FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Rijad (administrator) on RIJAD on 22-04-2014 13:29:29
Running from C:\Users\Rijad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\44AB7M62
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\system32\IProsetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\windows\system32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) c:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer) C:\Program Files (x86)\Acer Remote\ArcServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE
(McAfee, Inc.) C:\Program Files\mcafee\msc\mcupdmgr.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1527896 2012-06-22] (McAfee, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {88A9F607-64FF-4532-A71E-FD20FE8D3D7C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {88A9F607-64FF-4532-A71E-FD20FE8D3D7C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {88A9F607-64FF-4532-A71E-FD20FE8D3D7C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {88A9F607-64FF-4532-A71E-FD20FE8D3D7C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {88A9F607-64FF-4532-A71E-FD20FE8D3D7C} URL =
SearchScopes: HKCU - {88A9F607-64FF-4532-A71E-FD20FE8D3D7C} URL =
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-03-01]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-03-01]
==================== Services (Whitelisted) =================
S2 0214491398164281mcinstcleanup; C:\Windows\TEMP\021449~1.EXE [828032 2012-09-07] (McAfee, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-27] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-05-22] (McAfee, Inc.)
R2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-06-22] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-06-22] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [177144 2012-06-22] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [200728 2012-05-11] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-06-22] (McAfee, Inc.)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [498032 2012-07-12] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-21] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [66712 2012-06-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-22 22:52 - 2014-04-22 22:52 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-04-22 22:52 - 2014-04-22 22:52 - 00000000 ____D () C:\Windows.old
2014-04-22 13:29 - 2014-04-22 13:29 - 00000000 ____D () C:\FRST
2014-04-22 13:02 - 2014-04-22 13:02 - 00000000 ____D () C:\Users\Rijad\AppData\Roaming\AcerRemote
2014-04-22 13:02 - 2014-04-22 13:02 - 00000000 ____D () C:\Users\Rijad\AppData\Local\Apps\2.0
2014-04-22 13:01 - 2014-04-22 13:01 - 00011820 _____ () C:\Users\Rijad\Desktop\Entfernte Anwendungen.html
2014-04-22 13:01 - 2014-04-22 13:01 - 00002609 _____ () C:\Users\Public\Desktop\eBay.lnk
2014-04-22 13:01 - 2014-04-22 13:01 - 00000000 ___RD () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 13:01 - 2014-04-22 13:01 - 00000000 ___RD () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-22 13:01 - 2014-04-22 13:01 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-22 13:01 - 2014-04-22 13:01 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-04-22 13:01 - 2012-08-24 05:39 - 00000000 _____ () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
2014-04-22 13:00 - 2014-04-22 13:00 - 00001770 _____ () C:\Users\Public\Desktop\Online kaufen.lnk
2014-04-22 13:00 - 2014-04-22 13:00 - 00001442 _____ () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-22 13:00 - 2014-04-22 13:00 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-04-22 13:00 - 2014-04-22 13:00 - 00000000 ____D () C:\Program Files\Accessory Store
2014-04-22 12:58 - 2014-04-22 12:58 - 00000000 ____D () C:\Users\Rijad\AppData\Roaming\Macromedia
2014-04-22 12:58 - 2014-04-22 12:58 - 00000000 ____D () C:\Users\Rijad\AppData\Roaming\Adobe
2014-04-22 12:58 - 2014-04-22 12:58 - 00000000 ____D () C:\Users\Rijad\AppData\Local\VirtualStore
2014-04-22 12:57 - 2014-04-22 12:57 - 00000020 ___SH () C:\Users\Rijad\ntuser.ini
2014-04-22 12:54 - 2014-04-22 13:01 - 00000000 ____D () C:\Users\Rijad
2014-04-22 12:54 - 2014-04-22 12:54 - 00017148 _____ () C:\Windows\diagwrn.xml
2014-04-22 12:54 - 2014-04-22 12:54 - 00017148 _____ () C:\Windows\diagerr.xml
2014-04-22 12:54 - 2014-04-22 12:54 - 00002022 _____ () C:\Users\Administrator\AppData\Local\Application.xml
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Vorlagen
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Startmenü
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Netzwerkumgebung
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Lokale Einstellungen
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Eigene Dateien
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Druckumgebung
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Documents\Eigene Musik
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Documents\Eigene Bilder
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\AppData\Local\Verlauf
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\AppData\Local\Anwendungsdaten
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Anwendungsdaten
2014-04-22 12:54 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-22 12:54 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-22 12:54 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-22 12:54 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-22 12:41 - 2014-04-22 22:43 - 00000000 ___HD () C:\$SysReset
2014-04-09 20:02 - 2014-04-09 20:02 - 00000000 ____D () C:\Users\Rijad\Documents\AdobeStockPhotos
2014-04-03 19:11 - 2014-04-03 19:11 - 00921000 _____ (Oracle Corporation) C:\Users\Rijad\Downloads\chromeinstall-7u51.exe
2014-04-03 19:10 - 2014-04-03 19:15 - 276762432 _____ (NVIDIA Corporation) C:\Users\Rijad\Downloads\335.23-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-04-03 19:08 - 2014-04-03 19:08 - 00000000 ____D () C:\Users\Rijad\Documents\Ghost Games
2014-04-03 17:08 - 2014-04-03 17:22 - 00000000 ____D () C:\Users\Rijad\Downloads\NFS Rivals
2014-04-03 16:49 - 2014-04-03 16:49 - 13908362 _____ () C:\Users\Rijad\Downloads\NFS14Rivals.Origin.Crack (MP).7z
2014-04-03 16:46 - 2014-04-03 16:46 - 02087616 _____ () C:\Users\Rijad\Downloads\winrar-x64-501d.exe
2014-04-03 16:46 - 2014-04-03 16:46 - 00351744 _____ () C:\Users\Rijad\Downloads\SETUP__6789_il5711.exe
2014-04-03 16:24 - 2014-04-03 16:24 - 04490523 _____ () C:\Users\Rijad\Downloads\Need-For-Speed-Rivals-Serial-Key-Generator-V1.03-2013.rar
2014-04-03 16:11 - 2014-04-03 16:11 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Rijad\Downloads\OriginThinSetup.exe
2014-04-03 16:09 - 2014-04-10 15:51 - 00027136 ___SH () C:\Users\Rijad\Desktop\Thumbs.db
2014-04-03 14:28 - 2014-04-03 17:10 - 00000000 ____D () C:\Users\Rijad\Downloads\Need.For.Speed.Rivals-RELOADED
2014-04-02 17:04 - 2014-04-02 17:04 - 00626688 _____ () C:\Users\Rijad\Downloads\Detection.msi
2014-03-30 19:17 - 2014-03-30 19:17 - 00386896 _____ (Softonic ) C:\Users\Rijad\Downloads\SoftonicDownloader_fuer_vuescan.exe
2014-03-30 19:10 - 2014-03-30 19:10 - 00845790 _____ () C:\Users\Rijad\Downloads\Scanner-Interface-703.zip
2014-03-30 19:06 - 2014-03-30 19:09 - 00000000 ____D () C:\Users\Rijad\Documents\Fax
2014-03-30 18:15 - 2014-03-30 18:15 - 00000000 ____D () C:\Users\Rijad\Documents\Updater
2014-03-30 18:13 - 2014-03-30 18:13 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-30 18:12 - 2014-03-30 18:12 - 00000000 ____D () C:\PS_CS2_Gr_NonRet
2014-03-30 17:50 - 2014-03-30 17:56 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Rijad\Downloads\PS_CS2_Gr_NonRet.exe
2014-03-26 16:41 - 2014-04-22 12:54 - 00000000 ____D () C:\Users\Rijad\Desktop\Games
2014-03-25 19:08 - 2014-04-22 10:16 - 00000000 ____D () C:\Users\Rijad\Documents\ManiaPlanet
2014-03-25 18:38 - 2014-03-25 19:04 - 1632772392 _____ () C:\Users\Rijad\Downloads\ManiaplanetSMStormEliteDemoSetup.exe
2014-03-23 18:59 - 2014-03-23 18:59 - 00000000 ____D () C:\Users\Rijad\Documents\My Cheat Tables
==================== One Month Modified Files and Folders =======
2014-04-22 22:52 - 2014-04-22 22:52 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-04-22 22:52 - 2014-04-22 22:52 - 00000000 ____D () C:\Windows.old
2014-04-22 22:52 - 2012-07-26 10:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-04-22 22:43 - 2014-04-22 12:41 - 00000000 ___HD () C:\$SysReset
2014-04-22 13:29 - 2014-04-22 13:29 - 00000000 ____D () C:\FRST
2014-04-22 13:29 - 2013-03-01 08:15 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-22 13:28 - 2013-03-01 08:17 - 00001832 _____ () C:\Users\Public\Desktop\McAfee Internet Security Suite.lnk
2014-04-22 13:05 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-22 13:02 - 2014-04-22 13:02 - 00000000 ____D () C:\Users\Rijad\AppData\Roaming\AcerRemote
2014-04-22 13:02 - 2014-04-22 13:02 - 00000000 ____D () C:\Users\Rijad\AppData\Local\Apps\2.0
2014-04-22 13:02 - 2013-10-08 21:19 - 01014509 _____ () C:\Windows\WindowsUpdate.log
2014-04-22 13:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-22 13:01 - 2014-04-22 13:01 - 00011820 _____ () C:\Users\Rijad\Desktop\Entfernte Anwendungen.html
2014-04-22 13:01 - 2014-04-22 13:01 - 00002609 _____ () C:\Users\Public\Desktop\eBay.lnk
2014-04-22 13:01 - 2014-04-22 13:01 - 00000000 ___RD () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 13:01 - 2014-04-22 13:01 - 00000000 ___RD () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-22 13:01 - 2014-04-22 13:01 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-04-22 13:01 - 2014-04-22 13:01 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-04-22 13:01 - 2014-04-22 12:54 - 00000000 ____D () C:\Users\Rijad
2014-04-22 13:01 - 2013-03-01 07:14 - 00000000 ___HD () C:\OEM
2014-04-22 13:01 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-22 13:00 - 2014-04-22 13:00 - 00001770 _____ () C:\Users\Public\Desktop\Online kaufen.lnk
2014-04-22 13:00 - 2014-04-22 13:00 - 00001442 _____ () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-22 13:00 - 2014-04-22 13:00 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-04-22 13:00 - 2014-04-22 13:00 - 00000000 ____D () C:\Program Files\Accessory Store
2014-04-22 13:00 - 2014-03-11 16:31 - 00000000 ____D () C:\Users\Rijad\AppData\Local\Packages
2014-04-22 13:00 - 2013-10-01 20:35 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-04-22 13:00 - 2013-10-01 20:35 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-04-22 13:00 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-22 12:58 - 2014-04-22 12:58 - 00000000 ____D () C:\Users\Rijad\AppData\Roaming\Macromedia
2014-04-22 12:58 - 2014-04-22 12:58 - 00000000 ____D () C:\Users\Rijad\AppData\Roaming\Adobe
2014-04-22 12:58 - 2014-04-22 12:58 - 00000000 ____D () C:\Users\Rijad\AppData\Local\VirtualStore
2014-04-22 12:57 - 2014-04-22 12:57 - 00000020 ___SH () C:\Users\Rijad\ntuser.ini
2014-04-22 12:57 - 2013-03-01 08:16 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-04-22 12:57 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-04-22 12:57 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-22 12:54 - 2014-04-22 12:54 - 00017148 _____ () C:\Windows\diagwrn.xml
2014-04-22 12:54 - 2014-04-22 12:54 - 00017148 _____ () C:\Windows\diagerr.xml
2014-04-22 12:54 - 2014-04-22 12:54 - 00002022 _____ () C:\Users\Administrator\AppData\Local\Application.xml
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Vorlagen
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Startmenü
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Netzwerkumgebung
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Lokale Einstellungen
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Eigene Dateien
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Druckumgebung
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Documents\Eigene Musik
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Documents\Eigene Bilder
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\AppData\Local\Verlauf
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\AppData\Local\Anwendungsdaten
2014-04-22 12:54 - 2014-04-22 12:54 - 00000000 _SHDL () C:\Users\Rijad\Anwendungsdaten
2014-04-22 12:54 - 2014-03-26 16:41 - 00000000 ____D () C:\Users\Rijad\Desktop\Games
2014-04-22 12:54 - 2013-03-01 07:20 - 00000000 ____D () C:\Windows\Panther
2014-04-22 12:54 - 2012-07-26 10:12 - 00000000 __RHD () C:\Users\Public\Libraries
2014-04-22 12:54 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\Recovery
2014-04-22 12:54 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-22 12:54 - 2012-07-26 09:21 - 00020750 _____ () C:\Windows\setupact.log
2014-04-22 12:54 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-22 12:53 - 2014-04-22 12:53 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-22 12:53 - 2013-10-08 21:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-22 12:53 - 2013-03-01 07:20 - 00005976 _____ () C:\Windows\PFRO.log
2014-04-22 12:53 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows NT
2014-04-22 12:53 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-22 10:16 - 2014-03-25 19:08 - 00000000 ____D () C:\Users\Rijad\Documents\ManiaPlanet
2014-04-21 14:14 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-10 15:51 - 2014-04-03 16:09 - 00027136 ___SH () C:\Users\Rijad\Desktop\Thumbs.db
2014-04-10 13:23 - 2014-03-20 16:06 - 00027136 ___SH () C:\Users\Rijad\Downloads\Thumbs.db
2014-04-09 20:02 - 2014-04-09 20:02 - 00000000 ____D () C:\Users\Rijad\Documents\AdobeStockPhotos
2014-04-03 19:15 - 2014-04-03 19:10 - 276762432 _____ (NVIDIA Corporation) C:\Users\Rijad\Downloads\335.23-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-04-03 19:11 - 2014-04-03 19:11 - 00921000 _____ (Oracle Corporation) C:\Users\Rijad\Downloads\chromeinstall-7u51.exe
2014-04-03 19:08 - 2014-04-03 19:08 - 00000000 ____D () C:\Users\Rijad\Documents\Ghost Games
2014-04-03 17:22 - 2014-04-03 17:08 - 00000000 ____D () C:\Users\Rijad\Downloads\NFS Rivals
2014-04-03 17:10 - 2014-04-03 14:28 - 00000000 ____D () C:\Users\Rijad\Downloads\Need.For.Speed.Rivals-RELOADED
2014-04-03 16:49 - 2014-04-03 16:49 - 13908362 _____ () C:\Users\Rijad\Downloads\NFS14Rivals.Origin.Crack (MP).7z
2014-04-03 16:46 - 2014-04-03 16:46 - 02087616 _____ () C:\Users\Rijad\Downloads\winrar-x64-501d.exe
2014-04-03 16:46 - 2014-04-03 16:46 - 00351744 _____ () C:\Users\Rijad\Downloads\SETUP__6789_il5711.exe
2014-04-03 16:24 - 2014-04-03 16:24 - 04490523 _____ () C:\Users\Rijad\Downloads\Need-For-Speed-Rivals-Serial-Key-Generator-V1.03-2013.rar
2014-04-03 16:11 - 2014-04-03 16:11 - 17009704 _____ (Electronic Arts, Inc.) C:\Users\Rijad\Downloads\OriginThinSetup.exe
2014-04-02 17:04 - 2014-04-02 17:04 - 00626688 _____ () C:\Users\Rijad\Downloads\Detection.msi
2014-03-30 19:17 - 2014-03-30 19:17 - 00386896 _____ (Softonic ) C:\Users\Rijad\Downloads\SoftonicDownloader_fuer_vuescan.exe
2014-03-30 19:10 - 2014-03-30 19:10 - 00845790 _____ () C:\Users\Rijad\Downloads\Scanner-Interface-703.zip
2014-03-30 19:09 - 2014-03-30 19:06 - 00000000 ____D () C:\Users\Rijad\Documents\Fax
2014-03-30 18:15 - 2014-03-30 18:15 - 00000000 ____D () C:\Users\Rijad\Documents\Updater
2014-03-30 18:13 - 2014-03-30 18:13 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-03-30 18:12 - 2014-03-30 18:12 - 00000000 ____D () C:\PS_CS2_Gr_NonRet
2014-03-30 17:56 - 2014-03-30 17:50 - 375232764 _____ (Adobe Systems Inc. ) C:\Users\Rijad\Downloads\PS_CS2_Gr_NonRet.exe
2014-03-25 19:04 - 2014-03-25 18:38 - 1632772392 _____ () C:\Users\Rijad\Downloads\ManiaplanetSMStormEliteDemoSetup.exe
2014-03-23 18:59 - 2014-03-23 18:59 - 00000000 ____D () C:\Users\Rijad\Documents\My Cheat Tables
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-03-01 07:20
==================== End Of Log ============================
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by Rijad at 2014-04-22 13:30:15
Running from C:\Users\Rijad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\44AB7M62
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
==================== Installed Programs ======================
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer Remote (HKLM-x32\...\Acer Remote1.0) (Version: 1.0 - Acer Inc.)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2021 - Acer Incorporated)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3318_45364 - CyberLink Corp.) Hidden
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.3004 - Acer Incorporated)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Network Connections 17.2.153.0 (HKLM\...\PROSetDX) (Version: 17.2.153.0 - Intel)
Intel(R) Network Connections 17.2.153.0 (Version: 17.2.153.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3007 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 11.6.385 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 311.06 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.15 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.15 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1115 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.15 (Version: 311.15 - NVIDIA Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
==================== Restore Points =========================
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23726ED5-FCEB-49CC-BC6A-D0787300E3F4} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-01-22] ()
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {71EDB063-5FEE-4D22-A94B-525E84C552A8} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2012-09-20] (Acer Incorporated)
Task: {80FDE010-12F9-400E-BCCC-6C1A5C23EB05} - System32\Tasks\FUB => C:\Program Files (x86)\Acer\Identity Card\FUB.bat [2012-05-30] ()
Task: {91BA1672-1407-40E4-9D4B-02867E554A83} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: {A61D0B5A-C32F-45BF-B34F-433DF08EBA3F} - System32\Tasks\Microsoft\Windows\SysResetDelayedCleanup => Rundll32.exe ResetEng.dll,RjvDelayedCleanupEntryPoint
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB96B97B-39C2-46A2-876A-EEB6AE199033} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\system32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {C2A80B66-AAD7-4B09-A594-F8285782D5E8} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E8D928FB-5A15-49B8-A23C-74F5D8FE9214} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F83B44E8-B335-4003-A13E-E3C5DDA63879} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {F8E9F306-F34A-402E-A5B7-FB560F72E779} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup
Task: {FA50CE9B-5023-4456-961B-885EDF3FF00A} - System32\Tasks\Microsoft\WINRE\WinRE-Repair => C:\windows\System32\reagentc.exe [2012-10-24] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) =============
2013-03-01 08:16 - 2012-06-22 17:41 - 00024704 _____ () C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll
2013-10-08 21:32 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-02-06 10:06 - 2013-07-15 10:48 - 00054680 _____ () C:\Program Files (x86)\Acer Remote\plugins\general.dll
2013-02-06 10:06 - 2013-07-15 10:48 - 00040344 _____ () C:\Program Files (x86)\Acer Remote\plugins\ITunesBase.dll
2013-02-06 10:06 - 2013-07-15 10:48 - 00039832 _____ () C:\Program Files (x86)\Acer Remote\plugins\WinEight.dll
2013-02-06 10:06 - 2013-07-15 10:48 - 00110488 _____ () C:\Program Files (x86)\Acer Remote\plugins\WMPBase.dll
2013-02-06 10:06 - 2013-07-15 10:48 - 00040344 _____ () C:\Program Files (x86)\Acer Remote\plugins\YTBBase.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/22/2014 01:25:38 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.2.9200.16433 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 10a4
Startzeit: 01cf5e1a10739a2d
Endzeit: 0
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: d0550862-ca10-11e3-be6f-7427eab6f2bd
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/22/2014 00:53:49 PM) (Source: ESENT) (User: )
Description: services (776) Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -1216 auf.
Error: (04/22/2014 00:53:49 PM) (Source: ESENT) (User: )
Description: services (776) Bei der Datenbankwiederherstellung ist ein Fehler aufgetreten (Fehler -1216), da Verweise auf Datenbank "C:\WINDOWS\Security\Database\secedit.sdb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.
System errors:
=============
Error: (04/22/2014 00:58:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (10/08/2013 10:08:46 PM) (Source: DCOM) (User: Rijad)
Description: {9B3BEB4E-1C5E-4A5F-BB36-2F6587DD34E2}
Microsoft Office Sessions:
=========================
Error: (04/22/2014 01:25:38 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.2.9200.1643310a401cf5e1a10739a2d0C:\Windows\Explorer.EXEd0550862-ca10-11e3-be6f-7427eab6f2bd
Error: (04/22/2014 00:53:49 PM) (Source: ESENT)(User: )
Description: services776-1216
Error: (04/22/2014 00:53:49 PM) (Source: ESENT)(User: )
Description: services776-1216C:\WINDOWS\Security\Database\secedit.sdb
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 8149.41 MB
Available physical RAM: 5719.33 MB
Total Pagefile: 12757.41 MB
Available Pagefile: 10042.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:455.6 GB) (Free:348.81 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: A3C85569)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Lesestoff: