Nuclear2015 | 07.02.2015 15:24 | Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2015
Ran by Nuclear at 2015-02-07 15:16:06 Run:1
Running from C:\Users\Nuclear\Desktop
Loaded Profiles: Nuclear (Available profiles: Nuclear)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Program Files (x86)\Optimizer Pro 3.38
C:\Users\Nuclear\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\Nuclear\AppData\Roaming\NQNSLJLG
C:\Users\Nuclear\Downloads\microsoft_excel.exe
C:\Users\Nuclear\Downloads\Nicht bestätigt 428109.crdownload
C:\Users\Nuclear\Downloads\Nicht bestätigt 70124.crdownload
C:\Users\Nuclear\Downloads\Origin EA Download Manager - CHIP-Installer.exe
C:\Users\Nuclear\Downloads\WinZip 64 Bit - CHIP-Installer.exe
D:\Übersicht\Programme\MSI Afterburner - CHIP-Installer.exe
D:\Übersicht\Spiele\Need For Speed Most Wanted PC DVD\NFSMWBE PC DVD.ISO
D:\Übersicht\Spiele\Need For Speed Most Wanted PC DVD\NFSMWBE PC DVD\Crack\Daemon Tools v4\daemon400.exe
D:\Übersicht\Spiele\NFS Rivals\nfs14.3dm.dll
D:\Übersicht\Spiele\NFS Rivals\NFS14.exe
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\Run: [winengine] => C:\Users\Nuclear\AppData\Local\winengine\rkr0.exe [511416 2014-12-12] ()
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\Run: [winengine2] => C:\Users\Nuclear\AppData\Local\winengine\rkr1.exe [511416 2014-12-12] ()
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\Run: [ASRockOCTuner] => [X]
C:\Users\Nuclear\AppData\Local\winengine
S2 4ef60154; c:\Program Files (x86)\Optimizer Pro 3.38\OptProMon.dll [1633848 2015-02-01] ()
S2 SecurityUtility Service; C:\ProgramData\SecurityUtility\SecurityUtilitySrv.exe -p "Covus" -c "Covus_Coupons" -s "CCC9" -i "1984204" -g "" [X]
2015-01-25 17:12 - 2015-01-25 17:12 - 0001248 _____ () C:\Users\Nuclear\AppData\Roaming\NQNSLJLG
Emptytemp:
*****************
C:\Program Files (x86)\Optimizer Pro 3.38 => Moved successfully.
C:\Users\Nuclear\AppData\Local\Temp\DMR\dmr_72.exe => Moved successfully.
C:\Users\Nuclear\AppData\Roaming\NQNSLJLG => Moved successfully.
C:\Users\Nuclear\Downloads\microsoft_excel.exe => Moved successfully.
C:\Users\Nuclear\Downloads\Nicht bestätigt 428109.crdownload => Moved successfully.
C:\Users\Nuclear\Downloads\Nicht bestätigt 70124.crdownload => Moved successfully.
C:\Users\Nuclear\Downloads\Origin EA Download Manager - CHIP-Installer.exe => Moved successfully.
C:\Users\Nuclear\Downloads\WinZip 64 Bit - CHIP-Installer.exe => Moved successfully.
D:\Übersicht\Programme\MSI Afterburner - CHIP-Installer.exe => Moved successfully.
D:\Übersicht\Spiele\Need For Speed Most Wanted PC DVD\NFSMWBE PC DVD.ISO => Moved successfully.
D:\Übersicht\Spiele\Need For Speed Most Wanted PC DVD\NFSMWBE PC DVD\Crack\Daemon Tools v4\daemon400.exe => Moved successfully.
D:\Übersicht\Spiele\NFS Rivals\nfs14.3dm.dll => Moved successfully.
D:\Übersicht\Spiele\NFS Rivals\NFS14.exe => Moved successfully.
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\Software\Microsoft\Windows\CurrentVersion\Run\\winengine => value deleted successfully.
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\Software\Microsoft\Windows\CurrentVersion\Run\\winengine2 => value deleted successfully.
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockOCTuner => value deleted successfully.
C:\Users\Nuclear\AppData\Local\winengine => Moved successfully.
4ef60154 => Service deleted successfully.
SecurityUtility Service => Service deleted successfully.
"C:\Users\Nuclear\AppData\Roaming\NQNSLJLG" => File/Directory not found.
EmptyTemp: => Removed 833.5 MB temporary data.
The system needed a reboot.
==== End of Fixlog 15:16:50 ==== ich weiss nicht ob das so richtig gewesen ist
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by Nuclear (administrator) on NUCLEAR-PC on 07-02-2015 15:22:34
Running from C:\Users\Nuclear\Desktop
Loaded Profiles: Nuclear (Available profiles: Nuclear)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Electronic Arts) D:\Übersicht\Programme\Origin\Origin.exe
(Akamai Technologies, Inc.) C:\Users\Nuclear\AppData\Local\Akamai\netsession_win.exe
(BitTorrent Inc.) C:\Users\Nuclear\AppData\Roaming\uTorrent\uTorrent.exe
(Akamai Technologies, Inc.) C:\Users\Nuclear\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamSpeak Systems GmbH) D:\Übersicht\Programme\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Nuclear\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\Run: [EADM] => D:\Übersicht\Programme\Origin\Origin.exe [3619160 2015-01-27] (Electronic Arts)
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Nuclear\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\Run: [uTorrent] => C:\Users\Nuclear\AppData\Roaming\uTorrent\uTorrent.exe [1736784 2015-02-01] (BitTorrent Inc.)
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\Run: [DAEMON Tools Lite] => D:\Übersicht\Programme\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3236316847-1076086714-31016914-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Übersicht\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Übersicht\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3236316847-1076086714-31016914-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Übersicht\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.ch/
CHR StartupUrls: Default -> "https://www.google.ch/?gws_rd=ssl"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Nuclear\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Nuclear\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nuclear\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-30]
CHR Extension: (YouTube) - C:\Users\Nuclear\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-02]
CHR Extension: (Google-Suche) - C:\Users\Nuclear\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-02]
CHR Extension: (AdBlock) - C:\Users\Nuclear\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-11]
CHR Extension: (New Tab Page by Speed Dial Team) - C:\Users\Nuclear\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-08-02]
CHR Extension: (Google Wallet) - C:\Users\Nuclear\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-02]
CHR Extension: (Google Mail) - C:\Users\Nuclear\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [103424 2013-02-14] (Creative Technology Ltd)
S3 Origin Client Service; D:\Übersicht\Programme\Origin\OriginClientService.exe [1910128 2015-01-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-03] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 cthda; C:\Windows\System32\drivers\cthda.sys [1044760 2013-02-14] (Creative Technology Ltd)
R3 cthdb; C:\Windows\System32\DRIVERS\cthdb.sys [28440 2013-02-14] (Creative Technology Ltd)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-18] (Disc Soft Ltd)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-06] (Malwarebytes Corporation)
R3 SaiK0728; C:\Windows\System32\DRIVERS\SaiK0728.sys [129024 2008-01-21] (Saitek)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 15:22 - 2015-02-07 15:22 - 00013475 _____ () C:\Users\Nuclear\Desktop\FRST.txt
2015-02-07 15:16 - 2015-02-07 15:09 - 02131968 _____ (Farbar) C:\Users\Nuclear\Desktop\FRST64 (1).exe
2015-02-06 22:20 - 2015-02-06 22:20 - 00000743 _____ () C:\Users\Public\Desktop\The Evil Within.lnk
2015-02-06 22:20 - 2015-02-06 22:20 - 00000743 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Evil Within.lnk
2015-02-06 19:28 - 2015-02-06 19:28 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-06 18:24 - 2015-02-06 18:24 - 00000698 _____ () C:\Users\Public\Desktop\ASRock OC Tuner.lnk
2015-02-06 18:24 - 2015-02-06 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility
2015-02-06 18:21 - 2015-02-06 18:21 - 00000833 _____ () C:\Users\Nuclear\Desktop\MSI Afterburner.lnk
2015-02-06 13:11 - 2015-02-06 13:11 - 00000697 _____ () C:\Users\Nuclear\Desktop\JRT.txt
2015-02-06 13:03 - 2015-02-06 13:03 - 00001462 _____ () C:\Users\Nuclear\Desktop\mbam.txt
2015-02-05 17:07 - 2015-02-05 17:07 - 00023627 _____ () C:\ComboFix.txt
2015-02-05 17:01 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-05 17:01 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-05 17:01 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-05 17:01 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-05 17:01 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-05 17:01 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-05 17:01 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-05 17:01 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-05 16:59 - 2015-02-05 17:07 - 00000000 ____D () C:\Qoobox
2015-02-05 16:59 - 2015-02-05 17:06 - 00000000 ____D () C:\Windows\erdnt
2015-02-05 13:24 - 2015-02-05 13:24 - 00000000 ____D () C:\Users\Nuclear\Documents\BlackshotScreenshot
2015-02-03 11:50 - 2015-02-03 11:52 - 00000000 ____D () C:\Users\Nuclear\Documents\BFH Beta 2
2015-02-03 11:49 - 2015-02-03 11:49 - 00000000 ____D () C:\Users\Nuclear\AppData\Local\ESN
2015-02-03 01:59 - 2015-02-07 15:22 - 00000000 ____D () C:\FRST
2015-02-03 01:26 - 2015-02-05 20:37 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-03 01:26 - 2015-02-03 01:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-03 01:25 - 2015-02-07 15:17 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-03 01:25 - 2015-02-07 14:35 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-03 01:25 - 2015-02-05 00:30 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-03 01:25 - 2015-02-05 00:30 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 01:05 - 2015-02-03 01:05 - 00000834 _____ () C:\Users\Public\Desktop\Battlefield Hardline Beta.lnk
2015-02-03 01:05 - 2015-02-03 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Hardline Beta
2015-02-02 22:42 - 2015-02-02 22:42 - 01533584 _____ () C:\Users\Nuclear\Downloads\battlelog-web-plugins_2.6.2_157.exe
2015-02-02 17:02 - 2015-02-02 17:02 - 00000000 ____D () C:\Users\Nuclear\AppData\Local\SKIDROW
2015-02-02 16:58 - 2015-02-02 16:58 - 00000000 ____D () C:\Users\Nuclear\AppData\Roaming\Steam
2015-02-02 16:57 - 2015-02-02 16:57 - 00000000 ____D () C:\Program Files (x86)\The Evil Within
2015-02-02 16:50 - 2015-02-02 16:55 - 159477620 _____ () C:\Users\Nuclear\Downloads\The.Evil.Within.Update.1-CODEX.rar
2015-02-02 16:38 - 2015-02-02 16:38 - 00000866 _____ () C:\Users\Public\Desktop\NFS Rivals x86.lnk
2015-02-02 16:38 - 2015-02-02 16:38 - 00000842 _____ () C:\Users\Public\Desktop\NFS Rivals.lnk
2015-02-02 16:38 - 2015-02-02 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NFS Rivals
2015-02-02 16:28 - 2015-02-02 16:28 - 00001156 _____ () C:\Users\Nuclear\Downloads\9jcd2enskfu3 (1).dlc
2015-02-02 16:25 - 2015-02-02 16:25 - 31419822 _____ () C:\Users\Nuclear\Downloads\JDownloader.zip
2015-02-02 16:25 - 2015-02-02 16:25 - 00001156 _____ () C:\Users\Nuclear\Downloads\9jcd2enskfu3.dlc
2015-02-02 16:22 - 2015-02-06 12:58 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-02 16:19 - 2015-02-02 16:22 - 00000849 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-02 16:19 - 2015-02-02 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-02 16:19 - 2015-02-02 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-02 16:19 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-02 16:19 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-02 16:19 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-02 15:12 - 2015-02-02 16:29 - 00000000 ____D () C:\Users\Nuclear\AppData\Local\12891
2015-02-02 15:02 - 2015-02-02 15:09 - 478256047 _____ () C:\Users\Nuclear\Downloads\NFS_Language_DE_EN_Patch.rar
2015-02-02 14:54 - 2015-02-02 14:54 - 00000000 ____D () C:\ProgramData\SecurityUtilityData
2015-02-02 14:54 - 2015-01-27 17:31 - 00344440 _____ (CartCrunch Israel Ltd.) C:\Windows\system32\ColorMedia64.dll
2015-02-02 14:54 - 2015-01-27 17:31 - 00301168 _____ (CartCrunch Israel Ltd.) C:\Windows\SysWOW64\ColorMedia.dll
2015-02-02 14:52 - 2015-02-02 14:53 - 00000000 ____D () C:\Users\Nuclear\AppData\Roaming\Opera Software
2015-02-02 14:52 - 2015-02-02 14:53 - 00000000 ____D () C:\Users\Nuclear\AppData\Local\Opera Software
2015-02-02 14:06 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-02-02 12:07 - 2015-02-02 12:07 - 00000000 ____D () C:\Users\Nuclear\Documents\NFS Most Wanted
2015-02-02 11:38 - 2015-02-02 11:38 - 00000707 _____ () C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2015-02-02 11:37 - 2015-02-02 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2015-02-02 11:19 - 2015-02-02 12:02 - 04676570 _____ () C:\Users\Nuclear\Desktop\DIAG.LOG
2015-02-02 11:17 - 2015-02-02 11:17 - 00000000 ____D () C:\Users\Nuclear\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-01 21:06 - 2015-02-01 21:06 - 00023010 _____ () C:\Users\Nuclear\Downloads\[kickass.so]need.for.speed.most.wanted.torrent
2015-02-01 21:05 - 2015-02-01 21:05 - 00039930 _____ () C:\Users\Nuclear\Downloads\[kickass.so]need.for.speed.rivals.no.origin.crack.fix.anuj.torrent
2015-02-01 20:20 - 2015-02-01 20:20 - 00086134 _____ () C:\Users\Nuclear\Downloads\[kickass.so]the.evil.within.2014.reloaded.torrent
2015-02-01 17:13 - 2015-02-01 17:13 - 00032971 _____ () C:\Users\Nuclear\Downloads\[kickass.so]the.evil.within.update.1.2014.pc.repack.by.r.g.freedom.torrent
2015-02-01 16:37 - 2015-02-05 17:04 - 00000000 ____D () C:\Program Files (x86)\f07463c0-8a09-4ef2-b7bb-faea7d91eefb
2015-02-01 16:35 - 2015-02-02 16:30 - 00000000 ____D () C:\ProgramData\{bc9a1b3f-dfaa-dce7-bc9a-a1b3fdfa6cff}
2015-02-01 16:30 - 2015-02-01 16:30 - 00000815 _____ () C:\Users\Nuclear\Desktop\µTorrent.lnk
2015-02-01 16:30 - 2015-02-01 16:30 - 00000795 _____ () C:\Users\Nuclear\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-02-01 16:29 - 2015-02-07 15:17 - 00000000 ____D () C:\Users\Nuclear\AppData\Roaming\uTorrent
2015-02-01 16:29 - 2015-02-01 16:29 - 01736784 _____ (BitTorrent Inc.) C:\Users\Nuclear\Downloads\uTorrent_3.4.2_Build_38397.exe
2015-01-29 12:42 - 2015-01-29 12:42 - 00000000 ____D () C:\Windows\rescache
2015-01-27 12:52 - 2015-01-27 12:52 - 10220477 _____ () C:\Users\Nuclear\Downloads\[0.9.5]WWIIHWA_TURRET_TRAVERSE_SOUND_v1.69.rar
2015-01-27 12:37 - 2015-01-27 12:39 - 179473579 _____ () C:\Users\Nuclear\Downloads\[0.9.5]WWIIHWA_Ambiente_v4.03_UNCUT_Addon.rar
2015-01-27 12:36 - 2015-01-27 12:39 - 179471096 _____ () C:\Users\Nuclear\Downloads\[0.9.5]WWIIHWA_Ambiente_v4.02_UNCUT_Addon.rar
2015-01-27 12:34 - 2015-01-27 12:34 - 06375513 _____ () C:\Users\Nuclear\Downloads\[0.9.1]WWIIHWA_Ingame_Voices_GERMAN.rar
2015-01-27 12:32 - 2015-01-27 12:32 - 01232054 _____ () C:\Users\Nuclear\Downloads\fontok_WOThoz.zip
2015-01-27 02:49 - 2015-01-27 02:59 - 338494938 _____ () C:\Users\Nuclear\Downloads\Gnomefather_s_Engines_0.583_for_Curse (1).zip
2015-01-27 02:44 - 2015-01-27 02:44 - 24075564 _____ (diclovit ) C:\Users\Nuclear\Downloads\dmp_9.5.2_setup.exe
2015-01-14 16:49 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:49 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:49 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:49 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 16:49 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 16:49 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 16:49 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 16:49 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 16:49 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 16:49 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:49 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 16:49 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 16:49 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-12 19:13 - 2015-01-12 19:13 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Nuclear\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-11 23:02 - 2015-01-11 23:02 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-11 23:02 - 2015-01-11 23:02 - 00000959 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-01-11 22:54 - 2015-01-11 22:54 - 07718224 _____ (TeamViewer GmbH) C:\Users\Nuclear\Downloads\TeamViewer_Setup_de.exe
2015-01-10 04:28 - 2015-01-10 04:28 - 24076445 _____ (diclovit ) C:\Users\Nuclear\Downloads\dmp_9.5.1_setup.exe
2015-01-10 04:18 - 2015-02-02 14:47 - 00000000 ____D () C:\ProgramData\WinZip
2015-01-10 04:11 - 2015-01-10 04:13 - 338494938 _____ () C:\Users\Nuclear\Downloads\Gnomefather_s_Engines_0.583_for_Curse.zip
2015-01-08 22:55 - 2015-02-06 13:06 - 00000000 ____D () C:\AdwCleaner
2015-01-08 22:54 - 2015-01-08 22:55 - 02191360 _____ () C:\Users\Nuclear\Downloads\adwcleaner_4.107.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 15:21 - 2014-08-02 23:20 - 01776031 _____ () C:\Windows\WindowsUpdate.log
2015-02-07 15:18 - 2014-10-31 10:36 - 00000000 ____D () C:\Program Files\KMSpico
2015-02-07 15:18 - 2014-08-03 00:02 - 00000000 ____D () C:\Users\Nuclear\AppData\Roaming\TS3Client
2015-02-07 15:17 - 2014-08-03 00:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-07 15:17 - 2014-08-03 00:09 - 00214988 _____ () C:\Windows\PFRO.log
2015-02-07 15:17 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-07 15:17 - 2009-07-14 05:51 - 00048426 _____ () C:\Windows\setupact.log
2015-02-07 15:12 - 2014-10-15 13:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-07 11:52 - 2009-07-14 05:45 - 00023072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-07 11:52 - 2009-07-14 05:45 - 00023072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-07 11:50 - 2009-07-14 18:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-02-07 11:50 - 2009-07-14 18:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-02-07 11:50 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-07 11:45 - 2014-08-03 00:04 - 00000000 ____D () C:\ProgramData\Origin
2015-02-06 21:31 - 2014-08-03 18:42 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-06 18:21 - 2014-08-03 23:14 - 00000000 ____D () C:\Users\Nuclear\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2015-02-06 15:39 - 2014-10-26 22:14 - 00000000 ____D () C:\Users\Nuclear\Desktop\Bilder
2015-02-06 15:39 - 2014-10-10 20:21 - 00000000 ____D () C:\Users\Nuclear\Downloads\Gameforge Live
2015-02-05 20:12 - 2014-10-15 13:03 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 20:12 - 2014-10-15 13:03 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 20:12 - 2014-10-15 13:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 17:05 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-02-05 17:04 - 2014-10-09 21:56 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-02-05 17:01 - 2014-10-16 00:39 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-05 09:54 - 2014-09-27 08:02 - 00000826 _____ () C:\Users\Nuclear\Desktop\Neues Textdokument.txt
2015-02-03 23:13 - 2014-08-03 18:42 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-03 17:04 - 2014-08-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-03 11:52 - 2014-08-03 19:08 - 00000000 ____D () C:\Users\Nuclear\AppData\Local\PunkBuster
2015-02-03 01:26 - 2014-08-02 23:30 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-03 01:25 - 2014-08-02 23:29 - 00000000 ____D () C:\Users\Nuclear\AppData\Local\Deployment
2015-02-03 01:05 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-03 01:04 - 2014-08-03 18:42 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-03 01:04 - 2014-08-03 18:40 - 00141419 _____ () C:\Windows\DirectX.log
2015-02-02 16:30 - 2009-07-14 06:37 - 00000000 ____D () C:\Windows\DigitalLocker
2015-02-02 14:57 - 2014-08-02 23:20 - 00001182 _____ () C:\Users\Nuclear\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-02-02 11:24 - 2014-08-18 13:01 - 00000000 ____D () C:\Users\Nuclear\AppData\Roaming\DAEMON Tools Lite
2015-02-02 11:24 - 2014-08-18 13:00 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2015-02-01 20:16 - 2014-08-03 23:15 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-01-27 12:01 - 2014-08-30 22:22 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-27 12:00 - 2014-10-15 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-27 12:00 - 2014-10-15 13:01 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-27 11:59 - 2014-08-30 22:22 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-27 11:59 - 2014-08-30 22:22 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-27 11:59 - 2014-08-30 22:22 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-27 11:59 - 2014-08-30 22:22 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-27 02:46 - 2014-08-06 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\diclovit's mod pack
2015-01-15 17:31 - 2014-08-02 23:57 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 17:29 - 2014-08-02 23:57 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-15 17:26 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-14 22:34 - 2014-08-30 21:54 - 00000000 ____D () C:\Users\Nuclear\AppData\Local\Akamai
2015-01-13 22:19 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-12 16:50 - 2014-08-02 23:29 - 00072912 _____ () C:\Users\Nuclear\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-12 16:50 - 2009-07-14 05:45 - 00331704 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-11 23:02 - 2014-08-17 23:25 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-08 22:58 - 2014-10-31 11:03 - 00000000 ____D () C:\Users\Nuclear\Desktop\Neuer Ordner
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-03 02:38
==================== End Of Log ============================ --- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
Ran by Nuclear at 2015-02-07 15:22:53
Running from C:\Users\Nuclear\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\uTorrent) (Version: 3.4.2.38397 - BitTorrent Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
ASRock OC Tuner v2.4.9 (HKLM-x32\...\ASRock OC Tuner_is1) (Version: - )
AuraKingdom-DE (HKLM-x32\...\AuraKingdom-DE) (Version: - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlefield™ Hardline-Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BlackShot Á¦°Å (HKLM-x32\...\BlackShot) (Version: - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
diclovit's mod pack 9.5.2 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.5.2 - diclovit)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hazard Ops (HKLM-x32\...\Steam App 319150) (Version: - Yingpei Games)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
KMSpico 3.1 (HKLM\...\KMSpico v3.1_is1) (Version: 3.1 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
Need for Speed™ Most Wanted (HKLM-x32\...\{ADE91A13-434D-4229-00BC-182BAD607303}) (Version: - )
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.12.2807 - Electronic Arts, Inc.)
PDF Editor 64bit 4 (HKLM\...\PDF Editor 64bit 4) (Version: - )
PDF24 Creator 6.8.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
SecurityUtility (HKLM-x32\...\SecurityUtility) (Version: 1.0.0.1949 - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Evil Within (HKLM-x32\...\VGhlRXZpbFdpdGhpbg==_is1) (Version: 1 - )
winengine (HKU\S-1-5-21-3236316847-1076086714-31016914-1000\...\winengine) (Version: 20.020 - Ad business Crown Solutions)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3236316847-1076086714-31016914-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Nuclear\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3236316847-1076086714-31016914-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Nuclear\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3236316847-1076086714-31016914-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Nuclear\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3236316847-1076086714-31016914-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Nuclear\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3236316847-1076086714-31016914-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Nuclear\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-02-05 17:05 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05561F5F-D953-423A-A22E-0570C77FF3E9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {0F5B36A1-1346-43D5-8F90-7F34D509341A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {6DA12E27-336C-4C8A-859A-D8F43A80BC3E} - System32\Tasks\KMS Activation => C:\Program Files\KMSpico\RandomFile.exe [2013-02-20] ()
Task: {BD30258D-476C-4496-B872-E521A79E6900} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: {BE15544F-8E8D-4CF4-A0BF-B3AA3AD3E9DC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {D15399E8-3AD0-45DC-8C1F-21AF94E2F351} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-08-03 00:16 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-18 13:02 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-08-03 18:42 - 2015-02-03 01:04 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-28 10:14 - 2014-02-28 10:14 - 00173568 _____ () D:\Übersicht\Programme\quazip.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 01080832 _____ () D:\Übersicht\Programme\platforms\qwindows.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00833024 _____ () D:\Übersicht\Programme\sqldrivers\qsqlite.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00233984 _____ () D:\Übersicht\Programme\imageformats\qjpeg.dll
2014-06-20 08:48 - 2014-08-06 19:47 - 00102344 _____ () D:\Übersicht\Programme\soundbackends\directsound_win64.dll
2014-06-20 08:49 - 2014-08-06 19:47 - 00108488 _____ () D:\Übersicht\Programme\soundbackends\windowsaudiosession_win64.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00030208 _____ () D:\Übersicht\Programme\imageformats\qgif.dll
2014-06-26 07:38 - 2014-08-06 19:47 - 00563656 _____ () D:\Übersicht\Programme\plugins\clientquery_plugin.dll
2014-07-14 09:22 - 2014-08-06 19:47 - 00579016 _____ () D:\Übersicht\Programme\plugins\teamspeak_control_plugin.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00159232 _____ () D:\Übersicht\Programme\accessible\qtaccessiblewidgets.dll
2014-08-03 00:06 - 2015-01-27 11:53 - 01007104 _____ () D:\Übersicht\Programme\Origin\platforms\qwindows.dll
2014-08-03 00:06 - 2015-01-27 11:53 - 00023552 _____ () D:\Übersicht\Programme\Origin\imageformats\qgif.dll
2014-08-03 00:06 - 2015-01-27 11:53 - 00024576 _____ () D:\Übersicht\Programme\Origin\imageformats\qico.dll
2014-08-03 00:06 - 2015-01-27 11:53 - 00216576 _____ () D:\Übersicht\Programme\Origin\imageformats\qjpeg.dll
2014-08-03 00:06 - 2015-01-27 11:53 - 00261120 _____ () D:\Übersicht\Programme\Origin\imageformats\qmng.dll
2014-08-03 00:06 - 2015-01-27 11:53 - 00019456 _____ () D:\Übersicht\Programme\Origin\imageformats\qtga.dll
2014-08-03 00:06 - 2015-01-27 11:53 - 00337408 _____ () D:\Übersicht\Programme\Origin\imageformats\qtiff.dll
2014-08-03 00:06 - 2015-01-27 11:53 - 00018944 _____ () D:\Übersicht\Programme\Origin\imageformats\qwbmp.dll
2015-02-05 20:37 - 2015-02-04 10:02 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-05 20:37 - 2015-02-04 10:02 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-05 20:37 - 2015-02-04 10:02 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3236316847-1076086714-31016914-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Nuclear\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Nuclear\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Übersicht\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: PDFPrint => D:\Übersicht\Programme\PDF24\pdf24.exe
==================== Accounts: =============================
Administrator (S-1-5-21-3236316847-1076086714-31016914-500 - Administrator - Disabled)
Gast (S-1-5-21-3236316847-1076086714-31016914-501 - Limited - Disabled)
Nuclear (S-1-5-21-3236316847-1076086714-31016914-1000 - Administrator - Enabled) => C:\Users\Nuclear
==================== Faulty Device Manager Devices =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Marvell 91xx Config ATA Device
Description: Marvell 91xx Config ATA Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2015 10:47:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm EvilWithin.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: dd8
Startzeit: 01d042566c308051
Endzeit: 45
Anwendungspfad: D:\Übersicht\Spiele\rld-thevwi\The Evil Within\EvilWithin.exe
Berichts-ID: aeabcbf1-ae49-11e4-b31d-0025226b1f74
Error: (02/06/2015 10:17:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/06/2015 08:34:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (02/06/2015 06:21:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/06/2015 06:21:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/06/2015 05:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/06/2015 05:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/06/2015 05:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/06/2015 05:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/06/2015 05:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (02/07/2015 11:45:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SecurityUtility Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (02/06/2015 11:04:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (02/06/2015 08:15:08 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Microsoft Office Sessions:
=========================
Error: (02/06/2015 10:47:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: EvilWithin.exe1.0.0.0dd801d042566c30805145D:\Übersicht\Spiele\rld-thevwi\The Evil Within\EvilWithin.exeaeabcbf1-ae49-11e4-b31d-0025226b1f74
Error: (02/06/2015 10:17:19 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Übersicht\Programme\esetsmartinstaller_deu.exe
Error: (02/06/2015 08:34:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (02/06/2015 06:21:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"D:\Übersicht\Programme\MSI Afterburner\MSIAfterburner.exe
Error: (02/06/2015 06:21:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"D:\Übersicht\Programme\MSI Afterburner\MSIAfterburner.exe
Error: (02/06/2015 05:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"d:\Übersicht\programme\rivatuner statistics server\RTSSHooksLoader64.exe
Error: (02/06/2015 05:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"d:\Übersicht\programme\rivatuner statistics server\RTSSHooksLoader.exe
Error: (02/06/2015 05:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"d:\Übersicht\programme\rivatuner statistics server\RTSS.exe
Error: (02/06/2015 05:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"d:\Übersicht\programme\rivatuner statistics server\EncoderServer64.exe
Error: (02/06/2015 05:22:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"d:\Übersicht\programme\rivatuner statistics server\EncoderServer.exe
CodeIntegrity Errors:
===================================
Date: 2015-02-05 17:04:53.725
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-05 17:04:53.688
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU 950 @ 3.07GHz
Percentage of memory in use: 21%
Total physical RAM: 12286.15 MB
Available physical RAM: 9641.79 MB
Total Pagefile: 24870.48 MB
Available Pagefile: 22228.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:55.8 GB) (Free:10.12 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:651.88 GB) NTFS
Drive g: (NFSMW) (CDROM) (Total:2.13 GB) (Free:0 GB) UDF
Drive h: (BBQ) (Removable) (Total:1.86 GB) (Free:1.83 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 60275C42)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 55.9 GB) (Disk ID: A2450932)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=55.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0C)
==================== End Of Log ============================ |