| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Angeblich nymaim Trojaner eingefangenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
21.02.2015, 23:41
| #1 |
 |  Angeblich nymaim Trojaner eingefangen Hallo zusammen. Also ich hatte vor zwei Tagen einen Betrugsversuch beim Online-Banking. Mein Online-Banking wurde jetzt erst mal gesperrt und die Bank ist dem Betrug nachgegangen und schrieb mir, dass ich wohl einen nymaim Trojaner auf meinem PC habe. Ich habe derzeit kein Viren Programm laufen. Den PC habe ich mal mit Spybot checken lassen, der auch was gefunden und gelöscht hat, aber ich denke das war nicht der Trojaner. Beim Neustart des Systems bekomme ich Fehlermeldungen von irgendwelchen Harddrives die er nicht finden kann, wie z.B. DRM1 bis DRM5 oder so ähnlich. Und ein Fenster öffnet sich mit: SQL Server-Clientkonfigurationsprogramm Doch bevor ich jetzt noch mehr Schaden anrichte, als wohl eh schon besteht, dachte ich, ich frag mal freundlich hier nach Hilfe und Rat. Gruß Marcel Edit: Oh. ich war wohl etwas zu schnell mit posten. Ich gehe grade eure Checkliste durch und werde den Post hier aktuallisieren. Sry! Ich wollte den Beitrag oben bearbeiten, aber scheinbar geht das gar nicht? Ok hier die Log-Files: FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Wallace (administrator) on DRAGON64 on 21-02-2015 22:48:02
Running from C:\Users\Wallace\Desktop
Loaded Profiles: Wallace (Available profiles: Wallace)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\attrib.exe
(Dropbox, Inc.) C:\Users\Wallace\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Ideazon, Inc.) C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
(Microsoft Corporation) C:\Windows\SysWOW64\systeminfo.exe
(Microsoft Corporation) C:\Windows\SysWOW64\sort.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\at.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\steamerrorreporter.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [uninterruptible_power] => C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\HTMLHarness\hb_led\hb_led\biomimetic.exe [380928 2014-10-26] ()
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Zboard] => C:\Program Files (x86)\Ideazon\ZEngine\Zboard.exe [182784 2011-02-22] (Ideazon, Inc.)
HKLM-x32\...\Run: [BF2Hub Client] => C:\Program Files (x86)\BF2Hub Client\bf2hub.exe [1521664 2014-07-17] (BF2Hub Systems)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-01-30] (Raptr, Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Wallace\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-01-28] (Electronic Arts)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [openinglimited] => C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe [125440 2015-02-16] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [pace-egg] => C:\Users\Wallace\AppData\Roaming\Pace-worried\paceoccasion.exe [79360 2015-02-16] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [jlaszwpn] => C:\Users\Wallace\AppData\Local\Temp\Kwqee\bhprplozwpn.exe [175616 2015-02-21] () <===== ATTENTION
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [matter-visit] => C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe [206336 2015-02-21] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [string-weekend] => C:\Users\Wallace\AppData\Local\Temp\Stringfirm\stringstuff.exe [77824 2015-02-14] () <===== ATTENTION
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [proof-reflect] => C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe [156160 2015-02-14] () <===== ATTENTION
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [uninterruptible_power] => C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\HTMLHarness\hb_led\hb_led\femto_base_station.exe [380928 2012-07-12] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [hat-date] => C:\Users\Wallace\AppData\Roaming\Hatinvite\hat_retire.exe [77312 2015-02-15] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [contest-compare] => C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe [71680 2015-02-21] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\RunOnce: [proof-reflect] => C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe [156160 2015-02-14] () <===== ATTENTION
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\RunOnce: [contest-compare] => C:\Users\Wallace\AppData\Roaming\Contest_team\contest_interview.exe [71680 2015-02-21] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\RunOnce: [openinglimited] => C:\Users\Wallace\AppData\Roaming\Opening-speed\opening_pause.exe [125440 2015-02-16] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\RunOnce: [matter-visit] => C:\Users\Wallace\AppData\Roaming\Matter-suffer\matter_slide.exe [206336 2015-02-21] ()
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\MountPoints2: J - J:\pushinst.exe
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\MountPoints2: {30bf2fec-3347-11e4-bcb7-806e6f6e6963} - J:\pushinst.exe
Startup: C:\Users\Wallace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
SearchScopes: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default
FF Homepage: https://www.google.de/
FF NetworkProxy: "ftp", "182.239.95.137"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "http", "182.239.95.137"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "182.239.95.137"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "182.239.95.137"
FF NetworkProxy: "ssl_port", 80
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3810334735-2351705608-1866539249-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Wallace\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default\user.js
FF SearchPlugin: C:\Users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default\searchplugins\trovi-search.xml
FF Extension: Stealthy - C:\Users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default\Extensions\stealthyextension@gmail.com.xpi [2013-12-15]
FF Extension: Adblock Plus - C:\Users\Wallace\AppData\Roaming\Mozilla\Firefox\Profiles\9r3ecmn6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-15]
Chrome:
=======
CHR Profile: C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-02]
CHR Extension: (Docs) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-02]
CHR Extension: (Google Drive) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-02]
CHR Extension: (YouTube) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-02]
CHR Extension: (Google Search) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-02]
CHR Extension: (Google Sheets) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-02]
CHR Extension: (Google Wallet) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-02]
CHR Extension: (Gmail) - C:\Users\Wallace\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-02]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AsSysCtrlService; C:\ProgramData\ASUS\AsSysCtrlService\2.00.00\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
S2 brayton_cycle; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\a_weighting.exe [203776 2015-01-08] (Company 'gora-sah') [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 leaded_chip_carrier; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\current_sensor.exe [214016 2012-09-27] (Company 'gora-sah') [File not signed]
S2 long_term_evolution; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\vacuum.exe [204288 2013-06-15] (Company 'gora-sah') [File not signed]
S2 optical_network_terminator; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\linear.exe [214016 2014-07-19] (Company 'gora-sah') [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-28] (Electronic Arts)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [96184 2013-12-09] (Overwolf)
R2 OxygenAudioDevMon; C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe [1632776 2010-03-04] (M-Audio)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-10-02] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-04] ()
S2 preemphasis; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\toughness.exe [217600 2015-01-22] (Company 'gora-sah') [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 statistical_quality; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\pressure_pot_test.exe [212480 2014-01-08] (Company 'gora-sah') [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 thermal_shutdown; C:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\infrared_data_association.exe [217600 2012-04-06] (Company 'gora-sah') [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
R3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 camfilt2; C:\Windows\System32\DRIVERS\camfilt2.sys [139264 2007-08-29] (Guillemot Corporation)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 MADFULEGACYKEYBOARD; C:\Windows\System32\DRIVERS\MAudioLegacyKeyboard_DFU.sys [28680 2010-02-09] (M-Audio)
S3 MAUSBLEGACYKEYBOARD; C:\Windows\System32\DRIVERS\MAudioLegacyKeyboard.sys [196616 2010-02-09] (M-Audio)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
S3 OM0530; C:\Windows\System32\Drivers\ov530vx.sys [172928 2007-07-13] (OmniVision Technology Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-12-28] (Duplex Secure Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206080 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 22:48 - 2015-02-21 22:48 - 00026575 _____ () C:\Users\Wallace\Desktop\FRST.txt
2015-02-21 22:40 - 2015-02-21 22:40 - 00275848 _____ () C:\Windows\Minidump\022115-22308-01.dmp
2015-02-21 22:31 - 2015-02-21 22:31 - 00380416 _____ () C:\Users\Wallace\Desktop\Gmer-19357.exe
2015-02-21 22:25 - 2015-02-21 22:25 - 00048966 _____ () C:\Users\Wallace\Downloads\Addition.txt
2015-02-21 22:24 - 2015-02-21 22:48 - 00000000 ____D () C:\FRST
2015-02-21 22:24 - 2015-02-21 22:25 - 00051743 _____ () C:\Users\Wallace\Downloads\FRST.txt
2015-02-21 22:24 - 2015-02-21 22:24 - 02086912 _____ (Farbar) C:\Users\Wallace\Desktop\FRST64.exe
2015-02-21 22:07 - 2015-02-21 22:07 - 00000656 _____ () C:\Users\Wallace\Downloads\defogger_disable.log
2015-02-21 22:07 - 2015-02-21 22:07 - 00000188 _____ () C:\Users\Wallace\defogger_reenable
2015-02-21 22:06 - 2015-02-21 22:06 - 00050477 _____ () C:\Users\Wallace\Desktop\Defogger.exe
2015-02-21 21:40 - 2015-02-21 21:40 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Contest_team
2015-02-21 00:38 - 2015-02-21 00:38 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Matter-suffer
2015-02-20 11:14 - 2015-02-20 11:14 - 76322741 _____ () C:\Users\Wallace\Downloads\joux_plane141.zip
2015-02-20 10:19 - 2015-02-20 10:19 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-02-20 10:18 - 2015-02-20 10:51 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-02-20 10:18 - 2015-02-20 10:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-02-20 10:18 - 2015-02-20 10:18 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-02-20 10:18 - 2015-02-20 10:18 - 00001383 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-02-20 10:18 - 2015-02-20 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-02-20 10:18 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-02-20 10:17 - 2015-02-20 10:17 - 01203488 _____ () C:\Users\Wallace\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2015-02-20 10:16 - 2015-02-20 10:16 - 00000000 ____D () C:\Users\Wallace\AppData\Local\Steam
2015-02-18 07:54 - 2015-02-20 11:53 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Gpwzdqjjza
2015-02-16 20:01 - 2015-02-16 20:03 - 00000000 ____D () C:\Users\Wallace\Downloads\Fury.Herz.aus.Stahl
2015-02-16 18:48 - 2015-02-18 07:54 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Knkwzygm
2015-02-16 18:20 - 2015-02-16 18:20 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Pace-worried
2015-02-16 00:30 - 2015-02-16 00:30 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Opening-speed
2015-02-16 00:06 - 2015-02-16 00:06 - 13013970 _____ () C:\Users\Wallace\Downloads\blue_falcon v0.3.rar
2015-02-15 23:17 - 2015-02-15 23:20 - 107431599 _____ () C:\Users\Wallace\Downloads\fmodstudio10512win-installer.exe
2015-02-15 22:54 - 2015-02-15 22:55 - 26519355 _____ () C:\Users\Wallace\Downloads\speed8fixed.7z
2015-02-15 22:27 - 2015-02-15 22:31 - 167158099 _____ () C:\Users\Wallace\Downloads\SeatLeonEuroCup2014_AC_v12.zip
2015-02-15 22:25 - 2015-02-15 22:25 - 45068098 _____ () C:\Users\Wallace\Downloads\ac soundplaceholder.rar
2015-02-15 22:00 - 2015-02-15 22:00 - 75531201 _____ () C:\Users\Wallace\Downloads\broadspeedjaguar_v031.zip
2015-02-15 21:58 - 2015-02-15 22:00 - 19280556 _____ () C:\Users\Wallace\Downloads\AlfaRomeoTZ2_beta0.9.rar
2015-02-15 21:54 - 2015-02-15 21:54 - 24511863 _____ () C:\Users\Wallace\Downloads\speed8.rar
2015-02-15 21:51 - 2015-02-15 21:51 - 36840474 _____ () C:\Users\Wallace\Downloads\renault5_turbo V0.1.rar
2015-02-15 13:06 - 2015-02-15 13:06 - 00000000 ___HD () C:\Users\Wallace\AppData\Roaming\Hatinvite
2015-02-14 17:23 - 2015-02-16 18:48 - 00000000 ___HD () C:\Users\Wallace\AppData\Local\Hvxphis
2015-02-14 15:42 - 2015-02-14 15:44 - 126696140 _____ () C:\Users\Wallace\Downloads\BIMOMUAUDEUN4_MP.rar
2015-02-14 15:35 - 2015-02-14 15:37 - 156267359 _____ () C:\Users\Wallace\Downloads\BIMOMUAUDEUN4BOCD_MP.rar
2015-02-13 20:09 - 2015-02-13 20:12 - 00000000 ____D () C:\Users\Wallace\Downloads\i.roo.201drei.GE.BDR-W
2015-02-13 19:55 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-13 19:55 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 19:55 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-13 19:55 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 15:45 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 15:45 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 15:45 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 15:45 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 15:45 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 15:45 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 15:45 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 15:45 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 15:45 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 15:45 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 15:45 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 15:45 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 15:45 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 15:45 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 15:45 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 15:45 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 15:45 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 15:45 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 15:45 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 15:45 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 15:45 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 15:45 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 15:45 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 15:45 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 15:45 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 15:45 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 15:45 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 15:45 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 15:45 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 15:45 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 15:45 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 15:45 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 15:45 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 15:45 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 15:45 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 15:45 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 15:45 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 15:45 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 15:45 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 15:45 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 15:45 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 15:45 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 15:45 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 15:45 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 15:45 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 15:45 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 15:45 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 15:45 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 15:45 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 15:45 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 15:45 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 15:45 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 19:57 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 19:57 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 19:57 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 19:57 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 19:57 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 19:57 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 19:56 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 19:56 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 19:56 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 19:56 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 19:56 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 19:56 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 19:56 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 19:56 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 19:56 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 19:56 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 19:56 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 19:56 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 19:56 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 19:56 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 19:56 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 19:56 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 19:56 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 19:56 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 19:56 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 19:56 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 19:56 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 19:56 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 19:56 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 19:56 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 19:56 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 19:56 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 19:56 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 19:56 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 19:55 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 19:55 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 19:55 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 19:55 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 19:55 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 19:55 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 19:55 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 19:55 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 19:55 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 19:54 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 18:49 - 2015-02-11 19:42 - 00000000 ____D () C:\Users\Wallace\Downloads\Metro_Last_Light_Redux-FLT
2015-02-11 18:13 - 2015-02-21 22:10 - 00000000 ____D () C:\ProgramData\rnx
2015-02-11 16:07 - 2015-02-15 20:38 - 00055396 _____ (BitTorrent Inc.) C:\Users\Wallace\AppData\Roaming\QmVucXSdon.exe
2015-02-11 15:59 - 2015-02-11 16:10 - 00001003 _____ () C:\Users\Wallace\Desktop\Neues Textdokument.txt
2015-02-04 18:06 - 2015-02-04 18:08 - 00000000 ____D () C:\Users\Wallace\Documents\BFH Beta 2
2015-01-28 16:57 - 2015-01-28 16:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 22:48 - 2013-12-15 13:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-21 22:47 - 2013-12-15 13:15 - 00000000 ____D () C:\ProgramData\Origin
2015-02-21 22:47 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 22:47 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 22:45 - 2013-12-15 02:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 22:43 - 2014-07-06 13:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-21 22:42 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-21 22:42 - 2009-07-14 05:51 - 00083322 _____ () C:\Windows\setupact.log
2015-02-21 22:40 - 2013-12-15 11:36 - 680203791 _____ () C:\Windows\MEMORY.DMP
2015-02-21 22:40 - 2013-12-15 11:36 - 00000000 ____D () C:\Windows\Minidump
2015-02-21 22:33 - 2013-12-15 03:32 - 01765433 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 22:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-21 22:31 - 2014-07-06 13:09 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 22:22 - 2014-01-07 21:15 - 00000000 ___RD () C:\Users\Wallace\Dropbox
2015-02-21 22:21 - 2014-01-07 21:14 - 00000000 ____D () C:\Users\Wallace\AppData\Roaming\Dropbox
2015-02-21 22:13 - 2014-09-04 20:00 - 00000000 ____D () C:\Users\Wallace\AppData\Roaming\Raptr
2015-02-21 22:10 - 2013-12-15 13:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-21 22:10 - 2013-12-15 12:23 - 00000000 ____D () C:\Users\Wallace\AppData\Roaming\newnext.me
2015-02-21 22:09 - 2013-12-27 15:36 - 00000000 ____D () C:\Users\Wallace\AppData\Local\TSVNCache
2015-02-21 22:07 - 2013-12-15 03:32 - 00000000 ____D () C:\Users\Wallace
2015-02-16 20:03 - 2014-01-22 17:56 - 00000000 ____D () C:\Users\Wallace\AppData\Roaming\vlc
2015-02-16 19:50 - 2011-04-12 08:43 - 00710404 _____ () C:\Windows\system32\perfh007.dat
2015-02-16 19:50 - 2011-04-12 08:43 - 00154734 _____ () C:\Windows\system32\perfc007.dat
2015-02-16 19:50 - 2009-07-14 06:13 - 01651334 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-15 12:59 - 2013-12-15 13:17 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-02-15 12:59 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-15 12:54 - 2010-11-21 04:47 - 00256542 _____ () C:\Windows\PFRO.log
2015-02-14 19:51 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-14 17:18 - 2014-02-07 13:21 - 00003922 _____ () C:\Windows\System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm
2015-02-12 15:43 - 2014-01-07 21:14 - 00000000 ____D () C:\Users\Wallace\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 15:36 - 2009-07-14 05:45 - 04970104 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 15:33 - 2014-12-11 15:46 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 15:33 - 2014-09-03 19:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 20:04 - 2013-12-15 01:27 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 20:00 - 2013-12-15 01:27 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-07 19:26 - 2014-07-06 13:09 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 19:26 - 2014-07-06 13:09 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-07 13:00 - 2013-12-15 11:13 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-07 10:45 - 2013-12-15 02:02 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-07 10:45 - 2013-12-15 02:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-07 10:45 - 2013-12-15 02:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-04 19:44 - 2013-12-15 21:30 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-04 18:08 - 2013-12-27 02:10 - 00000000 ____D () C:\Users\Wallace\AppData\Local\PunkBuster
2015-02-04 18:08 - 2013-12-15 21:30 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-04 17:42 - 2013-12-15 21:30 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-04 17:41 - 2013-12-15 11:10 - 00588174 _____ () C:\Windows\DirectX.log
2015-02-01 11:02 - 2014-09-04 20:00 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-01-29 15:03 - 2013-12-15 01:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
==================== Files in the root of some directories =======
2014-02-12 20:22 - 2014-02-12 20:22 - 0002499 _____ () C:\Program Files (x86)\unins000.dat
2014-02-12 20:22 - 2014-02-12 20:22 - 0682266 _____ () C:\Program Files (x86)\unins000.exe
2015-02-11 04:36 - 2015-02-11 04:36 - 0039936 _____ () C:\Users\Wallace\AppData\Roaming\12 Bracelets Passed To Spanish Hands.mp3
2014-01-07 18:17 - 2014-01-07 18:17 - 0000132 _____ () C:\Users\Wallace\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2013-12-28 10:50 - 2014-11-12 09:56 - 0000132 _____ () C:\Users\Wallace\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-02-11 16:07 - 2015-02-15 20:38 - 0055396 _____ (BitTorrent Inc.) C:\Users\Wallace\AppData\Roaming\QmVucXSdon.exe
2014-07-11 14:46 - 2014-07-11 14:46 - 0000091 _____ () C:\Users\Wallace\AppData\Roaming\sversion.ini
2014-01-10 20:35 - 2014-04-11 02:10 - 0001456 _____ () C:\Users\Wallace\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2013-12-29 12:55 - 2013-12-29 12:55 - 0000095 _____ () C:\Users\Wallace\AppData\Local\fusioncache.dat
Files to move or delete:
====================
C:\Users\Wallace\AppData\Local\Temp\Kwqee\bhprplozwpn.exe
C:\Users\Wallace\AppData\Local\Temp\Stringfirm\stringstuff.exe
C:\Users\Wallace\AppData\Local\Temp\Proof-shock\proof-switch.exe
Some content of TEMP:
====================
C:\Users\Wallace\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe4wgt6.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-13 20:46
==================== End Of Log ============================
--- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-02-2015
Ran by Wallace at 2015-02-21 22:48:56
Running from C:\Users\Wallace\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\uTorrent) (Version: 3.4.1.30740 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
AGEIA GAME System Software (HKLM-x32\...\{DEDF2885-0086-4534-9912-F9B97377ED07}) (Version: 2.7.3 - AGEIA Technologies)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 2.00.02 - )
Ancient Weapon Sounds (HKLM-x32\...\{E00A5837-482C-4DCE-B4CC-D16B343374E1}) (Version: 2.1.1 - Screaming Bee)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version: - Kunos Simulazioni)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: - )
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - )
Battlefield 2142 Deluxe Edition (HKLM-x32\...\{ED50ECE9-EC54-4C05-B5ED-EE4741A9F2EC}) (Version: 1.5.1.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
BF2Hub Client (HKLM-x32\...\bf2hub) (Version: - BF2Hub Systems)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
CorelDRAW Graphics Suite X3 (HKLM-x32\...\{63218538-4A69-497F-8455-904261B0E9E4}) (Version: 13.0 - Corel Corporation)
Creatures of Darkness (HKLM-x32\...\{573F9269-A022-4C6F-97BD-CF1316A76369}) (Version: 3.3.1 - Screaming Bee)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DCS World (HKLM\...\DCS World_is1) (Version: 1.2.7.23803 - )
DCS World (HKLM-x32\...\Steam App 223750) (Version: - Eagle Dynamics)
DE (x32 Version: 13.0 - Corel Corporation) Hidden
Deckadance 2 (HKLM-x32\...\Deckadance 2) (Version: 2.0 - Image-Line)
Deep Space Voices (HKLM-x32\...\{67CEC218-B250-4B4C-B23F-A597EC8DB153}) (Version: 3.3.1 - Screaming Bee)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version: - )
Dropbox (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Drumaxx (HKLM-x32\...\Drumaxx) (Version: - Image-Line)
DX10 (HKLM-x32\...\DX10) (Version: - Image-Line)
Edison (HKLM-x32\...\Edison) (Version: - Image-Line)
EPU-4 Engine (HKLM-x32\...\{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}) (Version: 1.03.03 - )
Fantasy Voice Pack (HKLM-x32\...\{5F4C3E1F-87FC-41BD-B219-E4156BBD8AE5}) (Version: 1.3.2 - Screaming Bee)
Far Cry 4 Gold Edition MULTi2 1.0 (HKLM-x32\...\Far Cry 4 Gold Edition MULTi2 1.0) (Version: - )
Far Cry 4 Gold Edition Update 1 MULTi2 1.3.0 (HKLM-x32\...\Far Cry 4 Gold Edition Update 1 MULTi2 1.3.0) (Version: - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Firebird v2.0 (HKLM-x32\...\Tone2 Firebird_is1) (Version: - Tone2)
First Strike BF2142 Mod Launcher 1.6.6.0 (HKLM-x32\...\First Strike BF2142 Mod Launcher) (Version: 1.6.6.0 - First Strike Development Team)
First Strike Mod (HKLM-x32\...\First Strike Mod) (Version: - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
FontNav (x32 Version: 5.0 - Corel Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FreeTrack v2.2.0.279 (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\FreeTrack v2.2.0.279) (Version: - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GRID (HKLM-x32\...\Steam App 12750) (Version: - Codemasters Studios)
Groove Machine (HKLM-x32\...\Groove Machine) (Version: - Image-Line)
GT Legends (HKLM-x32\...\GT Legends_is1) (Version: - SimBin)
GT Power Expansion (HKLM-x32\...\Steam App 44650) (Version: - SimBin)
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version: - SimBin)
Hardcore (HKLM-x32\...\Hardcore) (Version: - Image-Line bvba)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL DrumSynth Live (HKLM-x32\...\IL DrumSynth Live) (Version: - Image-Line)
IL Gross Beat (HKLM-x32\...\IL Gross Beat) (Version: - Image-Line)
IL Harmless (HKLM-x32\...\IL Harmless) (Version: - Image-Line)
IL Harmor (HKLM-x32\...\IL Harmor) (Version: - Image-Line)
IL Juice Pack (HKLM-x32\...\IL Juice Pack) (Version: - Image-Line)
IL MiniHost (HKLM-x32\...\IL MiniHost) (Version: - Image-Line)
IL Ogun (HKLM-x32\...\IL Ogun) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
IL Slicex (HKLM-x32\...\IL Slicex) (Version: - Image-Line)
IL Vocodex (HKLM-x32\...\IL Vocodex) (Version: - Image-Line)
Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{5D9EB565-39CB-4C8E-BF3B-CB8880A61404}) (Version: 12.1.258 - Intel Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LEGO Meine Welt - Fortgeschrittene (HKLM-x32\...\{E57FEDB3-37BD-11D4-9532-005004039EB0}) (Version: - )
Lock On: Air Combat Simulation (HKLM-x32\...\{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}) (Version: 1.00.000 - )
M-Audio Legacy Keyboard Driver 5.0.0 (x64) (HKLM\...\{2CA9F96F-AFFC-4D41-B781-47EBD2378DB8}) (Version: 5.0.0 - M-Audio)
M-Audio Oxygen Driver 1.2.1 (x64) (HKLM\...\{6F0B8408-835B-4A55-A429-EB899AD68467}) (Version: 1.2.1 - M-Audio)
Maximus (HKLM-x32\...\Maximus) (Version: - Image-Line)
Medal of Honor™ Warfighter (HKLM-x32\...\{1040143F-FEFB-4B90-8E51-E47D40E14C4E}) (Version: 1.0.0.3 - Electronic Arts)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Morphine (HKLM-x32\...\Morphine) (Version: - Image-Line bvba)
MorphVOX Pro (HKLM-x32\...\{2D7CF073-6583-464A-84D4-F86DE59DCA42}) (Version: 4.4.8 - Screaming Bee)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\MyFreeCodec) (Version: - )
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version: - Criterion Games)
Nullsoft Install System (HKLM-x32\...\NSIS) (Version: 2.46 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 1.1.5 (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\OpenOffice.org 1.1.5) (Version: 1.1.5 - Sun Microsystems, Inc. for the OpenOffice.org-Community)
Operation Peacekeeper - Core (HKLM-x32\...\Operation Peacekeeper - Core) (Version: 0.3 - OPK Mod Team)
Operation Peacekeeper - Levels (HKLM-x32\...\Operation Peacekeeper - Levels) (Version: 0.3 - OPK Mod Team)
OPK-Mod - Core (HKLM-x32\...\OPK-Mod - Core) (Version: 0.4 - OPK Mod Team)
OPK-Mod - Levels (HKLM-x32\...\Operation Peacekeeper) (Version: 0.4 - OPK Mod Team)
Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{030F4BB3-F3C3-4A74-905C-44672D1ECB76}) (Version: 0.47.284 - Overwolf)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PlanetSide 2 (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\soe-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PoiZone (HKLM-x32\...\PoiZone) (Version: - Image-Line)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
RACE 07 - Formula RaceRoom Add-On (HKLM-x32\...\Steam App 44630) (Version: - )
RACE 07 (HKLM-x32\...\Steam App 8600) (Version: - SimBin)
RACE 07: Andy Priaulx Crowne Plaza Raceway (HKLM-x32\...\Steam App 8650) (Version: - SimBin)
RaceRoom Racing Experience (HKLM-x32\...\Steam App 211500) (Version: - SimBin Studios AB)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - SimBin)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
reFX Slayer Demo 2.6.0 (HKLM-x32\...\reFX Slayer Demo 2.6.0_is1) (Version: - )
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
Sakura (HKLM-x32\...\Sakura) (Version: - Image-Line)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Sawer (HKLM-x32\...\Sawer) (Version: - Image-Line)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimSynth (HKLM-x32\...\SimSynth) (Version: - Image-Line)
Sniper Elite V2 Version v1.0 (HKLM-x32\...\{E8CE0E34-8308-4146-BDB9-B5A9FB5536F1}_is1) (Version: v1.0 - Rebellion, Inc.)
Sound Forge Pro 10.0 (HKLM-x32\...\{3F9170C9-A7C2-408F-A4D8-EC77250040BF}) (Version: 10.0.368 - Sony)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
STCC II (HKLM-x32\...\Steam App 44620) (Version: - SimBin)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Sytrus (HKLM-x32\...\Sytrus) (Version: - Image-Line)
TDU2 Unpacked (HKLM-x32\...\TDU2 Unpacker GUI) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version: - Atari)
The WTCC 2010 Pack (HKLM-x32\...\Steam App 44670) (Version: - SimBin)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 2.FFD.2009 - Thrustmaster)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.9.6 - Electronic Arts)
TortoiseSVN 1.8.2.24708 (64 bit) (HKLM\...\{D0DC3918-460D-4229-811E-41F22D0CD7E9}) (Version: 1.8.24708 - TortoiseSVN)
Toxic Biohazard (HKLM-x32\...\Toxic Biohazard) (Version: - Image-Line bvba)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Unity Web Player (HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VBA (x32 Version: 6.2 - Corel Corporation) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
War Thunder Launcher 1.0.1.444 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Wasp (HKLM-x32\...\Wasp) (Version: - Image-Line)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0) (HKLM\...\422991454CB076E9B856C21BBF99AF2B82317EDA) (Version: 03/06/2009 1.0.0008.0 - Western Digital Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Z Engine (HKLM-x32\...\{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}) (Version: 2.5.0.30_NA - Ideazon)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3810334735-2351705608-1866539249-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Wallace\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
14-02-2015 19:51:24 Geplanter Prüfpunkt
18-02-2015 07:05:46 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-09-05 13:50 - 00002573 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 hxxp://www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 activate.adobe.com:443
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
There are 15 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {147D6D4C-AD38-47EA-9112-170087DF92F4} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\ProgramData\ASUS\AASP\1.02.00\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {1D1CCF39-ECF0-4186-A255-D86AD2448948} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11] (Macrovision Corporation)
Task: {1E129DBB-A2EB-4CC9-A0E4-BF1D64ACEAE1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {2022DB2F-FFB8-4BF9-B864-BD8046E47BC0} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {274BF49F-D26B-4B81-BB05-0CEF3031AAC3} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2D593611-20C4-43EE-A568-B98CAA86E48F} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe [2012-01-03] (ASUSTek Computer Inc.)
Task: {33384DA3-978F-4C19-ABAC-E529BBF7A8CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {4913FD79-08D9-4DC9-9000-743B8FA8C8B6} - System32\Tasks\{C8DCA755-6678-4EC3-B347-B1CA735230AF} => pcalua.exe -a O:\Downloads\Games\FreeTrack\FreeTrack_V2.2.exe -d O:\Downloads\Games\FreeTrack
Task: {4B37A0AE-E0E4-452F-AEB1-561060E7EB86} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4C891BDC-A6D5-4931-9078-D8BA1CFB5080} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {504FB8EE-393C-44C6-ACA9-2C3E24D7F4C6} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {5616B537-C26E-4E72-BF19-10BAFDD0CFA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {6EEE4A8A-637F-4513-A267-DEEC4899027B} - System32\Tasks\{A68829E3-EC93-4320-9261-01B9CBA7445B} => pcalua.exe -a P:\setup.exe -d P:\
Task: {76E1E278-A64F-4444-8BCC-A23393B8BDA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {7C78E29A-3A97-4A16-BEEE-F52D915A9E50} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {84E349EC-D5B1-46AD-930B-A1355EA8DD59} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11] (Macrovision Corporation)
Task: {94A6A6CA-DCD5-4539-AC3E-FC9992E73A14} - System32\Tasks\ASUS-Online-Aktualisierungsprogramm => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {AC316486-7A8E-402D-B12E-327F9CB57EFB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B111B94F-6841-4A82-96F4-96D27B06CCB0} - System32\Tasks\{A1EED0A6-1E91-43BB-8BB2-471802A5E0D6} => pcalua.exe -a P:\Autorun.exe -d P:\
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2013-08-27 23:00 - 2013-08-27 23:00 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-08-27 22:59 - 2013-08-27 22:59 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-12-15 21:30 - 2015-02-04 17:42 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-16 09:24 - 2014-07-16 09:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-12-15 07:27 - 2011-12-06 02:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-12-15 07:27 - 2011-12-06 02:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-11-20 21:23 - 2014-11-20 21:23 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-02-20 10:18 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-20 10:18 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-20 10:18 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-02-20 10:18 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-02-20 10:18 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-12-15 07:42 - 2009-04-29 14:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll
2013-12-15 07:42 - 2009-04-29 14:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll
2013-12-15 07:42 - 2009-04-29 14:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll
2015-02-15 12:56 - 2015-02-15 12:56 - 00112318 _____ () C:\Users\Wallace\AppData\Local\Temp\acc98a83-4789-42d6-8c8f-ba0c09eb1879\CliSecureRT.dll
2011-02-16 13:38 - 2011-02-16 13:38 - 00015872 _____ () C:\Program Files (x86)\Ideazon\ZEngine\AxWBOCXLib.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Wallace\Cookies:j5I2fMvYcQRW4Gy0Kw59ncNW
AlternateDataStreams: C:\Users\Wallace\Lokale Einstellungen:NQkYBGtyzuXGtTSA5ZzrS
AlternateDataStreams: C:\Users\Wallace\AppData\Local:NQkYBGtyzuXGtTSA5ZzrS
AlternateDataStreams: C:\Users\Wallace\AppData\Local\Anwendungsdaten:NQkYBGtyzuXGtTSA5ZzrS
AlternateDataStreams: C:\Users\Wallace\AppData\Local\Temporary Internet Files:v72rVpuAyJAEO4mb8sPPQra0
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3810334735-2351705608-1866539249-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Wallace\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3810334735-2351705608-1866539249-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3810334735-2351705608-1866539249-1006 - Limited - Enabled)
Gast (S-1-5-21-3810334735-2351705608-1866539249-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3810334735-2351705608-1866539249-1002 - Limited - Enabled)
Wallace (S-1-5-21-3810334735-2351705608-1866539249-1000 - Administrator - Enabled) => C:\Users\Wallace
==================== Faulty Device Manager Devices =============
Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/21/2015 10:45:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: infrared_data_association.exe, Version: 0.12.4.868, Zeitstempel: 0x54e4147b
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x7efde000
ID des fehlerhaften Prozesses: 0xdb8
Startzeit der fehlerhaften Anwendung: 0xinfrared_data_association.exe0
Pfad der fehlerhaften Anwendung: infrared_data_association.exe1
Pfad des fehlerhaften Moduls: infrared_data_association.exe2
Berichtskennung: infrared_data_association.exe3
Error: (02/21/2015 10:45:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/21/2015 10:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: ole32.DLL, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003aa87
ID des fehlerhaften Prozesses: 0x9dc
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Error: (02/21/2015 10:12:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/21/2015 09:40:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/20/2015 11:30:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm insurgency.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1cf0
Startzeit: 01d04d5cae176ef3
Endzeit: 244
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
Berichts-ID:
Error: (02/20/2015 11:29:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm insurgency.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1ed0
Startzeit: 01d04d59c7c14028
Endzeit: 272
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
Berichts-ID:
Error: (02/20/2015 10:39:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/20/2015 11:05:52 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm ArcaVir Tray Module wurde wegen dieses Fehlers geschlossen.
Programm: ArcaVir Tray Module
Datei:
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0
Error: (02/20/2015 11:05:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: {0000E466-20F3-974}, Version: 8.5.1.0, Zeitstempel: 0x54e6159b
Name des fehlerhaften Moduls: {0000E466-20F3-974}, Version: 8.5.1.0, Zeitstempel: 0x54e6159b
Ausnahmecode: 0xc0000096
Fehleroffset: 0x00003d3d
ID des fehlerhaften Prozesses: 0x20b8
Startzeit der fehlerhaften Anwendung: 0x{0000E466-20F3-974}0
Pfad der fehlerhaften Anwendung: {0000E466-20F3-974}1
Pfad des fehlerhaften Moduls: {0000E466-20F3-974}2
Berichtskennung: {0000E466-20F3-974}3
System errors:
=============
Error: (02/21/2015 10:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "saw_filter" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2015 10:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "non_return_to_zero" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2015 10:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "computer_aided_design" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2015 10:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "anode" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2015 10:45:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "down_converter" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/21/2015 10:43:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst inductor_based_switcher erreicht.
Error: (02/21/2015 10:42:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (02/21/2015 10:40:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AsIO
AsUpIO
discache
spldr
Wanarpv6
Error: (02/21/2015 10:40:43 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000109 (0xa3a039d89d2485bc, 0xb3b7465eefa2c08e, 0xfffff880009f45c0, 0x0000000000000002)C:\Windows\MEMORY.DMP022115-22308-01
Error: (02/21/2015 10:40:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 21.02.2015 um 22:39:21 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (02/21/2015 10:45:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: infrared_data_association.exe0.12.4.86854e4147bunknown0.0.0.000000000c00000057efde000db801d04e1fa4a3edecC:\Windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\international_electro\infrared_data_association.exeunknownf88e5457-ba12-11e4-8402-d838145415c9
Error: (02/21/2015 10:45:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/21/2015 10:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe6.1.7600.163854a5bc100ole32.DLL6.1.7601.175144ce7b96fc00000050003aa879dc01d04e1ac7a211eaC:\Windows\syswow64\svchost.exeC:\Windows\syswow64\ole32.DLL288746f9-ba11-11e4-9183-bcee7b73f9a8
Error: (02/21/2015 10:12:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/21/2015 09:40:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/20/2015 11:30:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: insurgency.exe0.0.0.01cf001d04d5cae176ef3244C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
Error: (02/20/2015 11:29:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: insurgency.exe0.0.0.01ed001d04d59c7c14028272C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
Error: (02/20/2015 10:39:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/20/2015 11:05:52 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: ArcaVir Tray Module000000000
Error: (02/20/2015 11:05:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: {0000E466-20F3-974}8.5.1.054e6159b{0000E466-20F3-974}8.5.1.054e6159bc000009600003d3d20b801d04cf4ce7eca3eC:\Users\Wallace\AppData\Local\Temp\{0000E466-20F3-974}C:\Users\Wallace\AppData\Local\Temp\{0000E466-20F3-974}0cc201ac-b8e8-11e4-b6bd-bcee7b73f9a8
CodeIntegrity Errors:
===================================
Date: 2015-02-21 22:42:01.593
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-21 22:42:01.531
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-21 22:08:54.063
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-21 22:08:53.985
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-21 21:36:21.496
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-21 21:36:21.387
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-20 22:35:53.933
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-20 22:35:53.808
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-20 10:10:59.568
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-20 10:10:59.459
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD FX(tm)-4130 Quad-Core Processor
Percentage of memory in use: 24%
Total physical RAM: 8190.12 MB
Available physical RAM: 6145.95 MB
Total Pagefile: 16378.42 MB
Available Pagefile: 13833.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:685.44 GB) (Free:35.39 GB) NTFS
Drive d: (Musik) (Fixed) (Total:48.91 GB) (Free:0.52 GB) NTFS
Drive e: (PRODUCER) (Fixed) (Total:97.66 GB) (Free:24.03 GB) NTFS
Drive f: (PROG) (Fixed) (Total:146.49 GB) (Free:62.71 GB) NTFS
Drive g: (DATA) (Fixed) (Total:172.69 GB) (Free:14.06 GB) NTFS
Drive h: (FACTORY_IMAGE) (Fixed) (Total:13.1 GB) (Free:12.02 GB) NTFS
Drive o: (My Book) (Fixed) (Total:1862.98 GB) (Free:1245.04 GB) NTFS
Drive q: (My Book) (Fixed) (Total:465.64 GB) (Free:94.12 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=685.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: EBF8BF2C)
Partition 1: (Not Active) - (Size=416.8 GB) - (Type=OF Extended)
Partition 2: (Not Active) - (Size=48.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00021365)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 8D399BC0)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)
==================== End Of Log ============================
|
| Themen zu Angeblich nymaim Trojaner eingefangen |
| angeblich, checken, eingefangen, feedback, fehlermeldungen, fenster, freundlich, gefangen, gefunde, gelöscht, gesperrt, neustart, programm, refresh, safer networking, schaden, spybot, systems, trojan-spy.win32.zbot.gen, trojaner, trojaner eingefangen, uds:dangerousobject.multi.generic, uplay, öffnet |
Baum-Darstellung