Chris755 | 10.06.2015 13:56 | mbam.txt: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Update, 10.06.2015 14:33:10, SYSTEM, CHRIS-PC, Manual, Remediation Database, 2015.3.9.1, 2015.5.13.1,
Update, 10.06.2015 14:33:11, SYSTEM, CHRIS-PC, Manual, Rootkit Database, 2015.2.25.1, 2015.6.2.1,
Update, 10.06.2015 14:33:55, SYSTEM, CHRIS-PC, Manual, Malware Database, 2015.3.9.5, 2015.6.10.2,
Scan, 10.06.2015 14:49:37, SYSTEM, CHRIS-PC, Manual, Start: 10.06.2015 14:33:12, Dauer: 15 Minuten 30 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "4" nicht-Malwareerkennung,
Error, 10.06.2015 14:51:21, SYSTEM, CHRIS-PC, Protection, IsLicensed, 13,
Protection, 10.06.2015 14:51:22, SYSTEM, CHRIS-PC, Protection, Malware Protection, Stopping,
Protection, 10.06.2015 14:51:22, SYSTEM, CHRIS-PC, Protection, Malware Protection, Stopped,
(end) FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Chris (administrator) on CHRIS-PC on 10-06-2015 14:55:15
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris (Available Profiles: Chris)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Chris\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.5.471.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [719272 2015-04-02] (McAfee, Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1386011293-1633577438-1266540994-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-1386011293-1633577438-1266540994-1001\...\MountPoints2: {05ca4481-0b6c-11e5-825a-6c626dbf39ef} - "E:\Setup.exe"
HKU\S-1-5-21-1386011293-1633577438-1266540994-1001\...\MountPoints2: {c88d1854-0e1d-11e5-826a-6c626dbf39ef} - "D:\autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-06-05]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-06-05]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-07] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-07] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1386011293-1633577438-1266540994-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1386011293-1633577438-1266540994-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-07] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-07] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-06-07] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-06-07] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-06-07] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-06-04] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-04-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-04-07] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-04-07] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-06-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-07] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-08] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-06-05]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-06-05]
Chrome:
=======
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-06-08]
CHR Extension: (SiteAdvisor) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-06-08]
CHR Extension: (Bookmark Manager) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-08]
CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-08]
CHR Extension: (Minas Tirith Theme by VikiTech) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pellodjomgehncfmdjbaebehjcbjaelh [2015-06-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-08]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-08] Addtion.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Chris at 2015-06-10 15:00:56
Running from C:\Users\Chris\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1386011293-1633577438-1266540994-500 - Administrator - Disabled)
Chris (S-1-5-21-1386011293-1633577438-1266540994-1001 - Administrator - Enabled) => C:\Users\Chris
Gast (S-1-5-21-1386011293-1633577438-1266540994-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
AGEIA PhysX v7.07.09 (HKLM-x32\...\{65F1CF63-31E0-450B-96F3-4A88BE7361A6}) (Version: 7.07.09 - AGEIA Technologies, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Convoy (HKLM-x32\...\Steam App 318230) (Version: - Convoy Games)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment)
Door Kickers (HKLM-x32\...\Steam App 248610) (Version: - KillHouse Games)
Dustoff Heli Rescue (HKLM-x32\...\Steam App 341730) (Version: - Invictus Games Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.2.0.0 - GIANTS Software)
LEGO - The Hobbit (HKLM-x32\...\Steam App 285160) (Version: - Traveller's Tales)
LEGO Batman 3: Beyond Gotham (HKLM-x32\...\Steam App 313690) (Version: - TT Games Ltd)
Lego Star Wars 3: The Clone Wars (HKLM-x32\...\Steam App 32510) (Version: - Traveller's Tales)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 14.0.1029 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.316 - McAfee, Inc.)
Medal of Honor: Airborne (HKLM-x32\...\Steam App 24840) (Version: - EA Los Angeles)
Men of War: Assault Squad 2 (HKLM-x32\...\Steam App 244450) (Version: - Digitalmindsoft)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mount Your Friends (HKLM-x32\...\Steam App 296470) (Version: - Stegersaurus Software Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version: - Eugen Systems)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.38.115.2015 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9C338C60-A55F-4123-B2B9-173F09512316}) (Version: 1.00.0178 - REALTEK Semiconductor Corp.)
RUNNING WITH RIFLES (HKLM-x32\...\Steam App 270150) (Version: - Modulaatio Games)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Startopia (HKLM-x32\...\Steam App 243040) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stonehearth (HKLM-x32\...\Steam App 253250) (Version: - Radiant Entertainment)
Supreme Commander 2 (HKLM-x32\...\Steam App 40100) (Version: - Gas Powered Games)
Turmoil (HKLM-x32\...\Steam App 361280) (Version: - Gamious)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
World of Tanks (HKU\S-1-5-21-1386011293-1633577438-1266540994-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version: - Team17 Digital Ltd)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version: - Team17 Software Ltd.)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
04-06-2015 19:46:57 Installiert Realtek Ethernet Controller Driver
05-06-2015 20:15:34 WinZip 19.5 wird installiert
07-06-2015 13:55:03 DirectX wurde installiert
08-06-2015 22:09:53 Revo Uninstaller's restore point - FreeFixer
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {10150124-4F61-4DC5-99EE-0D442C581FF8} - System32\Tasks\IneedSpeed Update => C:\Program Files (x86)\version01IneedSpeed\b4IneedSpeedQ95.exe [2015-06-08] ()
Task: {138BBBD4-08A9-4462-8D9E-373149177049} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {2B9772CA-E5FF-4A4D-847D-C1345A4B3D43} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {33BF37EE-D7A5-4A08-96BA-CF04B6745643} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {3D3C5BEC-D26F-47C8-90B1-F4589DBD0F00} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-06-07] (Microsoft Corporation)
Task: {3EEAC3F5-19D2-460C-BF90-9D3132170B6D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-06-07] (Microsoft Corporation)
Task: {4621C987-6C4D-4BB9-9D02-DB0FAA5CEE0A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {5502D68F-CEF3-4C28-8A4F-6ED895EA2723} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {5CF8C444-A665-4935-BD76-AB8937AC8A88} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {72025436-F430-427F-882B-9A64D2BE196B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-30] (Microsoft Corporation)
Task: {7D152321-7636-49A3-A2BF-57E2580EBB43} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {85B094CB-2E62-4A81-B29D-3C3EAF380E8D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-06-07] (Microsoft Corporation)
Task: {C17C2C6A-92F5-438C-8F1C-1791F656B7C1} - System32\Tasks\Bidaily Synchronize Task[973b] => c:\programdata\{c2e2df61-8d18-29f2-c2e2-2df618d17d86}\winzip 19.5 crack.exe <==== ATTENTION
Task: {CF0D9A72-4067-4DDA-A553-5A5B2A59F371} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-08] (Google Inc.)
Task: {E10D9079-CF81-44EB-B8C2-1E4D9B48495C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-08] (Google Inc.)
Task: {EA6F8E3E-CF53-4D04-8E5A-B19B23FF70BD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{c2e2df61-8d18-29f2-c2e2-2df618d17d86}\winzip 19.5 crack.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\IneedSpeed Update.job => C:\Program Files (x86)\version01IneedSpeed\b4IneedSpeedQ95.exe
==================== Loaded Modules (Whitelisted) ==============
2015-06-07 20:05 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-05 01:24 - 2015-02-05 01:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-06-05 20:52 - 2015-06-05 20:52 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-03-14 07:49 - 2015-03-14 07:49 - 00291840 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2015-05-20 04:29 - 2015-05-20 04:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-06-10 14:49 - 2015-06-05 20:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-10 14:49 - 2015-06-05 20:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-06-05 12:19 - 2014-11-26 03:12 - 40622592 _____ () C:\Users\Chris\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2015-06-05 12:19 - 2014-11-26 03:12 - 00911360 _____ () C:\Users\Chris\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2015-06-05 12:19 - 2014-11-26 03:12 - 00134144 _____ () C:\Users\Chris\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2015-06-10 14:49 - 2015-06-05 20:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll
2015-06-05 18:25 - 2015-04-16 19:40 - 00776192 _____ () X:\Steam\SDL2.dll
2015-06-05 18:25 - 2015-04-23 04:16 - 04962816 _____ () X:\Steam\v8.dll
2015-06-05 18:25 - 2015-06-04 20:56 - 02407104 _____ () X:\Steam\video.dll
2015-06-05 18:25 - 2015-04-23 04:16 - 01556992 _____ () X:\Steam\icui18n.dll
2015-06-05 18:25 - 2015-04-23 04:16 - 01187840 _____ () X:\Steam\icuuc.dll
2015-06-05 18:25 - 2014-12-01 23:31 - 02396672 _____ () X:\Steam\libavcodec-56.dll
2015-06-05 18:25 - 2014-12-01 23:31 - 00479744 _____ () X:\Steam\libavformat-56.dll
2015-06-05 18:25 - 2014-12-01 23:31 - 00332800 _____ () X:\Steam\libavresample-2.dll
2015-06-05 18:25 - 2014-12-01 23:31 - 00442880 _____ () X:\Steam\libavutil-54.dll
2015-06-05 18:25 - 2014-12-01 23:31 - 00485888 _____ () X:\Steam\libswscale-3.dll
2015-06-05 18:25 - 2015-06-04 20:56 - 00703168 _____ () X:\Steam\bin\chromehtml.DLL
2015-06-05 18:25 - 2015-05-11 21:01 - 36302728 _____ () X:\Steam\bin\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Chris\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1386011293-1633577438-1266540994-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\Pictures\336948.jpg
DNS Servers: 192.168.137.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{44A24FFE-0227-4A77-A6A0-78A2DC4F2D7D}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{BA296FD8-9986-4747-9D3B-7AC928B1D07B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{03421F2F-BD70-447A-A68C-6AE31F14417F}] => (Allow) X:\Steam\Steam.exe
FirewallRules: [{9E31DDE3-4E77-4254-8D72-DC6ADCF83F7F}] => (Allow) X:\Steam\Steam.exe
FirewallRules: [{6B5FF691-A32B-4287-9640-CF9A25CBFCCC}] => (Allow) X:\Steam\bin\steamwebhelper.exe
FirewallRules: [{30C1907A-7D21-416C-A1AD-131BAB5E3FA1}] => (Allow) X:\Steam\bin\steamwebhelper.exe
FirewallRules: [{68CC11D1-965C-42B6-A431-E73DE6E617F4}] => (Allow) X:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{C7F7BFD9-9C64-4926-9DEF-C543E8F52F12}] => (Allow) X:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{F7DAA0FE-AE0F-4831-84DF-AFB36FDFE1F9}] => (Allow) X:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{D5D94B24-28C0-47EA-8535-8BCF0064352D}] => (Allow) X:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{37500F68-704E-4E0D-9088-C3BA9FE58F62}] => (Allow) X:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{7C5B3D37-FFB9-4AC3-9987-B28821902944}] => (Allow) X:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{6FDD4764-B3C3-487D-B37A-4FE6F29A26B2}] => (Allow) X:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{12B43670-84B1-464E-8F59-31637A2B62DD}] => (Allow) X:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AEAD9E2E-33BC-467C-A065-E4AD82820E45}] => (Allow) X:\Steam\steamapps\common\Lego Star Wars III - The Clone Wars\LEGOCloneWars.exe
FirewallRules: [{6A79A27A-674F-4666-ADCF-2BABC0A5D0FA}] => (Allow) X:\Steam\steamapps\common\Lego Star Wars III - The Clone Wars\LEGOCloneWars.exe
FirewallRules: [{56705465-C78B-4EAB-BE1E-0769E8DBE5FF}] => (Allow) X:\Steam\steamapps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{2DC2E724-B986-4DD8-AF50-7A3714FB65D9}] => (Allow) X:\Steam\steamapps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{55C6EC26-87EE-43EF-A519-512299C6A712}] => (Allow) X:\Steam\steamapps\common\R.U.S.E\Ruse.exe
FirewallRules: [{6E3AC75D-09CB-4B64-8414-9A202E9E1AB3}] => (Allow) X:\Steam\steamapps\common\R.U.S.E\Ruse.exe
FirewallRules: [{18924871-0958-4CC5-860B-D34EE37649D4}] => (Allow) X:\Steam\steamapps\common\RunningWithRifles\rwr_game.exe
FirewallRules: [{D8BEB9DF-8345-4C70-B971-BB39139B1B8C}] => (Allow) X:\Steam\steamapps\common\RunningWithRifles\rwr_game.exe
FirewallRules: [{DF49E497-E417-4D44-94AA-A194C72B557F}] => (Allow) X:\Steam\steamapps\common\RunningWithRifles\rwr_config.exe
FirewallRules: [{2CC7046E-D093-43F9-8428-89211F89CE98}] => (Allow) X:\Steam\steamapps\common\RunningWithRifles\rwr_config.exe
FirewallRules: [{EBAC8ED2-4DCA-4E2D-8FAA-2C039B4FA8B6}] => (Allow) X:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{9D774D70-6051-46EC-B7BB-AC54AB977E41}] => (Allow) X:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{7BF8B985-B1DB-4B8E-9C51-EC76CBDE72CE}] => (Allow) X:\Steam\steamapps\common\Supreme Commander 2\bin\SupremeCommander2.exe
FirewallRules: [{E2D91A8D-5CB2-41D8-BEF5-8CB6796B61E5}] => (Allow) X:\Steam\steamapps\common\Supreme Commander 2\bin\SupremeCommander2.exe
FirewallRules: [{49392916-9F25-4FE6-BE70-B1F18D271A18}] => (Allow) X:\Steam\steamapps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{584D4DE9-B67B-41CF-8685-E2B8BB2B14F6}] => (Allow) X:\Steam\steamapps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{ED88EAD3-AA5E-4D61-81C0-61EF4BC8B085}] => (Allow) X:\Steam\steamapps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{D40C6F4F-8D7E-46E1-98DE-86BA67BD340C}] => (Allow) X:\Steam\steamapps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{0BA4FB1B-53D5-4AB0-A0D7-F7A665730B62}] => (Allow) X:\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{A0D131D8-F6CA-4943-99FD-FF2F23133BD6}] => (Allow) X:\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{11FBD035-D790-4BBE-9476-2560457954AD}] => (Allow) X:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{03D342E0-D92E-4F41-9F3C-4C710FA2E9EE}] => (Allow) X:\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{85DFB7F4-F0E3-43F0-A47F-2DDA24413041}] => (Allow) X:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{71189370-625E-4DF9-827E-04A1C06D5EAD}] => (Allow) X:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{5D64E391-D4CF-4A4A-9E0D-1E2D55A28E72}] => (Allow) X:\Steam\steamapps\common\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe
FirewallRules: [{2948D8CD-6D06-478F-A387-6DAD6DF36957}] => (Allow) X:\Steam\steamapps\common\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe
FirewallRules: [{BD9B1CDD-2320-442E-8E29-FDDA9F0F8B03}] => (Allow) X:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{4186360F-36A6-4EB7-A004-973D750910C8}] => (Allow) X:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{A68FFA36-EB21-4DD8-8BC6-3EC4648449FD}] => (Allow) X:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{854A9883-B359-4617-A3DF-3A57F71237FC}] => (Allow) X:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{A6E698E2-D0C7-4EC1-A08A-3DF45B670CB2}] => (Allow) X:\Steam\steamapps\common\DoorKickers\DoorKickers.exe
FirewallRules: [{FD445C73-D80F-4B15-BBBB-16A37B77EF7A}] => (Allow) X:\Steam\steamapps\common\DoorKickers\DoorKickers.exe
FirewallRules: [{5F897038-B310-4A4F-81B1-6128BBC413DE}] => (Allow) X:\Steam\steamapps\common\Dustoff Heli Rescue\DustoffPC.exe
FirewallRules: [{76FF46E5-6B82-4093-9F79-C79988502327}] => (Allow) X:\Steam\steamapps\common\Dustoff Heli Rescue\DustoffPC.exe
FirewallRules: [{6DCC2E7E-C3AB-4A71-A7B3-3BA903EB4A32}] => (Allow) X:\Steam\steamapps\common\Convoy\Convoy.exe
FirewallRules: [{2677AA4D-0C4E-4949-B0B9-8DD0FE972476}] => (Allow) X:\Steam\steamapps\common\Convoy\Convoy.exe
FirewallRules: [{F93A02CB-2BAD-4361-960B-A431D6244CC5}] => (Allow) X:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{FCE4539D-224A-4937-8028-2973AD11D207}] => (Allow) X:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{34C06CC0-388B-4F31-8991-70916C8D33A0}] => (Allow) X:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{6201CFF7-9DD0-49A9-B960-B17B856083FF}] => (Allow) X:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{436CA2FF-C872-448E-B176-41EA7EB86128}] => (Allow) X:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{7968EBE9-2D01-43CB-B1E6-97AB57ECF765}] => (Allow) X:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{8C44D46A-DAA2-4075-9E81-739CC9F2AE76}] => (Allow) X:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{AD4F3693-5BC7-4284-9F58-1D5F7F6572B6}] => (Allow) X:\Steam\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{F1A3BF11-DC25-4B1E-A2AB-0963649DDF0E}] => (Allow) X:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{3531F1CF-E4AD-4AAC-A74E-71B38942F2A5}] => (Allow) X:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{8D9B7D52-1E09-4B98-996B-462D27BF7AB0}] => (Allow) X:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{BB9BA31D-1A36-4EAD-B0C1-A065F10D91D7}] => (Allow) X:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{19B6AE34-7034-4346-ACF9-353B49602580}] => (Allow) X:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{3D075614-CB8C-464B-8E1F-A5D185C9DE93}] => (Allow) X:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{73EDBFCF-2234-4EA0-A0DE-4AD785AD6251}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{AED5961C-E348-4AA5-9467-6DEFAD438479}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{156CE192-7ACD-42F3-84E4-39301E48DE1F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{9F9C56A0-4AEB-4448-B9B6-69819BE7D286}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{1F16A98C-59EC-4188-8F76-3F177C19C5AB}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{4CF76D9A-ED75-4A40-986A-30AEE18B1B72}] => (Allow) X:\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{3EA96838-D822-4FA0-A200-8C92E6713683}] => (Allow) X:\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{83B82E78-709D-4F5B-91BA-A0ECA9CC5CD1}] => (Allow) X:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{B219E5C7-D754-47EE-9EA3-EBC517E23A1C}] => (Allow) X:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{6D00A0C7-1E2F-43BD-BCD7-BAB4E8640C1E}] => (Allow) X:\SUM Gesamt\SUMI\game.dat
FirewallRules: [{23244BEB-404D-467D-9CB3-75559AA08D94}] => (Allow) X:\SUM Gesamt\SUMI\game.dat
FirewallRules: [{6E4E0513-E3A4-42AE-8F2E-F891F70EE531}] => (Allow) X:\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{24F8E047-ACE8-452A-A0CE-9630F3A91C62}] => (Allow) X:\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{47E710C7-BF53-4B97-AA64-9F8A21354DFC}] => (Allow) X:\Steam\steamapps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{C46D0458-E2E9-4BA9-8EDF-47520EC888B4}] => (Allow) X:\Steam\steamapps\common\Stonehearth\Stonehearth.exe
FirewallRules: [{022A5563-1FFF-4248-9A52-989ACB75E389}] => (Allow) X:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3FE94361-600D-4CEE-8D9F-8146F8EF835C}] => (Allow) X:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5B5C30E0-744F-42AA-8F99-B3474F8A8B57}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Renesas USB 3.0 eXtensible-Hostcontroller - 0096 (Microsoft)
Description: USB-xHCI-kompatibler Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generischer USB-xHCI-Hostcontroller
Service: USBXHCI
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/10/2015 01:56:06 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (06/09/2015 05:27:15 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
System errors:
=============
Error: (06/10/2015 02:51:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (06/09/2015 10:41:21 PM) (Source: DCOM) (EventID: 10010) (User: CHRIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (06/09/2015 10:41:21 PM) (Source: DCOM) (EventID: 10010) (User: CHRIS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (06/08/2015 10:35:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "CHRIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.137.7
registriert werden. Der Computer mit IP-Adresse 192.168.137.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (06/08/2015 10:35:03 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "CHRIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.137.7
registriert werden. Der Computer mit IP-Adresse 192.168.137.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (06/08/2015 10:35:02 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "CHRIS-PC :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.137.7
registriert werden. Der Computer mit IP-Adresse 192.168.137.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (06/08/2015 10:35:01 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "CHRIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.137.7
registriert werden. Der Computer mit IP-Adresse 192.168.137.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (06/08/2015 10:35:02 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{022CECB2-D47F-409E-8CA6-BB607C4B0576} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (06/08/2015 10:34:59 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "CHRIS-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.137.7
registriert werden. Der Computer mit IP-Adresse 192.168.137.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (06/08/2015 10:34:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Microsoft Office:
=========================
Error: (06/10/2015 01:56:06 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
Error: (06/09/2015 05:27:15 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
Error: (06/08/2015 05:43:01 PM) (Source: Audiorecorder) (EventID: 32767) (User: )
Description: Unknown Error, 0x80004003
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 49%
Total physical RAM: 4095.29 MB
Available physical RAM: 2064.87 MB
Total Pagefile: 5503.29 MB
Available Pagefile: 2899.06 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
==================== Drives ================================
Drive c: (Volume) (Fixed) (Total:467.09 GB) (Free:404.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Landwirtschafts-Simulator 2015) (CDROM) (Total:1.87 GB) (Free:0 GB) UDF
Drive e: (LOTRBFME) (CDROM) (Total:3.95 GB) (Free:0 GB) UDF
Drive f: (ESD-USB) (Removable) (Total:29.82 GB) (Free:14.24 GB) NTFS
Drive x: (Volume2) (Fixed) (Total:464.42 GB) (Free:233.86 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9A60A8A5)
Partition 1: (Active) - (Size=467.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 29.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End of log ============================ --- --- --- |