frst teil 2 Code:
2015-03-03 10:41 - 2015-03-03 10:41 - 00004016 _____ () C:\Windows\system32\iglhxs64.vp
2015-03-03 10:38 - 2015-03-03 10:38 - 09504256 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 02024960 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 01131008 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00695808 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00641530 _____ () C:\Windows\system32\FilmModeDetection.wmv
2015-03-03 10:37 - 2015-03-03 10:37 - 00623616 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00403671 _____ () C:\Windows\system32\ImageStabilization.wmv
2015-03-03 10:37 - 2015-03-03 10:37 - 00385024 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00375173 _____ () C:\Windows\system32\ColorImageEnhancement.wmv
2015-03-03 10:37 - 2015-03-03 10:37 - 00278528 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00255488 _____ () C:\Windows\system32\igfxCPL.cpl
2015-03-03 10:37 - 2015-03-03 10:37 - 00229888 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00227328 _____ () C:\Windows\system32\igdde64.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00169984 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00086528 _____ () C:\Windows\system32\igfxCUIServicePS.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00059904 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00010752 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2015-03-03 10:37 - 2015-03-03 10:37 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2015-03-03 10:34 - 2015-03-03 10:34 - 07484416 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll
2015-03-03 10:34 - 2015-03-03 10:34 - 00187392 _____ () C:\Windows\SysWOW64\igdde32.dll
2015-03-03 10:34 - 2015-03-03 10:34 - 00152064 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2015-03-03 10:34 - 2015-03-03 10:34 - 00035328 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2015-03-03 10:31 - 2015-03-03 10:31 - 15982080 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2015-03-03 10:31 - 2015-03-03 10:31 - 06021437 _____ () C:\Windows\system32\igdclbif.bin
2015-03-03 10:31 - 2015-03-03 10:31 - 03550208 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2015-03-03 10:31 - 2015-03-03 10:31 - 00398848 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2015-03-03 10:31 - 2015-03-03 10:31 - 00372224 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2015-03-03 10:30 - 2015-03-03 10:30 - 10853888 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2015-03-03 10:30 - 2015-03-03 10:30 - 03320320 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2015-03-03 10:30 - 2015-03-03 10:30 - 00350208 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2015-03-03 10:30 - 2015-03-03 10:30 - 00304128 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2015-03-02 19:09 - 2015-03-02 19:09 - 02813952 _____ () C:\Windows\system32\iglhxa64.cpa
2015-03-02 19:09 - 2015-03-02 19:09 - 01369088 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2015-03-02 19:09 - 2015-03-02 19:09 - 01063936 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2015-03-02 19:09 - 2015-03-02 19:09 - 00213504 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2015-03-02 19:09 - 2015-03-02 19:09 - 00178176 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2015-03-02 19:09 - 2015-03-02 19:09 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2015-03-02 19:09 - 2015-03-02 19:09 - 00086528 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2015-03-02 19:09 - 2015-03-02 19:09 - 00082432 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2015-03-02 19:09 - 2015-03-02 19:09 - 00044025 _____ () C:\Windows\system32\iglhxo64.vp
2015-03-02 19:09 - 2015-03-02 19:09 - 00043816 _____ () C:\Windows\system32\iglhxc64_dev.vp
2015-03-02 19:09 - 2015-03-02 19:09 - 00043494 _____ () C:\Windows\system32\iglhxc64.vp
2015-03-02 19:09 - 2015-03-02 19:09 - 00043298 _____ () C:\Windows\system32\iglhxg64_dev.vp
2015-03-02 19:09 - 2015-03-02 19:09 - 00043256 _____ () C:\Windows\system32\iglhxg64.vp
2015-03-02 19:09 - 2015-03-02 19:09 - 00042079 _____ () C:\Windows\system32\iglhxo64_dev.vp
2015-03-02 19:09 - 2015-03-02 19:09 - 00001125 _____ () C:\Windows\system32\iglhxa64.vp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-20 17:48 - 2011-04-12 08:43 - 00643628 _____ () C:\Windows\system32\perfh007.dat
2015-03-20 17:48 - 2011-04-12 08:43 - 00126188 _____ () C:\Windows\system32\perfc007.dat
2015-03-20 17:48 - 2009-07-14 06:13 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-20 17:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-20 17:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2015-03-20 17:24 - 2009-07-14 05:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-20 17:24 - 2009-07-14 05:45 - 00016640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-20 17:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-20 16:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-20 15:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-20 14:17 - 2011-04-12 08:55 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-20 14:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-03-20 14:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-03-20 14:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-20 14:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-03-20 14:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-03-20 14:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-20 14:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-20 14:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-03-20 14:16 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-20 14:16 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-20 10:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-20 05:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2015-03-20 05:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2015-03-20 05:11 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-20 05:11 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 05:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-03-20 05:07 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-03-20 05:07 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2004-01-26 16:15 - 2004-01-26 16:15 - 0233472 ____R () C:\Users\poi\AppData\Roaming\MafiaSetup.exe
2015-03-20 16:12 - 2015-03-20 16:12 - 0000400 _____ () C:\Users\poi\AppData\Local\Temp-log.txt
Some content of TEMP:
====================
C:\Users\poi\AppData\Local\Temp\CloudBackup4563.exe
C:\Users\poi\AppData\Local\Temp\SpOrder.dll
C:\Users\poi\AppData\Local\Temp\vcredist_x64.exe
C:\Users\poi\AppData\Local\Temp\xmlUpdater.exe
C:\Users\poi\AppData\Local\Temp\ytdieamo_amodc_setup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-20 10:01
==================== End Of Log ============================
Addition Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by poi at 2015-03-20 18:24:29
Running from C:\Users\poi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Free Download Manager 3.9.3 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Free YouTube to MP3 Converter version 3.12.56.301 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.56.301 - DVDVideoSoft Ltd.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation)
Mafia (HKLM-x32\...\Mafia) (Version: - )
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scarface: The World is Yours (HKLM-x32\...\InstallShield_{28142407-ACAD-4ECD-A6B6-9FA8471F6062}) (Version: 1.00.0000 - Sierra Entertainment)
Scarface: The World is Yours (x32 Version: 1.00.0000 - Sierra Entertainment) Hidden
UltraISO Premium V9.62 (HKLM-x32\...\UltraISO_is1) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2209928351-3718787372-2710401756-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
20-03-2015 15:57:27 Revo Uninstaller's restore point - iWebar
20-03-2015 15:58:30 Revo Uninstaller's restore point - LolliScan
20-03-2015 15:59:10 Revo Uninstaller's restore point - LolliScan
20-03-2015 16:01:07 Revo Uninstaller's restore point - luckysearches uninstall
20-03-2015 16:03:26 Revo Uninstaller's restore point - moters
20-03-2015 16:04:35 Revo Uninstaller's restore point - GamesDesktop 014.325
20-03-2015 16:07:21 Revo Uninstaller's restore point - istartsurf uninstall
20-03-2015 16:07:47 Revo Uninstaller's restore point - MyBestOffersToday 014.561
20-03-2015 16:09:34 Revo Uninstaller's restore point - MyPcBackup version 2.04
20-03-2015 16:10:15 Revo Uninstaller's restore point - Object Browser
20-03-2015 16:11:29 Revo Uninstaller's restore point - PriiceLLess
20-03-2015 16:12:56 Revo Uninstaller's restore point - Problem Replicate
20-03-2015 16:13:54 Revo Uninstaller's restore point - Program Import
20-03-2015 16:15:49 Revo Uninstaller's restore point - Quick Ref 1.10.0.9
20-03-2015 16:16:38 Revo Uninstaller's restore point - Remote Desktop Access (VuuPC)
20-03-2015 16:17:53 Revo Uninstaller's restore point - Reservation Drag And Drop
20-03-2015 16:19:22 Revo Uninstaller's restore point - Shopper-Pro
20-03-2015 16:21:28 Revo Uninstaller's restore point - SmartWeb
20-03-2015 16:22:12 Revo Uninstaller's restore point - TabNav
20-03-2015 16:23:55 Revo Uninstaller's restore point - Telephone Line Message
20-03-2015 16:25:16 Revo Uninstaller's restore point - tricomfi
20-03-2015 16:26:16 Revo Uninstaller's restore point - Webplayer Remote
20-03-2015 16:27:29 Supprimé Webplayer Remote
20-03-2015 16:28:48 Revo Uninstaller's restore point - Wheel Mouse Connect
20-03-2015 16:29:53 Revo Uninstaller's restore point - YTDownloader
20-03-2015 16:31:40 Revo Uninstaller's restore point - YTDownloader
20-03-2015 16:46:17 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
20-03-2015 18:13:14 Revo Uninstaller's restore point - Mozilla Firefox 36.0.1 (x86 de)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2DF572C7-3789-4007-BAF1-5A0E31276347} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {367CAC07-64BD-43BA-8880-8D4315198E07} - System32\Tasks\D1qqBNSRJ0PMcbG => C:\Users\poi\AppData\Roaming\qGOHq1G\KoA5uED.exe
Task: {5547A3DF-89F1-49F4-AC06-27910F8DA918} - System32\Tasks\trik3004 => C:\PROGRA~2\TabNav\trik3004.exe
Task: {6513735E-16A3-411D-BB8D-A6037D512CE5} - System32\Tasks\eOtShZcX9Pocmsq => C:\Users\poi\AppData\Roaming\oOFjxZR\boAiUFG.exe
Task: {B7D35575-173C-49D7-83DB-C35984765215} - System32\Tasks\JJQB => C:\Users\poi\AppData\Roaming\JJQB.exe <==== ATTENTION
Task: {BC484F6F-FE90-428B-9470-3484895FFD11} - System32\Tasks\CGPYMDU => C:\ProgramData\34033be33c954061b0ebe78d0fb59974\34033be33c954061b0ebe78d0fb59974.exe
Task: {CA908A0F-8933-4892-8A57-34312547DA8F} - System32\Tasks\AuZK1afEXJ5UMwo => C:\Users\poi\AppData\Roaming\az7vesJ\BGHHzHW.exe
Task: {CD519141-DCA0-48FB-BA0F-8933FD14AAC6} - System32\Tasks\ON => C:\Users\poi\AppData\Roaming\ON.exe <==== ATTENTION
Task: {CDD5DCA4-97E0-4C44-95D5-003587B999E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {CF76FE5A-EDB4-4771-A49B-656416E8B772} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {D93B5D2A-B2F0-4638-819F-FBD5D7904462} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {DB0779C7-88A3-4833-A2C7-D4E1C11E2328} - \SPBIW_UpdateTask_Time_3535323337303137302d3437415a556c2a3223346c41 No Task File <==== ATTENTION
Task: C:\Windows\Tasks\JJQB.job => C:\Users\poi\AppData\Roaming\JJQB.exe <==== ATTENTION
Task: C:\Windows\Tasks\ON.job => C:\Users\poi\AppData\Roaming\ON.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) ==============
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-02-19 22:40 - 2015-02-19 22:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00143891 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 02750483 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00617491 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00079379 _____ () C:\Program Files\VideoLAN\VLC\libgcc_s_seh-1.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00038419 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00035347 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00083987 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00075795 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00021011 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00060435 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00044051 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00083475 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00051731 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 12270611 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00066579 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00672275 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00825363 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00132627 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00047635 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00032275 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00331283 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00021011 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00192019 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00836115 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00020499 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00027667 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00088083 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00027667 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00036883 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00026643 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00078355 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00041491 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00022547 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00030739 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00030739 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00021523 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 01596947 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00341523 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 02479123 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00111123 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00257043 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00227347 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00101395 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00101395 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00323091 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00345619 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 01528339 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00025107 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00042003 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00048659 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00430099 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00031251 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 01806867 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00418835 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00024083 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00026643 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00141331 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00188435 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00083987 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 01507859 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00029203 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00018451 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00022035 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2015-02-27 17:00 - 2015-02-27 17:00 - 00043539 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2015-03-20 05:26 - 2013-10-04 14:15 - 00106496 _____ () C:\Program Files (x86)\Free Download Manager\fdmumsp.dll
2015-03-20 05:26 - 2013-10-04 14:38 - 03560960 _____ () C:\Program Files (x86)\Free Download Manager\fdmbtsupp.dll
2015-03-20 18:23 - 2015-03-20 18:24 - 40824144 _____ () C:\Downloads\Software\Firefox Setup 36.0.1.exe
2015-03-20 18:24 - 2015-03-20 18:24 - 00011264 _____ () C:\Users\poi\AppData\Local\Temp\nsbB684.tmp\System.dll
2015-03-20 18:24 - 2015-03-20 18:24 - 00018432 _____ () C:\Users\poi\AppData\Local\Temp\nsbB684.tmp\UAC.dll
2015-03-20 18:24 - 2015-03-20 18:24 - 00011264 _____ () C:\Users\poi\AppData\Local\Temp\nsqBC0F.tmp\System.dll
2015-03-20 18:24 - 2015-03-20 18:24 - 00018432 _____ () C:\Users\poi\AppData\Local\Temp\nsqBC0F.tmp\UAC.dll
2015-03-20 18:24 - 2015-03-20 18:24 - 00015360 _____ () C:\Users\poi\AppData\Local\Temp\nsqBC0F.tmp\InstallOptions.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasementDuster => ""="service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2209928351-3718787372-2710401756-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\poi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.220.18.8 - 89.246.64.8
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: abengine => 2
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: berogupe => 2
MSCONFIG\Services: BrsHelper => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: csrcc => 2
MSCONFIG\Services: ginevigo => 2
MSCONFIG\Services: globalUpdate => 2
MSCONFIG\Services: globalUpdatem => 3
MSCONFIG\Services: guhuvuky => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: igfxCUIService1.0.0.0 => 2
MSCONFIG\Services: IHProtect Service => 2
MSCONFIG\Services: InjectorService => 2
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: LolliScan => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: merohihi => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: shopperz Updater => 2
MSCONFIG\Services: SPBIUpd => 2
MSCONFIG\Services: WindowsMangerProtect => 2
MSCONFIG\startupfolder: C:^Users^poi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: mbot_de_561 => "C:\Program Files (x86)\mbot_de_561\mbot_de_561.exe"
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: shopperz => C:\Program Files\shopperz\wrex.exe
MSCONFIG\startupreg: shopperz64 => C:\Program Files\shopperz\wrex64.exe
MSCONFIG\startupreg: SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1.39.0.1600\jsdrv.exe
MSCONFIG\startupreg: WinCheck => C:\Users\poi\AppData\Local\1E530480-1426866663-11DD-AF33-74D02B8FAC8E\bnshB484.exe
MSCONFIG\startupreg: YTDownloader => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
==================== Accounts: =============================
Administrator (S-1-5-21-2209928351-3718787372-2710401756-500 - Administrator - Disabled)
Gast (S-1-5-21-2209928351-3718787372-2710401756-501 - Limited - Disabled)
poi (S-1-5-21-2209928351-3718787372-2710401756-1000 - Administrator - Enabled) => C:\Users\poi
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SPDRIVER_1.39.0.1600
Description: SPDRIVER_1.39.0.1600
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SPDRIVER_1.39.0.1600
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/20/2015 06:21:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/20/2015 05:51:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/20/2015 05:51:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/20/2015 05:51:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/20/2015 05:51:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/20/2015 05:51:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/20/2015 05:42:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2015 05:36:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2015 05:26:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2015 05:26:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbar.exe, Version: 1.9.1.1004, Zeitstempel: 0x54d5665f
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003bce6
ID des fehlerhaften Prozesses: 0xb88
Startzeit der fehlerhaften Anwendung: 0xmbar.exe0
Pfad der fehlerhaften Anwendung: mbar.exe1
Pfad des fehlerhaften Moduls: mbar.exe2
Berichtskennung: mbar.exe3
System errors:
=============
Error: (03/20/2015 05:41:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SPDRIVER_1.39.0.1600" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (03/20/2015 05:35:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/20/2015 05:35:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/20/2015 05:35:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/20/2015 05:35:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/20/2015 05:35:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/20/2015 05:35:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/20/2015 05:35:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/20/2015 05:35:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (03/20/2015 05:35:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (03/20/2015 06:21:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (03/20/2015 05:51:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\poi\Desktop\esetsmartinstaller_deu.exe
Error: (03/20/2015 05:51:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\poi\Desktop\esetsmartinstaller_deu.exe
Error: (03/20/2015 05:51:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\poi\Desktop\esetsmartinstaller_deu.exe
Error: (03/20/2015 05:51:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\poi\Desktop\esetsmartinstaller_deu.exe
Error: (03/20/2015 05:51:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\poi\Downloads\esetsmartinstaller_deu.exe
Error: (03/20/2015 05:42:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2015 05:36:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2015 05:26:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2015 05:26:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbar.exe1.9.1.100454d5665fntdll.dll6.1.7601.18247521ea8e7c00000050003bce6b8801d0632a742594dbC:\Users\poi\Desktop\mbar\mbar.exeC:\Windows\SysWOW64\ntdll.dlldb554773-cf1d-11e4-8a3a-74d02b8fac8e
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 22%
Total physical RAM: 7104.03 MB
Available physical RAM: 5535.49 MB
Total Pagefile: 14206.25 MB
Available Pagefile: 12765.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:887.85 GB) NTFS
Drive g: (progs) (Fixed) (Total:931.41 GB) (Free:931.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 011D5C43)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D2787F91)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Gmer mit internet verbindung Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-03-20 18:30:25
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 ST31000528AS rev.CC37 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\poi\AppData\Local\Temp\uwldapow.sys
---- Processes - GMER 2.1 ----
Library üš (*** suspicious ***) @ C:\Windows\Explorer.EXE [1856] 000007fef26f0000
Library C:\Users\poi\AppData\Local\Temp\nsbB684.tmp\System.dll (*** suspicious ***) @ C:\Users\poi\AppData\Local\Temp\7zS9FE7.tmp\setup.exe [1924](2015-03-20 17:24:18) 0000000010000000
Library C:\Users\poi\AppData\Local\Temp\nsbB684.tmp\UAC.dll (*** suspicious ***) @ C:\Users\poi\AppData\Local\Temp\7zS9FE7.tmp\setup.exe [1924](2015-03-20 17:24:18) 0000000000370000
Library C:\Users\poi\AppData\Local\Temp\nsqBC0F.tmp\System.dll (*** suspicious ***) @ C:\Users\poi\AppData\Local\Temp\7zS9FE7.tmp\setup.exe [2692](2015-03-20 17:24:19) 0000000010000000
Library C:\Users\poi\AppData\Local\Temp\nsqBC0F.tmp\UAC.dll (*** suspicious ***) @ C:\Users\poi\AppData\Local\Temp\7zS9FE7.tmp\setup.exe [2692](2015-03-20 17:24:19) 0000000000360000
Library C:\Users\poi\AppData\Local\Temp\nsqBC0F.tmp\InstallOptions.dll (*** suspicious ***) @ C:\Users\poi\AppData\Local\Temp\7zS9FE7.tmp\setup.exe [2692](2015-03-20 17:24:20) 0000000002660000
---- EOF - GMER 2.1 ----
eset Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c4d8e5cdbdb6b7469c0b9aa2f2858ff4
# engine=23004
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-20 05:18:48
# local_time=2015-03-20 06:18:48 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 18110 178501778 0 0
# scanned=149880
# found=12
# cleaned=0
# scan_time=1193
sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2209928351-3718787372-2710401756-1000\$R6UB797"
sh=96EDAD94BE1A45EC7D5E7D67B97FE20C1DE1D676 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2209928351-3718787372-2710401756-1000\$RWLRPUU"
sh=6C06A31CB1C186D90A4E6F66E9DCD404133435ED ft=1 fh=8113374969a15c74 vn="Variante von Win32/SpeedBit.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\poi\AppData\Local\Installer\Install_25099\DCytdieamo_amodc_setup.exe"
sh=4495024B25F21088902FBD82FC915E621187FE85 ft=1 fh=cc5f08593bdd79bc vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\poi\AppData\Local\Temp\CloudBackup4563.exe"
sh=A1889BF8FE6D8CA7CDE02AC512931E1FF9D98932 ft=1 fh=9ac083f18deba41f vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\poi\AppData\Local\Temp\nsr8A7A.tmp"
sh=5B8CAFF7AF689D3F923F812E0B709B5E8F23E406 ft=1 fh=5a810feafc06837a vn="Variante von Win32/SpeedBit.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\poi\AppData\Local\Temp\ytdieamo_amodc_setup.exe"
sh=BF9E47A6084A5B7AB3027978DB06F3A7060F5D6E ft=1 fh=d5e47c88265a5b9e vn="Variante von Win32/SpeedBit.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\poi\AppData\Local\Temp\Install_11216\ins_shopperpro.exe"
sh=259AF64339F1A80C1378DA847C0063330C6C75A5 ft=1 fh=8aeec32a224d2101 vn="Variante von Win32/SpeedBit.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\poi\AppData\Local\Temp\Install_11216\ins_ytd.exe"
sh=2121DEE1CE3A21D7763D35FEA505D2B8E83CEB1A ft=1 fh=c71c001181a536a0 vn="Variante von Win32/Packed.VMDetector.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\poi\AppData\Local\Temp\nsz1A57.tmp\InstallerUtils.dll"
sh=F01325F6C053438B70355DD33A80DDA0512F3A46 ft=1 fh=cf410674374fc386 vn="Variante von Win32/Toolbar.CrossRider.CF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\poi\AppData\Local\Temp\nsz1A57.tmp\InstallerUtils2.dll"
sh=7FF3F72344435C903F4110818294379FF1D2DFF2 ft=1 fh=c71c0011780ad664 vn="Variante von Win32/ELEX.CE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\poi\AppData\Local\Temp\~dl755F\bjl\jieya.dll"
sh=E527BBCAFEDDC287A621A2DB49A1F10502C1E3D0 ft=1 fh=4c77490216ec3f95 vn="Variante von Win32/ELEX.BH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\poi\AppData\Local\Temp\~dl755F\zdma\tmp\wpm_v20.0.0.1953_0302.exe"
gmer scan ohne internet verbindung Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-03-20 18:55:14
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 ST31000528AS rev.CC37 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\poi\AppData\Local\Temp\uwldapow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000762f1401 2 bytes JMP 7646b21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000762f1419 2 bytes JMP 7646b346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000762f1431 2 bytes JMP 764e8ea9 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000762f144a 2 bytes CALL 764448ad C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000762f14dd 2 bytes JMP 764e87a2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000762f14f5 2 bytes JMP 764e8978 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000762f150d 2 bytes JMP 764e8698 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000762f1525 2 bytes JMP 764e8a62 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000762f153d 2 bytes JMP 7645fca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000762f1555 2 bytes JMP 764668ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000762f156d 2 bytes JMP 764e8f61 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000762f1585 2 bytes JMP 764e8ac2 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000762f159d 2 bytes JMP 764e865c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000762f15b5 2 bytes JMP 7645fd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000762f15cd 2 bytes JMP 7646b2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000762f16b2 2 bytes JMP 764e8e24 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Free Download Manager\fdm.exe[968] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000762f16bd 2 bytes JMP 764e85f1 C:\Windows\syswow64\kernel32.dll
---- Processes - GMER 2.1 ----
Library Ì÷à]H (*** suspicious ***) @ C:\Windows\Explorer.EXE [1856] 000007fef26f0000
---- EOF - GMER 2.1 ----
bezüglich der 2 gmer scans kann ich nur folgendes sagen das ich bei dem ersten scan keine anleitung hatte.
Beim 2.ten Scan bin ich nach eurer anleitung hier im forum vorgegangen |
So funktioniert es:
AdwCleaner auf deinen Desktop.
Malwarebytes Anti-Malware 
SecurityCheck und:
und 
und speichere die Logdatei auf Deinem Desktop.
