5, 75]
.text ... * 2
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\syswow64\ole32.dll!CoCreateInstance 0000000077839d0b 5 bytes JMP 000000011000a4d0
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\syswow64\ole32.dll!CoCreateInstanceEx 0000000077839d4e 5 bytes JMP 000000011000a630
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutOpen 000000007241451e 5 bytes JMP 000000011000ab40
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutClose 0000000072414b6d 5 bytes JMP 000000011000abb0
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutUnprepareHeader 0000000072414bf2 5 bytes JMP 000000011000ac90
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutPrepareHeader 0000000072414f0f 5 bytes JMP 000000011000ac50
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutWrite 0000000072414f7b 5 bytes JMP 000000011000ac10
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInOpen 0000000072419054 5 bytes JMP 000000011000ad10
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutReset 000000007241adf9 5 bytes JMP 000000011000abe0
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutGetVolume 00000000724352e8 5 bytes JMP 000000011000acd0
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveOutSetVolume 000000007243535f 5 bytes JMP 000000011000acf0
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInClose 00000000724359cc 5 bytes JMP 000000011000ae40
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInPrepareHeader 0000000072435a6a 5 bytes JMP 000000011000aec0
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInUnprepareHeader 0000000072435ad7 5 bytes JMP 000000011000af00
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInAddBuffer 0000000072435b5b 5 bytes JMP 000000011000af40
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInStart 0000000072435bba 5 bytes JMP 000000011000af80
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInStop 0000000072435bee 5 bytes JMP 000000011000b000
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInReset 0000000072435c22 5 bytes JMP 000000011000b060
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\WINMM.dll!waveInGetPosition 0000000072435c67 5 bytes JMP 000000011000b0d0
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\DSOUND.dll!DirectSoundCreate 0000000074ae7e3d 5 bytes JMP 000000011000a690
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\DSOUND.dll!DirectSoundCreate8 0000000074b1de69 5 bytes JMP 000000011000a770
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\DSOUND.dll!DirectSoundCaptureCreate 0000000074b2d2c5 5 bytes JMP 000000011000a8a0
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\DSOUND.dll!DirectSoundCaptureCreate8 0000000074b2d371 5 bytes JMP 000000011000a990
.text C:\Windows\SysWOW64\HsMgr.exe[3404] C:\Windows\SysWOW64\DSOUND.dll!DirectSoundFullDuplexCreate 0000000074b2d429 5 bytes JMP 000000011000aa80
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutClose 000007fefb2d36ac 5 bytes JMP 000007fefecb01f0
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutUnprepareHeader 000007fefb2d3770 5 bytes JMP 000007fefecb0298
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutOpen 000007fefb2d38d0 5 bytes JMP 000007fefecb01b8
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutPrepareHeader 000007fefb2d3ca4 5 bytes JMP 000007fefecb0260
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutWrite 000007fefb2d3d40 5 bytes JMP 000007fefecb0228
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInOpen 000007fefb2d7fe0 7 bytes JMP 000007fefecb0378
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutReset 000007fefb2da38c 5 bytes JMP 000007fefecb02d0
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutGetVolume 000007fefb2f49f0 5 bytes JMP 000007fefecb0308
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveOutSetVolume 000007fefb2f4ab0 5 bytes JMP 000007fefecb0340
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInClose 000007fefb2f52e0 5 bytes JMP 000007fefecb03b0
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInPrepareHeader 000007fefb2f53c0 5 bytes JMP 000007fefecb0490
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInUnprepareHeader 000007fefb2f5454 5 bytes JMP 000007fefecb04c8
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInAddBuffer 000007fefb2f5514 5 bytes JMP 000007fefecb0500
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInStart 000007fefb2f55a4 6 bytes JMP 000007fefecb03e8
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInStop 000007fefb2f55e4 6 bytes JMP 000007fefecb0420
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInReset 000007fefb2f5624 5 bytes JMP 000007fefecb0458
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\WINMM.dll!waveInGetPosition 000007fefb2f567c 5 bytes JMP 000007fefecb0538
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\DSOUND.dll!DirectSoundCreate8 000007feee286944 7 bytes JMP 000007fefecb0180
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\DSOUND.dll!DirectSoundCreate 000007feee2a5a84 7 bytes JMP 000007fefecb0148
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\DSOUND.dll!DirectSoundCaptureCreate 000007feee2a5b90 7 bytes JMP 000007fefecb0570
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\DSOUND.dll!DirectSoundCaptureCreate8 000007feee2a5c94 7 bytes JMP 000007fefecb05a8
.text C:\Windows\system\HsMgr64.exe[3412] C:\Windows\system32\DSOUND.dll!DirectSoundFullDuplexCreate 000007feee2a5da8 5 bytes JMP 000007fefecb05e0
---- EOF - GMER 2.1 ----
[CODE]FRST
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014 01
Ran by 9Tower1 (administrator) on 9TOWER1-PC on 28-10-2014 21:58:41
Running from C:\Users\9Tower1\Downloads
Loaded Profile: 9Tower1 (Available profiles: 9Tower1)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files\aquasuite\AquaComputerService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(CMedia) C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\AsusAudioCenter.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files\aquasuite\aquasuite.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\23.0.1522.77\opera.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-222504254-3214578368-1453069917-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410893491&from=smt&uid=CorsairXForceXGT_11436508000010731432&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410893491&from=smt&uid=CorsairXForceXGT_11436508000010731432&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
Chrome:
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.5.671\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll ()
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
CHR Profile: C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-05]
CHR Extension: (YouTube) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-10]
CHR Extension: (Google-Suche) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-10]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-08-10]
CHR Extension: (ZenMate) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-10-17]
CHR Extension: (AdBlock) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-10]
CHR Extension: (Stealthy) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2014-10-17]
CHR Extension: (Google Wallet) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-10]
CHR Extension: (Google Mail) - C:\Users\9Tower1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-10]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Aqua Computer Service; C:\Program Files\aquasuite\AquaComputerService.exe [559776 2014-06-19] (Aqua Computer GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-22] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 892cc6a3; "C:\Windows\system32\rundll32.exe" "c:\progra~3\perfor~1\PerformanceOptimizerSvc.dll",service
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-07-10] (BitDefender LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-13] ()
S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x64.sys [X]
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 GPU-Z; \??\C:\Users\9Tower1\AppData\Local\Temp\GPU-Z.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-28 21:58 - 2014-10-28 21:58 - 02113024 _____ (Farbar) C:\Users\9Tower1\Downloads\FRST64.exe
2014-10-28 21:58 - 2014-10-28 21:58 - 00014912 _____ () C:\Users\9Tower1\Downloads\FRST.txt
2014-10-28 21:58 - 2014-10-28 21:58 - 00000000 ____D () C:\FRST
2014-10-28 21:57 - 2014-10-28 21:57 - 00000476 _____ () C:\Users\9Tower1\Downloads\defogger_disable.log
2014-10-28 21:57 - 2014-10-28 21:57 - 00000000 _____ () C:\Users\9Tower1\defogger_reenable
2014-10-28 21:56 - 2014-10-28 21:56 - 00050477 _____ () C:\Users\9Tower1\Downloads\Defogger.exe
2014-10-28 21:55 - 2014-10-28 21:55 - 00000088 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (7).txt
2014-10-28 18:08 - 2014-10-28 18:08 - 00000221 _____ () C:\Users\9Tower1\Desktop\Damnation.url
2014-10-27 19:40 - 2014-10-27 19:40 - 00000221 _____ () C:\Users\9Tower1\Desktop\Overlord II.url
2014-10-27 19:39 - 2014-10-28 18:09 - 00000221 _____ () C:\Users\9Tower1\Desktop\Clive Barker's Jericho.url
2014-10-27 17:38 - 2014-10-27 17:38 - 00000110 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (6).txt
2014-10-26 22:19 - 2014-10-26 23:36 - 00000192 _____ () C:\Users\9Tower1\Desktop\wunschliste.txt
2014-10-26 12:11 - 2014-10-28 17:33 - 00000168 _____ () C:\Windows\setupact.log
2014-10-26 12:11 - 2014-10-26 12:11 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-25 19:10 - 2014-10-25 19:10 - 00008778 _____ () C:\Users\9Tower1\Desktop\cc_20141025_201000.reg
2014-10-25 11:47 - 2014-10-28 20:50 - 00082744 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 16:56 - 2014-10-26 16:37 - 00000594 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (5).txt
2014-10-22 20:22 - 2014-10-22 20:42 - 00000000 ____D () C:\Users\9Tower1\Desktop\music handy
2014-10-22 14:20 - 2014-10-22 14:20 - 00000221 _____ () C:\Users\9Tower1\Desktop\Mirror's Edge.url
2014-10-21 22:34 - 2014-10-28 01:10 - 00000346 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (4).txt
2014-10-20 20:32 - 2014-10-20 22:26 - 00000024 _____ () C:\Users\9Tower1\Desktop\jelly joker.txt
2014-10-20 12:11 - 2014-10-26 17:29 - 00000442 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (3).txt
2014-10-19 23:24 - 2014-10-19 23:25 - 17981827 _____ () C:\Users\9Tower1\Downloads\Louis Vuitton \ Trentemoller feat Ane Trolle - Moan (1).mp4
2014-10-19 23:24 - 2014-10-19 23:24 - 03913920 _____ (New Monte Inc) C:\Users\9Tower1\Downloads\Louis_Vuitton__downloader.exe
2014-10-19 23:24 - 2014-10-19 23:24 - 03708664 _____ (hxxp://yourfile-downloader.com) C:\Users\9Tower1\Downloads\Louis_Vuitton__downloader (1).exe
2014-10-19 23:23 - 2014-10-19 23:25 - 02309857 _____ () C:\Users\9Tower1\Downloads\Louis Vuitton \ Trentemoller feat Ane Trolle - Moan.mp4.opdownload
2014-10-19 23:22 - 2014-10-19 23:22 - 19042629 _____ () C:\Users\9Tower1\Downloads\Trentemøller%20feat.%20Ane%20Trolle%20-%20Moan%20(fan%20made%20video%20clip)-SD.mp4
2014-10-18 11:25 - 2014-10-22 21:00 - 00001079 _____ () C:\Users\9Tower1\Desktop\ts.txt
2014-10-18 11:25 - 2014-10-22 21:00 - 00000000 ____D () C:\Users\9Tower1\Desktop\Neuer Ordner (3)
2014-10-18 02:30 - 2014-10-18 02:30 - 00000000 ____D () C:\Users\9Tower1\Downloads\Wise Care 365
2014-10-18 01:57 - 2014-10-18 02:15 - 13408020 _____ (WiseCleaner.com) C:\Users\9Tower1\Downloads\Wise Care 365 Pro v2.17 (portable).exe
2014-10-17 07:48 - 2014-10-17 07:48 - 00000222 _____ () C:\Users\9Tower1\Desktop\PAYDAY 2.url
2014-10-15 09:55 - 2014-10-15 09:55 - 00085151 _____ () C:\Users\9Tower1\Desktop\1223.xps
2014-10-14 09:59 - 2014-10-14 09:59 - 00000221 _____ () C:\Users\9Tower1\Desktop\Alice Madness Returns.url
2014-10-14 09:22 - 2014-10-14 09:22 - 00052497 _____ () C:\Windows\Cmicnfgp.ini.cfl
2014-10-14 09:22 - 2014-10-14 09:22 - 00000985 _____ () C:\Windows\Cmicnfgp.ini.imi
2014-10-14 09:22 - 2014-10-14 09:22 - 00000924 _____ () C:\Windows\system\Cmicnfgp.ini
2014-10-14 09:22 - 2014-10-14 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Xonar Essence STX Audio
2014-10-14 09:22 - 2013-03-28 10:23 - 00004986 ____N () C:\Windows\Cmicnfgp.ini.cfg
2014-10-14 09:22 - 2013-03-21 09:11 - 00827904 ____N () C:\Windows\system32\Cmeauoxy.exe
2014-10-14 09:22 - 2012-11-20 10:24 - 12935168 ____N (C-Media Corporation) C:\Windows\SysWOW64\CmiCnfgp.dll
2014-10-14 09:22 - 2012-09-28 14:45 - 00465408 ____N (C-Media Electronics Inc.) C:\Windows\system32\cmasiopx.dll
2014-10-14 09:22 - 2012-09-28 14:45 - 00303104 ____N (C-Media Electronics Inc.) C:\Windows\SysWOW64\cmasiop.dll
2014-10-14 09:22 - 2012-06-06 08:56 - 00143360 ____N () C:\Windows\SysWOW64\VmixP8.dll
2014-10-14 09:22 - 2012-06-04 13:15 - 04533760 ____N () C:\Windows\system32\CmiCnfgp.cpl
2014-10-14 09:22 - 2010-09-28 16:35 - 00000491 ____N () C:\Windows\cmudaxp.ini
2014-10-14 09:22 - 2010-06-25 11:25 - 00000061 ____N () C:\Windows\system32\cmasiopx.ini
2014-10-14 09:22 - 2010-06-25 11:25 - 00000057 ____N () C:\Windows\SysWOW64\cmasiop.ini
2014-10-14 09:22 - 2007-12-13 16:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\SysWOW64\Cm_Oal.dll
2014-10-14 09:22 - 2007-12-13 16:12 - 00122880 ____N (CMedia Electronics Inc.) C:\Windows\system32\Cm_Oal.dll
2014-10-14 09:22 - 2007-11-05 00:30 - 01144983 ____N () C:\Windows\KB936225x64.msu
2014-10-14 09:22 - 2006-09-13 09:21 - 00200704 ____N (C-Media) C:\Windows\SysWOW64\Cmpaoxy.dll
2014-10-13 23:30 - 2014-10-13 23:30 - 15217928 _____ (FinalWire Ltd. ) C:\Users\9Tower1\Downloads\aida64extreme470.exe
2014-10-13 16:55 - 2014-10-13 16:55 - 11095114 _____ () C:\Users\9Tower1\Downloads\PCI_STX_7_12_8_1794_W7 (1).rar
2014-10-13 16:55 - 2014-10-13 16:55 - 00000000 ____D () C:\Users\9Tower1\Downloads\PCI-STX-110512-7.12.8.1794(W7-FR)
2014-10-13 16:53 - 2014-10-13 16:54 - 11095114 _____ () C:\Users\9Tower1\Downloads\PCI_STX_7_12_8_1794_W7.rar
2014-10-13 16:50 - 2014-10-13 16:50 - 25923908 _____ () C:\Users\9Tower1\Downloads\M.O.P.-Cold is ice-SD.mp4
2014-10-13 13:22 - 2014-10-13 13:23 - 00039100 _____ () C:\Users\9Tower1\Desktop\cc_20141013_142250.reg
2014-10-08 21:20 - 2014-10-08 21:20 - 00000000 ____D () C:\Users\9Tower1\Downloads\STX-1.06(W7-QR)
2014-10-08 21:20 - 2013-04-11 18:21 - 02734080 _____ (C-Media Inc) C:\Windows\system32\Drivers\cmudaxp.sys
2014-10-08 21:20 - 2013-04-11 18:21 - 00315392 _____ (C-Media Electronics Inc.) C:\Windows\system\CmiFltr.dll
2014-10-08 21:20 - 2013-04-11 18:21 - 00032768 _____ (C-Media Electronics Inc.) C:\Windows\system32\cmudaxp.dll
2014-10-08 21:16 - 2014-10-08 21:16 - 11797337 _____ () C:\Users\9Tower1\Downloads\PCI_STX_7_0_8_1821_Win7.rar
2014-10-08 17:42 - 2014-10-08 21:18 - 00000000 ____D () C:\ProgramData\Xfire
2014-10-08 17:42 - 2014-10-08 20:17 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\Xfire
2014-10-08 17:33 - 2014-10-13 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-10-08 17:33 - 2014-10-13 13:13 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-10-07 18:31 - 2014-10-07 18:31 - 16336696 _____ (Xfire, Inc. ) C:\Users\9Tower1\Downloads\xfire_installer_244_b761.exe
2014-10-07 18:31 - 2014-10-07 18:31 - 16336696 _____ (Xfire, Inc. ) C:\Users\9Tower1\Downloads\xfire_installer_244_b761 (1).exe
2014-10-06 04:14 - 2014-10-26 16:03 - 00000617 _____ () C:\Users\9Tower1\Desktop\Neues Textdokument (2).txt
2014-10-05 10:31 - 2014-10-28 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-05 10:31 - 2014-10-13 13:13 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-10-05 10:31 - 2014-10-08 17:33 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-10-05 10:31 - 2014-10-05 10:31 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-05 10:31 - 2014-10-05 10:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-05 10:31 - 2014-10-05 10:31 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-05 10:31 - 2014-10-05 10:31 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-05 10:31 - 2014-10-05 10:31 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-05 10:31 - 2014-10-05 10:31 - 00000000 ____D () C:\Users\9Tower1\AppData\Local\Adobe
2014-10-05 10:31 - 2014-10-05 10:31 - 00000000 ____D () C:\ProgramData\McAfee
2014-10-05 10:22 - 2014-10-05 10:22 - 00003700 _____ () C:\Users\9Tower1\Desktop\Nmc_2014-10-05_11-22-01.log
2014-10-05 10:11 - 2014-10-05 10:11 - 353630168 _____ (Norman Shark AS) C:\Users\9Tower1\Downloads\Norman_Malware_Cleaner (1).exe
2014-10-05 10:08 - 2014-10-05 10:08 - 00895120 _____ (Google Inc.) C:\Users\9Tower1\Downloads\ChromeSetup.exe
2014-10-04 06:14 - 2014-10-13 13:13 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\Winamp
2014-10-04 06:14 - 2014-10-04 06:14 - 00000979 _____ () C:\Users\Public\Desktop\Winamp.lnk
2014-10-04 06:14 - 2014-10-04 06:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2014-10-04 06:14 - 2014-10-04 06:14 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-10-04 06:13 - 2014-10-04 06:13 - 17163336 _____ (Nullsoft, Inc.) C:\Users\9Tower1\Downloads\winamp5666_full_all.exe
2014-10-04 06:12 - 2014-10-04 06:12 - 00765768 _____ ( ) C:\Users\9Tower1\Downloads\winamp5666_full_all_inst.exe
2014-10-03 15:38 - 2014-10-03 15:39 - 00003462 _____ () C:\Users\9Tower1\Desktop\Nmc_2014-10-03_16-38-50.log
2014-10-02 19:29 - 2014-10-02 19:29 - 00000222 _____ () C:\Users\9Tower1\Desktop\Hammerwatch.url
2014-09-29 18:49 - 2014-09-29 18:50 - 00003702 _____ () C:\Users\9Tower1\Desktop\Nmc_2014-09-29_19-49-34.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-28 21:57 - 2014-08-10 11:35 - 00000000 ____D () C:\Users\9Tower1
2014-10-28 21:12 - 2014-08-10 12:07 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-28 17:56 - 2014-08-10 12:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-28 17:40 - 2009-07-14 18:58 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-10-28 17:40 - 2009-07-14 18:58 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-10-28 17:40 - 2009-07-14 06:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-28 17:39 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-28 17:39 - 2009-07-14 05:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 17:34 - 2014-09-16 21:10 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-28 17:34 - 2014-08-10 12:07 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-28 17:33 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-28 17:33 - 2009-07-14 05:45 - 00274016 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-27 23:20 - 2014-08-10 13:05 - 00000000 ____D () C:\Users\9Tower1\AppData\Local\Warframe
2014-10-27 22:19 - 2014-08-10 13:02 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\TS3Client
2014-10-25 14:21 - 2014-08-13 19:05 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\Youtube Downloader HD
2014-10-23 21:41 - 2014-08-10 14:19 - 00001276 _____ () C:\Users\9Tower1\Desktop\CoreTemp.ini
2014-10-23 17:27 - 2014-08-16 11:06 - 00000000 ____D () C:\Users\9Tower1\AppData\Local\CrashDumps
2014-10-22 20:42 - 2014-08-17 22:24 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\vlc
2014-10-19 22:32 - 2014-09-25 16:33 - 00000000 ____D () C:\Windows\Minidump
2014-10-18 06:45 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-10-18 02:32 - 2014-08-10 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aquasuite
2014-10-16 22:56 - 2014-08-10 12:04 - 00000000 ____D () C:\ProgramData\aquasuite-data
2014-10-14 11:01 - 2014-08-22 17:31 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\OBS
2014-10-14 10:01 - 2014-08-22 17:31 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-10-14 09:22 - 2014-08-10 12:11 - 00000142 _____ () C:\Windows\system\Dlap.pfx
2014-10-14 09:22 - 2014-08-10 12:11 - 00000000 ____D () C:\Program Files\ASUS Xonar Essence STX Audio
2014-10-14 09:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2014-10-14 09:21 - 2014-08-10 12:12 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\ASUS
2014-10-13 13:13 - 2014-08-10 12:12 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-10-13 13:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-13 13:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-08 21:18 - 2014-09-16 20:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-08 19:50 - 2014-08-10 11:47 - 00060320 _____ () C:\Users\9Tower1\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-06 17:51 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-05 10:08 - 2014-08-10 12:07 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-03 18:40 - 2014-09-21 17:45 - 00000000 ____D () C:\Users\9Tower1\AppData\Roaming\Bitcoin
2014-10-02 19:30 - 2014-08-10 12:12 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-10-02 19:30 - 2014-08-10 12:12 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-10-02 19:30 - 2014-08-10 12:12 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-10-02 19:30 - 2014-08-10 12:12 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-09-28 10:27 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 00:32
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- --- Code:
Addition - Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-10-2014 01
Ran by 9Tower1 at 2014-10-28 21:59:04
Running from C:\Users\9Tower1\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ad-Aware Antivirus (HKLM\...\{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version: - Spicy Horse Games)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASUS Xonar Essence STX Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bitcoin Core (32-bit) (HKCU\...\Bitcoin Core (32-bit)) (Version: 0.9.1 - Bitcoin Core project)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation)
Call Of Pripyat Benchmark 1.0 (HKLM-x32\...\{151F4583-1A05-46D9-8A0E-8F61B9C3502B}_is1) (Version: - GSC Game World)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Clive Barker's Jericho (HKLM-x32\...\Steam App 11420) (Version: - Mercury Steam)
Damnation (HKLM-x32\...\Steam App 12790) (Version: - Blue Omega Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Eufloria (HKLM-x32\...\Steam App 41210) (Version: - Rudolf Kremers & Alex May)
Fallout (HKLM-x32\...\Steam App 38400) (Version: - Interplay Inc.)
Fallout 2 (HKLM-x32\...\Steam App 38410) (Version: - Black Isle Studios)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)
Fallout Tactics (HKLM-x32\...\Steam App 38420) (Version: - 14° East)
Free YouTube to MP3 Converter version 3.12.44.820 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.820 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version: - Traveller's Tales)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 23.0.1522.77 (HKLM-x32\...\Opera 23.0.1522.77) (Version: 23.0.1522.77 - Opera Software ASA)
Overlord II (HKLM-x32\...\Steam App 12810) (Version: - Triumph Studios)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Primal Carnage (HKLM-x32\...\Steam App 215470) (Version: - Lukewarm Media)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.7.3 - Shark007)
Sparkle 2 Evo (HKLM-x32\...\Steam App 253650) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version: - Haemimont Games)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
x64 Components v4.7.3 (HKLM\...\Advanced x64Components_is1) (Version: 4.7.3 - Shark007)
Youtube Downloader HD v. 2.9.9.14 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
08-10-2014 20:20:33 Gerätetreiber-Paketinstallation: ASUSTeK Audio-, Video- und Gamecontroller
13-10-2014 12:48:21 Gerätetreiber-Paketinstallation: ASUSTeK Audio-, Video- und Gamecontroller
13-10-2014 15:39:32 Gerätetreiber-Paketinstallation: ASUSTeK Audio-, Video- und Gamecontroller
13-10-2014 15:56:11 Gerätetreiber-Paketinstallation: ASUSTeK Audio-, Video- und Gamecontroller
14-10-2014 08:22:35 Gerätetreiber-Paketinstallation: ASUSTeK Audio-, Video- und Gamecontroller
14-10-2014 09:00:34 Microsoft Visual C++ 2005 Redistributable wird installiert
14-10-2014 09:00:39 Microsoft Visual C++ 2005 Redistributable wird installiert
14-10-2014 09:00:55 DirectX wurde installiert
18-10-2014 05:45:25 Created by Wise Care 365
20-10-2014 11:59:55 Created by Wise Care 365
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {13BA5481-3173-4694-8BF0-E1D1277D0610} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {4E335346-8C1C-40B2-9293-B0D8378F5E81} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-05] (Adobe Systems Incorporated)
Task: {5B46B9F0-0026-411D-A59E-693FC4586945} - System32\Tasks\aquasuite autostart => C:\Program Files\aquasuite\aquasuite.exe [2014-06-19] (Aqua Computer GmbH & Co. KG)
Task: {5BFADE92-363A-497C-AC17-32170A43EBE5} - System32\Tasks\Opera scheduled Autoupdate 1408825883 => C:\Program Files (x86)\Opera\launcher.exe [2014-08-14] (Opera Software)
Task: {772A68ED-03CB-4E60-A6E4-BBED92B0F4C6} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {A7B12175-D7BC-44D4-8458-8FC9E6B5BD0E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {B466C3F0-322F-4F37-BFF0-EB9BEA2A55B8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {D89D6EBF-F45A-4D6A-8A52-9AC62AFF13FE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {DAA6FC58-026E-4952-9A90-84F701666B7D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10] (Google Inc.)
Task: {E36DDDA2-77E3-4CAA-91C3-4FD69BD053B6} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {F0101F66-37A3-4C6B-B7D4-E3D8807B6B2A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-10] (Google Inc.)
Task: {FE1480D1-129D-46C9-91B7-75E22FF2C90D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-10 12:00 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-06 08:19 - 2014-06-06 08:19 - 00008704 _____ () C:\Program Files\aquasuite\Plugins\PluginExportSHM.dll
2014-06-06 08:19 - 2014-06-06 08:19 - 00008192 _____ () C:\Program Files\aquasuite\Plugins\PluginExportXML.dll
2014-06-06 08:19 - 2014-06-06 08:19 - 00009728 _____ () C:\Program Files\aquasuite\Plugins\PluginImportAida64.dll
2014-06-06 08:19 - 2014-06-06 08:19 - 00011776 _____ () C:\Program Files\aquasuite\Plugins\PluginImportHWiFO.dll
2014-06-06 08:19 - 2014-06-06 08:19 - 00011776 _____ () C:\Program Files\aquasuite\Plugins\PluginImportOHM.dll
2014-08-27 11:32 - 2014-08-27 11:32 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
2014-08-27 11:53 - 2014-08-27 11:53 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 11947856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 02167640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00943960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01105224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00247624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00988504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01277248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00975192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01109336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00891720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00843088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 03090768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 02624848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01238848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll
2014-08-27 11:52 - 2014-08-27 11:52 - 00928072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll
2014-08-22 17:40 - 2014-08-22 17:44 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-27 11:53 - 2014-08-27 11:53 - 08886592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
2014-08-27 11:53 - 2014-08-27 11:53 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 02101568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00832848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
2014-08-27 11:53 - 2014-08-27 11:53 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
2014-08-10 12:11 - 2008-07-11 14:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-08-10 12:11 - 2008-07-11 14:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2012-01-11 09:23 - 2012-01-11 09:23 - 00391168 _____ () C:\Program Files\aquasuite\WPFToolkit.Extended.dll
2014-09-16 20:47 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-09-16 20:47 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-09-16 20:47 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-09-16 20:47 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-09-16 20:47 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-10-14 09:22 - 2012-06-06 08:56 - 00143360 ____N () C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\VmixP8.dll
2014-08-15 08:56 - 2014-08-15 08:56 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\7fb509dd6887788f670fac03bb2f996d\PSIClient.ni.dll
2014-08-10 11:47 - 2012-07-18 05:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-08-23 21:31 - 2014-08-14 12:19 - 00880248 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\libglesv2.dll
2014-08-23 21:31 - 2014-08-14 12:19 - 00135800 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\libegl.dll
2014-08-23 21:31 - 2014-08-14 12:19 - 00957048 _____ () C:\Program Files (x86)\Opera\23.0.1522.77\ffmpegsumo.dll
2014-10-05 10:31 - 2014-10-05 10:31 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IePluginServices => 2
MSCONFIG\Services: ISCTAgent => 2
MSCONFIG\Services: LPTSystemUpdater => 2
MSCONFIG\startupfolder: C:^Users^9Tower1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\9Tower1\AppData\Local\Smartbar\Application\Smartbar.exe startup
MSCONFIG\startupreg: clicup-Agent => C:\Users\9Tower1\AppData\Local\Temp\clicup\clicup.exe
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: VIRTU MVP 2.0 => C:\Program Files\Lucidlogix Technologies\VIRTU MVP 2.0\MVPControlPanel20.Exe /hide
========================= Accounts: ==========================
9Tower1 (S-1-5-21-222504254-3214578368-1453069917-1000 - Administrator - Enabled) => C:\Users\9Tower1
Administrator (S-1-5-21-222504254-3214578368-1453069917-500 - Administrator - Disabled)
Gast (S-1-5-21-222504254-3214578368-1453069917-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-222504254-3214578368-1453069917-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/28/2014 05:39:50 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:39:48 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:39:47 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:39:45 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:39:44 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:39:42 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:34:09 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Während der Installation ist ein Fehler aufgetreten. Starten Sie die Reparatur.
Error: (10/27/2014 05:15:52 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/27/2014 05:15:51 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/27/2014 05:15:50 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
System errors:
=============
Error: (10/28/2014 05:34:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (10/28/2014 05:34:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (10/28/2014 05:34:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.
Error: (10/27/2014 05:05:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (10/27/2014 05:05:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (10/27/2014 05:05:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.
Error: (10/26/2014 00:11:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (10/26/2014 00:11:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (10/26/2014 00:11:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Performance Optimizer erreicht.
Error: (10/25/2014 07:01:29 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Microsoft Office Sessions:
=========================
Error: (10/28/2014 05:39:50 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:39:48 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:39:47 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:39:45 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:39:44 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:39:42 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/28/2014 05:34:09 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Während der Installation ist ein Fehler aufgetreten. Starten Sie die Reparatur.
Error: (10/27/2014 05:15:52 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/27/2014 05:15:51 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
Error: (10/27/2014 05:15:50 PM) (Source: iumsvc) (EventID: 255) (User: )
Description: Exception : ('Device Profile Push Failure', ProxyError(ProxyError('Cannot connect to proxy. Socket error: [Errno 10061] Es konnte keine Verbindung hergestellt werden, da der Zielcomputer die Verbindung verweigerte.',),))
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 33%
Total physical RAM: 15302.31 MB
Available physical RAM: 10139.31 MB
Total Pagefile: 30602.8 MB
Available Pagefile: 24550.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:238.47 GB) (Free:61.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:119.26 GB) (Free:80.87 GB) NTFS
Drive f: () (Fixed) (Total:812.15 GB) (Free:139.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5F17F65B)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 971AEF83)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=812.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================
danke ^^ |
So funktioniert es:
TDSSKiller.exe und speichere diese Datei auf dem Desktop