|
Plagegeister aller Art und deren Bekämpfung: Avast-Virusmeldung ja oder nein ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
05.01.2015, 20:21 | #1 |
| Avast-Virusmeldung ja oder nein ? Hallo, ich bin noch relativ neu hier dabei und hoffe dass ich gleich zu Beginn nichts falsch mache und alle notwendigen Infos euch bereitstellen werde, falls nicht weist mich bitte darauf hin. Folgendes Problem.. seit 4 Tagen bekomme ich immer "fast" die exakte Fehlermeldung von Avast über infizierte Dateien (ihr findet im Anhang einen Screenshot). Im internet habe ich schon etwas recherchiert, und dort sind die Personen geteilter Meinung. Manche sagen es kann sich hierbei um eine Fehlermeldung handeln, andere sind sich wiederrum nicht sicher. Ganz wichtig ich bin sehr unerfahren in Sachen PC-Dingen und hoffe auf einfach zu verstehende Antworten. Was haltet ihr von den Fehlermeldungen? Was muss ich jetzt unternehmen? Vielen Dank im vorraus !!! |
05.01.2015, 20:22 | #2 |
/// the machine /// TB-Ausbilder | Avast-Virusmeldung ja oder nein ? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
05.01.2015, 20:30 | #3 |
| Avast-Virusmeldung ja oder nein ? frst- text:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015 Ran by Nicolas (administrator) on NICOLAS-PC on 05-01-2015 20:25:59 Running from C:\Users\Nicolas\Downloads Loaded Profile: Nicolas (Available profiles: Nicolas & Administrator & DefaultAppPool) Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (McAfee, Inc.) C:\Program Files\mcafee\AppStats\MfeASUM.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Aztec Media Inc) C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe (Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe (Aztec Media Inc) C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe (Acute Angle Solutions Ltd) C:\ProgramData\uNKkKtYRZtH\psDQkRgyU.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\Integrator.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Aztec Media Inc) C:\Program Files (x86)\Settings Manager\smdmf\smdmfu.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-08-28] (Synaptics Incorporated) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-03-26] (Dritek System Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [Google Update] => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-08] (Google Inc.) HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 4\StartupManager.exe [37152 2013-11-19] (Glarysoft Ltd) HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [MKLOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-08] () HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-27] (Electronic Arts) HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.) HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-08] () HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd) AppInit_DLLs: C:\Users\Nicolas\AppData\Local\Linkey\IEEXTE~1\ietlb64.dll => C:\Users\Nicolas\AppData\Local\Linkey\IEExtension\ietlb64.dll [148496 2014-10-22] () AppInit_DLLs-x32: C:\Users\Nicolas\AppData\Local\Linkey\IEEXTE~1\ietlb.dll => C:\Users\Nicolas\AppData\Local\Linkey\IEExtension\ietlb.dll [129040 2014-10-22] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk ShortcutTarget: Curse.lnk -> C:\Users\Nicolas\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc) HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll [493584 2014-11-26] () HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll [669200 2014-11-26] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Search HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Software Downloads - die sichere Download Quelle - GIGA SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=206&itype=n&ver=14733&tm=567&src=ds&p={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=206&itype=n&ver=14733&tm=567&src=ds&p={searchTerms} SearchScopes: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001 -> DefaultScope {B9E27862-B0C2-46AA-9947-BA7BEC3ED912} URL = SearchScopes: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=206&itype=n&ver=14733&tm=567&src=ds&p={searchTerms} SearchScopes: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001 -> {B9E27862-B0C2-46AA-9947-BA7BEC3ED912} URL = BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\Nicolas\AppData\Local\Linkey\IEExtension\iedll64.dll (Aztec Media Inc) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft) BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\Nicolas\AppData\Local\Linkey\IEExtension\iedll.dll (Aztec Media Inc) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files (x86)\Freemium\Free PDF Perfect\ieagent64.dll (soft Xpansion) Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Toolbar: HKLM-x32 - No Name - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - No File Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default FF SearchEngineOrder.1: default-search.net FF SelectedSearchEngine: default-search.net FF Homepage: hxxp://www.default-search.net?sid=476&aid=206&itype=n&ver=14733&tm=567&src=hmp FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=206&itype=n&ver=14733&tm=567&src=ds&p= FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-4237666859-1210962419-3479872745-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-4237666859-1210962419-3479872745-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-4237666859-1210962419-3479872745-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nicolas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF SearchPlugin: C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default\searchplugins\default-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml FF Extension: Battlefield Play4Free - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default\Extensions\battlefieldplay4free@ea.com [2014-12-01] FF Extension: Linkey for Firefox - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default\Extensions\extension@linkeyproject.com [2014-12-20] FF Extension: Cliqz Beta - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default\Extensions\cliqz@cliqz.com.xpi [2014-12-24] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-11-23] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-07] FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF HKLM-x32\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb FF HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default\extensions\cliqz@cliqz.com Chrome: ======= CHR Profile: C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-22] CHR Extension: (Google Docs) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-22] CHR Extension: (Google Drive) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-22] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-22] CHR Extension: (YouTube) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-22] CHR Extension: (Google-Suche) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-22] CHR Extension: (Google Tabellen) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-22] CHR Extension: (Avast Online Security) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-22] CHR Extension: (Amazon-Icon) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-12-22] CHR Extension: (Google Wallet) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-22] CHR Extension: (Google Mail) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-22] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-09-09] CHR HKLM-x32\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Nicolas\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [2014-12-20] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06] CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Nicolas\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-11-27] CHR HKLM-x32\...\Chrome\Extension: [poimdfnhgefmnkeefbjibbiemlimdnof] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software) R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed] S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-11-02] (BitRaider, LLC) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated) S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated) R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2094216 2013-05-29] () R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation) R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [16896 2014-12-07] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-09] (McAfee, Inc.) R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2014-12-07] (Microsoft Corporation) R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [168448 2014-12-07] (Microsoft Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation) R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-27] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-08-17] () R2 psDQkRgyU; C:\ProgramData\uNKkKtYRZtH\psDQkRgyU.exe [2726256 2014-12-20] (Acute Angle Solutions Ltd) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-03-26] (Dritek System INC.) R2 SmdmFService; C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe [3572240 2014-11-26] (Aztec Media Inc) S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-09] (soft Xpansion) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-12-07] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-12-07] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software) R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] () R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation) R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2013-11-18] (Glarysoft Ltd) S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-11-02] (BitRaider) R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation) R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg [41872 2014-11-26] (Aztec Media Inc) R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-09] (McAfee, Inc.) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2014-12-07] (Microsoft Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-26] (Dritek System Inc.) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-05 20:25 - 2015-01-05 20:26 - 00026811 _____ () C:\Users\Nicolas\Downloads\FRST.txt 2015-01-05 20:25 - 2015-01-05 20:26 - 00000000 ____D () C:\FRST 2015-01-05 20:25 - 2015-01-05 20:25 - 02123776 _____ (Farbar) C:\Users\Nicolas\Downloads\FRST64.exe 2015-01-05 19:24 - 2015-01-05 19:24 - 00000346 _____ () C:\WINDOWS\PFRO.log 2015-01-05 19:14 - 2015-01-05 19:14 - 00000000 _____ () C:\autoexec.bat 2015-01-05 19:12 - 2015-01-05 19:12 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Nicolas\Downloads\SpyHunter-Installer.exe 2015-01-04 16:26 - 2015-01-04 16:26 - 00000020 ___SH () C:\Users\DefaultAppPool\ntuser.ini 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Vorlagen 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Startmenü 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Netzwerkumgebung 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Lokale Einstellungen 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Eigene Dateien 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Druckumgebung 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Eigene Musik 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Eigene Bilder 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Local\Verlauf 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Anwendungsdaten 2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 ____D () C:\Users\DefaultAppPool 2015-01-04 16:26 - 2014-11-12 22:41 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-01-04 16:26 - 2014-09-14 22:44 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-01-04 16:26 - 2014-07-11 16:56 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Macromedia 2015-01-04 16:26 - 2014-03-18 11:11 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2015-01-04 16:26 - 2014-03-18 11:11 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2015-01-04 16:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-01-04 16:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-12-30 01:12 - 2014-12-30 01:12 - 00000047 _____ () C:\Users\Nicolas\jagex_cl_runescape_LIVE2.dat 2014-12-30 01:12 - 2014-12-30 01:12 - 00000000 ____D () C:\Users\Nicolas\jagexcache2 2014-12-30 01:06 - 2014-12-30 01:06 - 00000000 ____D () C:\Users\Nicolas\.jagex_cache_32 2014-12-29 20:02 - 2014-12-29 20:02 - 00000048 _____ () C:\Users\Nicolas\jagex_cl_speccollect_LIVE.dat 2014-12-29 17:53 - 2015-01-01 18:31 - 00000000 ____D () C:\Users\Nicolas\Desktop\Sport 2014-12-28 16:03 - 2014-12-28 16:10 - 00000273 _____ () C:\WINDOWS\setupact.log 2014-12-28 16:03 - 2014-12-28 16:03 - 00000000 _____ () C:\WINDOWS\setuperr.log 2014-12-28 16:02 - 2015-01-03 21:32 - 00000047 _____ () C:\Users\Nicolas\jagex_cl_runescape_LIVE1.dat 2014-12-28 16:02 - 2014-12-28 16:02 - 00000000 ____D () C:\Users\Nicolas\jagexcache1 2014-12-27 17:48 - 2015-01-05 19:45 - 00793645 _____ () C:\WINDOWS\WindowsUpdate.log 2014-12-27 14:35 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-12-27 14:35 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2014-12-27 14:35 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll 2014-12-27 14:35 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2014-12-27 14:35 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2014-12-27 14:35 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-12-27 14:35 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-12-27 14:35 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-12-22 21:25 - 2014-12-22 21:25 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-12-22 21:25 - 2014-12-22 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-12-22 21:24 - 2014-12-22 21:24 - 42184784 _____ (Google Inc.) C:\Users\Nicolas\Downloads\ChromeStandaloneSetup.exe 2014-12-22 21:21 - 2014-12-22 21:21 - 10801480 _____ (VS Revo Group ) C:\Users\Nicolas\Downloads\RevoUninProSetup.exe 2014-12-22 21:21 - 2014-12-22 21:21 - 00000000 ____D () C:\Users\Nicolas\AppData\Local\VS Revo Group 2014-12-22 21:21 - 2014-12-22 21:21 - 00000000 ____D () C:\ProgramData\VS Revo Group 2014-12-22 21:21 - 2014-12-22 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2014-12-22 21:21 - 2014-12-22 21:21 - 00000000 ____D () C:\Program Files\VS Revo Group 2014-12-22 21:21 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys 2014-12-22 21:16 - 2014-12-22 21:16 - 01174352 _____ () C:\Users\Nicolas\Downloads\Revo Uninstaller - CHIP-Installer.exe 2014-12-22 21:16 - 2014-12-22 21:16 - 00001288 _____ () C:\Users\Nicolas\Desktop\Revo Uninstaller.lnk 2014-12-22 21:16 - 2014-12-22 21:16 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\Cliqz 2014-12-22 21:16 - 2014-12-22 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-12-22 21:16 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll 2014-12-22 21:16 - 2011-03-25 19:42 - 00338432 _____ () C:\WINDOWS\SysWOW64\sqlite36_engine.dll 2014-12-21 21:19 - 2014-12-21 21:19 - 00000000 ____D () C:\ProgramData\Browser 2014-12-20 20:52 - 2015-01-05 19:14 - 00000023 _____ () C:\Users\Nicolas\jagexappletviewer.preferences 2014-12-20 20:52 - 2014-12-20 20:52 - 00000000 ____D () C:\.jagex_cache_32 2014-12-20 20:51 - 2014-12-20 20:51 - 00002124 _____ () C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk 2014-12-20 20:51 - 2014-12-20 20:51 - 00002094 _____ () C:\Users\Nicolas\Desktop\RuneScape.lnk 2014-12-20 20:51 - 2014-12-20 20:51 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape 2014-12-20 20:50 - 2014-12-20 20:50 - 23810048 _____ () C:\Users\Nicolas\Downloads\RuneScape.msi 2014-12-20 18:23 - 2014-12-20 18:23 - 00000000 ____D () C:\Users\Nicolas\AppData\Local\Linkey 2014-12-20 18:22 - 2015-01-05 20:26 - 00000000 ____D () C:\ProgramData\smdmf 2014-12-20 18:22 - 2015-01-05 20:25 - 00000000 ____D () C:\Users\Nicolas\AppData\Local\SafeWeb 2014-12-20 18:22 - 2014-12-20 18:22 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\FirefoxToolbar 2014-12-20 18:22 - 2014-12-20 18:22 - 00000000 ____D () C:\ProgramData\uNKkKtYRZtH 2014-12-20 18:22 - 2014-12-20 18:22 - 00000000 ____D () C:\Program Files (x86)\Settings Manager 2014-12-20 18:21 - 2014-12-20 18:22 - 00000000 ____D () C:\ProgramData\SafeWeb 2014-12-20 18:20 - 2014-12-20 18:20 - 00372600 _____ () C:\Users\Nicolas\Downloads\SoftonicDownloader_for_grand-theft-auto-san-andreas.exe 2014-12-20 18:19 - 2014-12-20 18:19 - 00587528 _____ () C:\Users\Nicolas\Downloads\installer_gta-sanandreas_English.exe 2014-12-20 18:18 - 2014-12-20 18:18 - 00021471 _____ () C:\Users\Nicolas\Downloads\GTAIVSA.com_GTA_IV_San_Andreas_BETA_3_World_Enhancement (1).rar 2014-12-20 18:17 - 2014-12-20 18:17 - 00021471 _____ () C:\Users\Nicolas\Downloads\GTAIVSA.com_GTA_IV_San_Andreas_BETA_3_World_Enhancement.rar 2014-12-16 17:00 - 2014-12-16 17:00 - 00000000 ____D () C:\Users\Nicolas\Downloads\Neuer Ordner (2) 2014-12-16 17:00 - 2014-12-16 17:00 - 00000000 ____D () C:\Users\Nicolas\Downloads\Neuer Ordner 2014-12-15 14:14 - 2014-12-15 14:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-12-14 21:40 - 2014-12-14 21:41 - 05302296 _____ () C:\Users\Nicolas\Downloads\cfosspeed-v964.exe 2014-12-14 19:09 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2014-12-14 19:09 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2014-12-10 13:46 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll 2014-12-10 13:46 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll 2014-12-10 13:46 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll 2014-12-10 13:46 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll 2014-12-10 11:28 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2014-12-10 11:28 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2014-12-10 11:28 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2014-12-10 11:28 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2014-12-10 11:28 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2014-12-10 11:28 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-12-10 11:27 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-12-10 11:27 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-12-10 11:27 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-12-10 11:27 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec 2014-12-10 11:27 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-12-10 11:27 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2014-12-10 11:27 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-12-10 11:27 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-12-10 11:27 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-12-10 11:27 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-12-10 11:27 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec 2014-12-10 11:27 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2014-12-10 11:27 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-12-10 11:27 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-12-10 11:27 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-12-10 11:27 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2014-12-10 11:27 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2014-12-10 11:27 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2014-12-10 11:27 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-12-10 11:27 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-12-10 11:27 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-12-10 11:27 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-12-10 11:27 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-12-10 11:27 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-12-10 11:27 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2014-12-10 11:27 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-12-10 11:27 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-12-10 11:27 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2014-12-10 11:27 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-12-10 11:27 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2014-12-10 11:27 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-12-10 11:27 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-12-10 11:27 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-12-10 11:27 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-12-10 11:27 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-12-10 11:27 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-12-10 11:27 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-12-10 11:27 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-12-10 11:27 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-12-09 13:56 - 2014-12-09 14:00 - 00000000 ____D () C:\ProgramData\Oracle 2014-12-09 13:55 - 2014-12-09 13:55 - 00638376 _____ (Oracle Corporation) C:\Users\Nicolas\Downloads\jre-8u25-windows-i586-iftw.exe 2014-12-08 20:44 - 2014-12-08 20:44 - 01112064 _____ () C:\Users\Nicolas\Downloads\MicrosoftFixit50409.msi 2014-12-07 20:23 - 2014-12-07 20:23 - 00007580 _____ () C:\Users\Nicolas\Downloads\Stoppschild.svg 2014-12-07 18:34 - 2014-12-07 18:34 - 00000000 ____D () C:\WINDOWS\SysWOW64\BestPractices 2014-12-07 18:34 - 2014-12-07 18:34 - 00000000 ____D () C:\WINDOWS\system32\msmq 2014-12-07 18:34 - 2014-12-07 18:34 - 00000000 ____D () C:\WINDOWS\system32\BestPractices 2014-12-07 18:34 - 2014-12-07 18:34 - 00000000 ____D () C:\inetpub ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-05 20:23 - 2013-11-20 18:00 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\ClassicShell 2015-01-05 20:02 - 2014-08-25 14:29 - 00000000 ____D () C:\Users\Nicolas\Desktop\Kroatien - Privlaka 2014 2015-01-05 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-01-05 19:38 - 2013-06-08 16:36 - 00001150 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001UA.job 2015-01-05 19:38 - 2013-06-08 16:36 - 00001098 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001Core.job 2015-01-05 19:32 - 2013-10-11 19:45 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-05 19:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv 2015-01-05 19:26 - 2013-11-30 13:39 - 00000358 _____ () C:\WINDOWS\Tasks\GlaryInitialize 4.job 2015-01-05 19:26 - 2013-09-07 16:44 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update 2015-01-05 19:25 - 2014-07-11 17:26 - 00000000 ___DO () C:\Users\Nicolas\OneDrive 2015-01-05 19:25 - 2013-11-30 13:38 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4 2015-01-05 19:25 - 2013-10-11 19:45 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-05 19:25 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-01-05 19:24 - 2013-08-22 14:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI 2015-01-05 19:23 - 2014-07-11 16:48 - 00000000 ____D () C:\Users\Nicolas 2015-01-05 19:23 - 2014-05-08 08:04 - 00000024 _____ () C:\Users\Nicolas\random.dat 2015-01-05 18:23 - 2014-05-08 08:04 - 00000046 _____ () C:\Users\Nicolas\jagex_cl_runescape_LIVE.dat 2015-01-05 15:23 - 2014-08-28 17:08 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{22801DC1-1C3A-49C9-B455-DA095770254F} 2015-01-05 15:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-01-02 17:36 - 2013-06-08 11:38 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4237666859-1210962419-3479872745-1001 2015-01-01 18:29 - 2013-06-08 16:36 - 00000000 ____D () C:\Users\Nicolas\AppData\Local\Google 2014-12-29 20:02 - 2014-05-08 08:04 - 00000000 ____D () C:\Users\Nicolas\jagexcache 2014-12-29 16:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-12-29 14:10 - 2014-03-18 11:03 - 01871602 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-12-29 14:10 - 2014-03-18 10:25 - 00805650 _____ () C:\WINDOWS\system32\perfh007.dat 2014-12-29 14:10 - 2014-03-18 10:25 - 00170502 _____ () C:\WINDOWS\system32\perfc007.dat 2014-12-28 18:26 - 2014-07-12 11:02 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2014-12-28 18:23 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-12-28 16:01 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-12-26 20:52 - 2014-10-24 16:44 - 00000000 ____D () C:\Users\Nicolas\Desktop\Filme 2014-12-22 21:25 - 2013-10-11 19:44 - 00000000 ____D () C:\Program Files (x86)\Google 2014-12-21 13:04 - 2013-06-17 15:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-12-20 17:37 - 2013-06-17 21:03 - 00282104 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr 2014-12-20 17:37 - 2013-06-17 20:59 - 00282104 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe 2014-12-19 17:52 - 2013-07-02 13:41 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\Skype 2014-12-18 22:28 - 2013-06-17 20:59 - 00282104 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2014-12-14 21:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-12-13 00:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS 2014-12-13 00:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS 2014-12-13 00:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions 2014-12-10 18:37 - 2013-07-19 17:09 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-12-10 18:32 - 2013-06-09 13:40 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-12-09 14:31 - 2014-08-24 21:34 - 00000228 _____ () C:\Users\Nicolas\BullseyeCoverageError.txt 2014-12-09 13:57 - 2014-05-08 08:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-12-09 13:57 - 2014-05-08 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-12-09 13:56 - 2014-01-03 18:37 - 00000000 ____D () C:\Program Files (x86)\Java 2014-12-08 11:46 - 2014-11-25 23:19 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\vlc 2014-12-07 18:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv 2014-12-07 18:34 - 2013-08-22 10:50 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll 2014-12-07 18:34 - 2013-08-22 04:29 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqtrig.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\infoadmn.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\infoadmn.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe 2014-12-07 18:33 - 2014-07-11 17:25 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe 2014-12-07 18:33 - 2014-07-11 17:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\infoctrs.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\infoctrs.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll 2014-12-07 18:33 - 2014-07-11 17:25 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll 2014-12-07 18:33 - 2013-08-22 12:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb 2014-12-07 18:33 - 2013-08-22 12:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb 2014-12-07 18:33 - 2013-08-22 12:44 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb 2014-12-07 18:33 - 2013-08-22 12:44 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb 2014-12-07 18:33 - 2013-08-22 12:40 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2014-12-07 18:33 - 2013-08-22 12:35 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll 2014-12-07 18:33 - 2013-08-22 12:32 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe 2014-12-07 18:33 - 2013-08-22 12:26 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe 2014-12-07 18:33 - 2013-08-22 12:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll 2014-12-07 18:33 - 2013-08-22 12:05 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqmigplugin.dll 2014-12-07 18:33 - 2013-08-22 11:53 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll 2014-12-07 18:33 - 2013-08-22 11:51 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqtrig.dll 2014-12-07 18:33 - 2013-08-22 11:41 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe 2014-12-07 18:33 - 2013-08-22 11:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqise.dll 2014-12-07 18:33 - 2013-08-22 11:32 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll 2014-12-07 18:33 - 2013-08-22 11:25 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsec.dll 2014-12-07 18:33 - 2013-08-22 11:23 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll 2014-12-07 18:33 - 2013-08-22 11:21 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqad.dll 2014-12-07 18:33 - 2013-08-22 11:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll 2014-12-07 18:33 - 2013-08-22 11:10 - 01408512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll 2014-12-07 18:33 - 2013-08-22 07:59 - 00009096 _____ () C:\WINDOWS\system32\msmqtrc.mof 2014-12-07 18:33 - 2013-08-22 05:16 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb 2014-12-07 18:33 - 2013-08-22 05:16 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb 2014-12-07 18:33 - 2013-08-22 05:16 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb 2014-12-07 18:33 - 2013-08-22 05:16 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb 2014-12-07 18:33 - 2013-08-22 05:06 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll 2014-12-07 18:33 - 2013-08-22 04:54 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2014-12-07 18:33 - 2013-08-22 04:41 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll 2014-12-07 18:33 - 2013-08-22 04:31 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll 2014-12-07 18:33 - 2013-08-22 04:19 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqise.dll 2014-12-07 18:33 - 2013-08-22 04:16 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcmiplugin.dll 2014-12-07 18:33 - 2013-08-22 04:09 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsec.dll 2014-12-07 18:33 - 2013-08-22 04:08 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2014-12-07 18:33 - 2013-08-22 04:06 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqad.dll 2014-12-07 18:33 - 2013-08-22 04:05 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2014-12-07 18:33 - 2013-08-22 00:55 - 00009096 _____ () C:\WINDOWS\SysWOW64\msmqtrc.mof Files to move or delete: ==================== C:\Users\Nicolas\jagex_cl_runescape_LIVE.dat C:\Users\Nicolas\jagex_cl_runescape_LIVE1.dat C:\Users\Nicolas\jagex_cl_runescape_LIVE2.dat C:\Users\Nicolas\jagex_cl_speccollect_LIVE.dat C:\Users\Nicolas\random.dat ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-03 12:54 ==================== End Of Log ============================ additional text: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015 Ran by Nicolas at 2015-01-05 20:27:17 Running from C:\Users\Nicolas\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation) Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3015 - Acer Incorporated) AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated) AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden Age of Mythology - The Titans Expansion (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: - ) Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - ) Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software) AwesomiumSetup (HKLM-x32\...\{19EF99D1-7EE6-4B5E-ABEE-0B3825F703B0}) (Version: 1.00.0000 - SIX Networks GmbH) Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield Play4Free (Nicolas) (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.96 - Broadcom Corporation) Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation) CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) CD Bremse 1.49 (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\CD Bremse_is1) (Version: 1.49 - ) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated) clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated) Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 27.0.4.0 - COMODO) Cossacks - Back To War (HKLM-x32\...\Cossacks : Back To War) (Version: - ) Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse) CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.) Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Dethkarz (HKLM-x32\...\Dethkarz) (Version: - ) DIE SIEDLER - Das Erbe der Könige (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Free Pdf Perfect Prereq (HKLM-x32\...\{1fc96138-d342-4c3a-979a-7aa9ae35bf87}) (Version: 1.0.0.0 - Covus Freemium GmbH) Free Pdf Perfect Prereq (x32 Version: 1.0.0.0 - Covus Freemium GmbH) Hidden Free YouTube to MP3 Converter version 3.12.27.225 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.27.225 - DVDVideoSoft Ltd.) Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation) Freemium Free PDF Perfect (HKLM-x32\...\{88265079-D6F4-4292-86BE-D2053E80BFE4}) (Version: 1.0 - Freemium) Gameforge Live 2.0.1 "Baby Genius" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.1 - Gameforge) GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - ) Glary Utilities 4.0 (HKLM-x32\...\Glary Utilities 4) (Version: 4.0.0.53 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LibreOffice 4.1.4.2 (HKLM-x32\...\{94E11973-ED58-47A0-907C-ABF6D95C5DD8}) (Version: 4.1.4.2 - The Document Foundation) Linkey (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Linkey) (Version: 0.0.0.599 - Aztec Media Inc) <==== ATTENTION Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated) Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden Microprose GP500 (HKLM-x32\...\GP500) (Version: - ) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) MK LOL (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\MK LOL) (Version: - ) MKLOL (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\MKLOL) (Version: - ) Moorhuhnjagd (HKLM-x32\...\Moorhuhnjagd) (Version: - ) Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios) MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r - Symantec Corporation) Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation) NTI Media Maker 9 (x32 Version: 9.0.2.9014 - NTI Corporation) Hidden NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation) Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer) Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer) OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.) Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 beta r2302 - ) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.) RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software) RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd) Safe Web (HKLM-x32\...\SafeWeb) (Version: 2.7.45 - Acute Angle Solutions Ltd) Settings Manager (HKLM-x32\...\Settings Manager) (Version: 5.0.0.14733 - Aztec Media Inc) <==== ATTENTION Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo) Unity Web Player (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS) VIS (HKLM-x32\...\VIS) (Version: - ) <==== ATTENTION Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= 15-12-2014 21:52:41 Windows Update 20-12-2014 14:37:21 Windows Update 23-12-2014 22:21:11 Windows Update 28-12-2014 15:59:52 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {16EFA966-3ED8-4E5D-8366-7B62881E3336} - System32\Tasks\{84267DC1-6078-44B9-B78C-A459687A9B51} => pcalua.exe -a "C:\Programme\Liquid Entertainment\DER RINGKRIEG™\Rings.exe" -d "C:\Programme\Liquid Entertainment\DER RINGKRIEG™" Task: {1D7457F3-7D0D-4693-8D03-279BD8D51465} - System32\Tasks\{92D4E00C-69F8-4BDE-BACC-B8C152C5E0C0} => pcalua.exe -a D:\Detinst.exe -d D:\ Task: {214FE432-9C57-4BFE-9B32-9131CA66F82F} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink) Task: {3D53337C-0CF2-4126-829C-F24C67E12A09} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-11-19] (Acer Incorporated) Task: {406176E3-10C1-4126-8842-356212080477} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11] (Google Inc.) Task: {4379264D-F433-46DD-A857-020CCC076024} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: {463742B4-EA0D-4006-83B2-63B2CEE1DE20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11] (Google Inc.) Task: {4CC312B7-6E38-48D7-968B-5A32EF6DE919} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] () Task: {5973892A-E570-48C2-942D-80BCF9A53397} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] () Task: {712575FD-3946-48B0-8E42-92720561E276} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation) Task: {7EF63D65-0BC1-41D4-BA3E-CE4A53BAB9E1} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe [2013-11-19] (Glarysoft Ltd) Task: {8154D370-E893-48DA-8FB4-5F92B9149B8F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001UA => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-08] (Google Inc.) Task: {81F6BD5F-9D3F-4461-8392-11D8DD1DBCCD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software) Task: {9BCA1EB6-5CB7-4148-98C2-A4CAE60847C1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd) Task: {A65C8F43-EEF1-4484-8064-F0D74CC87F4A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001Core => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-08] (Google Inc.) Task: {B247FA39-D78E-4C4A-82A2-472A3749D8A5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated) Task: {DB64B269-2CDE-44B5-BE36-0D25D11BF885} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {E68DE6BF-A61B-40BA-9006-BC6326D1B81D} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.) Task: C:\WINDOWS\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001Core.job => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001UA.job => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (whitelisted) ============= 2014-12-20 18:22 - 2014-11-26 14:58 - 00669200 _____ () C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll 2013-05-29 13:19 - 2013-05-29 13:19 - 02094216 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe 2013-06-17 20:59 - 2014-08-17 15:15 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll 2013-06-12 17:11 - 2013-10-15 17:25 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe 2013-10-15 17:26 - 2014-12-10 11:38 - 02465272 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe 2014-12-18 14:00 - 2014-12-18 14:00 - 04214776 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe 2014-05-13 11:41 - 2014-05-13 11:41 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exe 2014-12-20 18:22 - 2014-11-26 14:58 - 00493584 _____ () C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll 2014-08-06 15:04 - 2014-08-06 15:04 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2015-01-05 17:56 - 2015-01-05 17:56 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010500\algo.dll 2015-01-05 19:26 - 2015-01-05 19:26 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010501\algo.dll 2012-11-03 01:38 - 2012-11-03 01:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll 2012-11-03 01:37 - 2012-11-03 01:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll 2012-11-03 01:38 - 2012-11-03 01:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll 2012-11-03 01:37 - 2012-11-03 01:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll 2012-11-03 01:37 - 2012-11-03 01:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll 2012-11-03 01:37 - 2012-11-03 01:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll 2012-11-03 01:37 - 2012-11-03 01:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll 2013-11-19 04:56 - 2013-11-19 04:56 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 4\zlib1.dll 2014-08-06 15:04 - 2014-08-06 15:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-03-26 12:36 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2014-12-22 21:25 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll 2014-12-22 21:25 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll 2014-12-18 14:00 - 2014-12-18 14:00 - 01628152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\RiotLauncher.dll 2014-05-13 11:30 - 2013-10-15 17:50 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll 2014-05-13 11:30 - 2013-10-15 17:50 - 16032616 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll 2014-12-22 21:25 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll 2014-12-22 21:25 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll 2014-12-22 21:25 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Nicolas\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk" HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\StartupFolder: => "Curse.lnk" HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "Driver Mender" HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "KSS" HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "MKLOL" HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "CCleaner Monitoring" ========================= Accounts: ========================== Administrator (S-1-5-21-4237666859-1210962419-3479872745-500 - Administrator - Enabled) => C:\Users\Administrator Gast (S-1-5-21-4237666859-1210962419-3479872745-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4237666859-1210962419-3479872745-1003 - Limited - Enabled) Nicolas (S-1-5-21-4237666859-1210962419-3479872745-1001 - Administrator - Enabled) => C:\Users\Nicolas ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/05/2015 07:55:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 140 Startzeit: 01d0291873468807 Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: 66ba2e6b-950c-11e4-bee5-20898483a972 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 Error: (01/05/2015 07:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 17a0 Startzeit: 01d02916ffc6e23b Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: f3501b2a-950a-11e4-bee5-20898483a972 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (01/05/2015 07:30:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1048 Startzeit: 01d0291503b05cb4 Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: f7783a26-9508-11e4-bee5-20898483a972 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 Error: (01/05/2015 07:19:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 17b0 Startzeit: 01d029137142e9a9 Endzeit: 4294967295 Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe Berichts-ID: 66f05bdd-9507-11e4-bee4-20898483a972 Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1 System errors: ============= Error: (01/05/2015 07:23:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%1062 Error: (01/05/2015 07:23:29 PM) (Source: DCOM) (EventID: 10010) (User: NICOLAS-PC) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (01/05/2015 07:23:27 PM) (Source: DCOM) (EventID: 10010) (User: NICOLAS-PC) Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474} Error: (01/05/2015 05:54:20 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 05.01.2015 um 17:43:36 unerwartet heruntergefahren. Error: (01/05/2015 04:50:15 PM) (Source: DCOM) (EventID: 10010) (User: NICOLAS-PC) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (01/05/2015 01:41:58 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (01/05/2015 01:41:58 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (01/05/2015 01:33:56 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (01/04/2015 03:43:59 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 04.01.2015 um 14:51:43 unerwartet heruntergefahren. Error: (01/04/2015 01:06:10 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 04.01.2015 um 13:03:37 unerwartet heruntergefahren. Microsoft Office Sessions: ========================= Error: (01/05/2015 07:55:24 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2068914001d02918734688074294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe66ba2e6b-950c-11e4-bee5-20898483a972microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (01/05/2015 07:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2068917a001d02916ffc6e23b4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exef3501b2a-950a-11e4-bee5-20898483a972microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_for_grand-theft-auto-iv.exe Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_for_grand-theft-auto-san-andreas.exe Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_fuer_battlefield-2.exe Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_fuer_gta-iv-san-andreas(1).exe Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_fuer_gta-iv-san-andreas.exe Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_fuer_slender.exe Error: (01/05/2015 07:30:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20689104801d0291503b05cb44294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exef7783a26-9508-11e4-bee5-20898483a972microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (01/05/2015 07:19:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.2068917b001d029137142e9a94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe66f05bdd-9507-11e4-bee4-20898483a972microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 CodeIntegrity Errors: =================================== Date: 2015-01-05 19:24:54.880 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2015-01-05 19:24:54.708 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2015-01-05 17:54:18.873 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2015-01-05 17:54:18.716 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2015-01-04 15:43:58.114 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2015-01-04 15:43:57.942 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2015-01-04 13:06:09.161 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2015-01-04 13:06:08.989 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2015-01-04 01:00:52.520 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements. Date: 2015-01-04 01:00:52.364 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz Percentage of memory in use: 55% Total physical RAM: 3911.27 MB Available physical RAM: 1751.91 MB Total Pagefile: 7731.27 MB Available Pagefile: 5215.02 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:678.75 GB) (Free:512.16 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 6815AAA5) Partition: GPT Partition Type. |
06.01.2015, 00:48 | #4 |
/// the machine /// TB-Ausbilder | Avast-Virusmeldung ja oder nein ? hi, Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Avast-Virusmeldung ja oder nein ? |
andere, anhang, avast, bereits, dateien, einfach, falsch, fehlermeldung, fehlermeldungen, hilfe, hoffe, infizierte, infos, interne, internet, neu, nichts, relativ, sache, sachen, screenshot, stelle, unerfahren, unternehmen, virus, wichtig, worte |