Avast-Virusmeldung ja oder nein ?

i3lackBird · 05.01.2015, 20:21

Hallo,
ich bin noch relativ neu hier dabei und hoffe dass ich gleich zu Beginn nichts falsch mache und alle notwendigen Infos euch bereitstellen werde, falls nicht weist mich bitte darauf hin.
Folgendes Problem.. seit 4 Tagen bekomme ich immer "fast" die exakte Fehlermeldung von Avast über infizierte Dateien (ihr findet im Anhang einen Screenshot). Im internet habe ich schon etwas recherchiert, und dort sind die Personen geteilter Meinung. Manche sagen es kann sich hierbei um eine Fehlermeldung handeln, andere sind sich wiederrum nicht sicher. Ganz wichtig ich bin sehr unerfahren in Sachen PC-Dingen und hoffe auf einfach zu verstehende Antworten.
Was haltet ihr von den Fehlermeldungen? Was muss ich jetzt unternehmen?
Vielen Dank im vorraus !!!

schrauber · 05.01.2015, 20:22

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

i3lackBird · 05.01.2015, 20:30

frst- text:
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-01-2015
Ran by Nicolas (administrator) on NICOLAS-PC on 05-01-2015 20:25:59
Running from C:\Users\Nicolas\Downloads
Loaded Profile: Nicolas (Available profiles: Nicolas & Administrator & DefaultAppPool)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\mcafee\AppStats\MfeASUM.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe
(Acute Angle Solutions Ltd) C:\ProgramData\uNKkKtYRZtH\psDQkRgyU.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\smdmf\smdmfu.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-03-26] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [Google Update] => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-06-08] (Google Inc.)
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 4\StartupManager.exe [37152 2013-11-19] (Glarysoft Ltd)
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [MKLOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-08] ()
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-27] (Electronic Arts)
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2014-11-08] ()
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
AppInit_DLLs: C:\Users\Nicolas\AppData\Local\Linkey\IEEXTE~1\ietlb64.dll => C:\Users\Nicolas\AppData\Local\Linkey\IEExtension\ietlb64.dll [148496 2014-10-22] ()
AppInit_DLLs-x32: C:\Users\Nicolas\AppData\Local\Linkey\IEEXTE~1\ietlb.dll => C:\Users\Nicolas\AppData\Local\Linkey\IEExtension\ietlb.dll [129040 2014-10-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk
ShortcutTarget: Curse.lnk -> C:\Users\Nicolas\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll [493584 2014-11-26] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll [669200 2014-11-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Search
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Software Downloads - die sichere Download Quelle - GIGA
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=206&itype=n&ver=14733&tm=567&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=206&itype=n&ver=14733&tm=567&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001 -> DefaultScope {B9E27862-B0C2-46AA-9947-BA7BEC3ED912} URL = 
SearchScopes: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=206&itype=n&ver=14733&tm=567&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001 -> {B9E27862-B0C2-46AA-9947-BA7BEC3ED912} URL = 
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\Nicolas\AppData\Local\Linkey\IEExtension\iedll64.dll (Aztec Media Inc)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\Nicolas\AppData\Local\Linkey\IEExtension\iedll.dll (Aztec Media Inc)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files (x86)\Freemium\Free PDF Perfect\ieagent64.dll (soft Xpansion)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} -  No File
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: default-search.net
FF Homepage: hxxp://www.default-search.net?sid=476&aid=206&itype=n&ver=14733&tm=567&src=hmp
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=206&itype=n&ver=14733&tm=567&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4237666859-1210962419-3479872745-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4237666859-1210962419-3479872745-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-4237666859-1210962419-3479872745-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nicolas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF Extension: Battlefield Play4Free - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default\Extensions\battlefieldplay4free@ea.com [2014-12-01]
FF Extension: Linkey for Firefox - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default\Extensions\extension@linkeyproject.com [2014-12-20]
FF Extension: Cliqz Beta - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default\Extensions\cliqz@cliqz.com.xpi [2014-12-24]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2012-11-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKLM-x32\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Nicolas\AppData\Roaming\Mozilla\Firefox\Profiles\0opveede.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-22]
CHR Extension: (Google Docs) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-22]
CHR Extension: (Google Drive) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-22]
CHR Extension: (YouTube) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-22]
CHR Extension: (Google-Suche) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-22]
CHR Extension: (Google Tabellen) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-22]
CHR Extension: (Avast Online Security) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-22]
CHR Extension: (Amazon-Icon) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-12-22]
CHR Extension: (Google Wallet) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-22]
CHR Extension: (Google Mail) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-22]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-09-09]
CHR HKLM-x32\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Nicolas\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [2014-12-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Nicolas\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-11-27]
CHR HKLM-x32\...\Chrome\Extension: [poimdfnhgefmnkeefbjibbiemlimdnof] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-11-02] (BitRaider, LLC)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2449552 2012-10-25] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2094216 2013-05-29] ()
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [16896 2014-12-07] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-09-09] (McAfee, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2014-12-07] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [168448 2014-12-07] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-27] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-08-17] ()
R2 psDQkRgyU; C:\ProgramData\uNKkKtYRZtH\psDQkRgyU.exe [2726256 2014-12-20] (Acute Angle Solutions Ltd)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-03-26] (Dritek System INC.)
R2 SmdmFService; C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe [3572240 2014-11-26] (Aztec Media Inc)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-10-09] (soft Xpansion)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-12-07] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-12-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-12-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17088 2013-11-18] (Glarysoft Ltd)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-11-02] (BitRaider)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg [41872 2014-11-26] (Aztec Media Inc)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-09-09] (McAfee, Inc.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2014-12-07] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-26] (Dritek System Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 20:25 - 2015-01-05 20:26 - 00026811 _____ () C:\Users\Nicolas\Downloads\FRST.txt
2015-01-05 20:25 - 2015-01-05 20:26 - 00000000 ____D () C:\FRST
2015-01-05 20:25 - 2015-01-05 20:25 - 02123776 _____ (Farbar) C:\Users\Nicolas\Downloads\FRST64.exe
2015-01-05 19:24 - 2015-01-05 19:24 - 00000346 _____ () C:\WINDOWS\PFRO.log
2015-01-05 19:14 - 2015-01-05 19:14 - 00000000 _____ () C:\autoexec.bat
2015-01-05 19:12 - 2015-01-05 19:12 - 03044736 _____ (Enigma Software Group USA, LLC.) C:\Users\Nicolas\Downloads\SpyHunter-Installer.exe
2015-01-04 16:26 - 2015-01-04 16:26 - 00000020 ___SH () C:\Users\DefaultAppPool\ntuser.ini
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Vorlagen
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Startmenü
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Netzwerkumgebung
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Lokale Einstellungen
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Eigene Dateien
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Druckumgebung
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Eigene Musik
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Eigene Bilder
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Local\Verlauf
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 _SHDL () C:\Users\DefaultAppPool\Anwendungsdaten
2015-01-04 16:26 - 2015-01-04 16:26 - 00000000 ____D () C:\Users\DefaultAppPool
2015-01-04 16:26 - 2014-11-12 22:41 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-04 16:26 - 2014-09-14 22:44 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-04 16:26 - 2014-07-11 16:56 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2015-01-04 16:26 - 2014-03-18 11:11 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-01-04 16:26 - 2014-03-18 11:11 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-01-04 16:26 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-04 16:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-30 01:12 - 2014-12-30 01:12 - 00000047 _____ () C:\Users\Nicolas\jagex_cl_runescape_LIVE2.dat
2014-12-30 01:12 - 2014-12-30 01:12 - 00000000 ____D () C:\Users\Nicolas\jagexcache2
2014-12-30 01:06 - 2014-12-30 01:06 - 00000000 ____D () C:\Users\Nicolas\.jagex_cache_32
2014-12-29 20:02 - 2014-12-29 20:02 - 00000048 _____ () C:\Users\Nicolas\jagex_cl_speccollect_LIVE.dat
2014-12-29 17:53 - 2015-01-01 18:31 - 00000000 ____D () C:\Users\Nicolas\Desktop\Sport
2014-12-28 16:03 - 2014-12-28 16:10 - 00000273 _____ () C:\WINDOWS\setupact.log
2014-12-28 16:03 - 2014-12-28 16:03 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-12-28 16:02 - 2015-01-03 21:32 - 00000047 _____ () C:\Users\Nicolas\jagex_cl_runescape_LIVE1.dat
2014-12-28 16:02 - 2014-12-28 16:02 - 00000000 ____D () C:\Users\Nicolas\jagexcache1
2014-12-27 17:48 - 2015-01-05 19:45 - 00793645 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-27 14:35 - 2014-11-17 21:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-12-27 14:35 - 2014-11-17 21:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-12-27 14:35 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2014-12-27 14:35 - 2014-11-14 07:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-12-27 14:35 - 2014-11-14 07:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-12-27 14:35 - 2014-11-14 07:46 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-27 14:35 - 2014-11-14 07:39 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-12-27 14:35 - 2014-11-14 05:53 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-22 21:25 - 2014-12-22 21:25 - 00002275 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-22 21:25 - 2014-12-22 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-22 21:24 - 2014-12-22 21:24 - 42184784 _____ (Google Inc.) C:\Users\Nicolas\Downloads\ChromeStandaloneSetup.exe
2014-12-22 21:21 - 2014-12-22 21:21 - 10801480 _____ (VS Revo Group ) C:\Users\Nicolas\Downloads\RevoUninProSetup.exe
2014-12-22 21:21 - 2014-12-22 21:21 - 00000000 ____D () C:\Users\Nicolas\AppData\Local\VS Revo Group
2014-12-22 21:21 - 2014-12-22 21:21 - 00000000 ____D () C:\ProgramData\VS Revo Group
2014-12-22 21:21 - 2014-12-22 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-12-22 21:21 - 2014-12-22 21:21 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-12-22 21:21 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2014-12-22 21:16 - 2014-12-22 21:16 - 01174352 _____ () C:\Users\Nicolas\Downloads\Revo Uninstaller - CHIP-Installer.exe
2014-12-22 21:16 - 2014-12-22 21:16 - 00001288 _____ () C:\Users\Nicolas\Desktop\Revo Uninstaller.lnk
2014-12-22 21:16 - 2014-12-22 21:16 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\Cliqz
2014-12-22 21:16 - 2014-12-22 21:16 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-22 21:16 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2014-12-22 21:16 - 2011-03-25 19:42 - 00338432 _____ () C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2014-12-21 21:19 - 2014-12-21 21:19 - 00000000 ____D () C:\ProgramData\Browser
2014-12-20 20:52 - 2015-01-05 19:14 - 00000023 _____ () C:\Users\Nicolas\jagexappletviewer.preferences
2014-12-20 20:52 - 2014-12-20 20:52 - 00000000 ____D () C:\.jagex_cache_32
2014-12-20 20:51 - 2014-12-20 20:51 - 00002124 _____ () C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2014-12-20 20:51 - 2014-12-20 20:51 - 00002094 _____ () C:\Users\Nicolas\Desktop\RuneScape.lnk
2014-12-20 20:51 - 2014-12-20 20:51 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2014-12-20 20:50 - 2014-12-20 20:50 - 23810048 _____ () C:\Users\Nicolas\Downloads\RuneScape.msi
2014-12-20 18:23 - 2014-12-20 18:23 - 00000000 ____D () C:\Users\Nicolas\AppData\Local\Linkey
2014-12-20 18:22 - 2015-01-05 20:26 - 00000000 ____D () C:\ProgramData\smdmf
2014-12-20 18:22 - 2015-01-05 20:25 - 00000000 ____D () C:\Users\Nicolas\AppData\Local\SafeWeb
2014-12-20 18:22 - 2014-12-20 18:22 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\FirefoxToolbar
2014-12-20 18:22 - 2014-12-20 18:22 - 00000000 ____D () C:\ProgramData\uNKkKtYRZtH
2014-12-20 18:22 - 2014-12-20 18:22 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-12-20 18:21 - 2014-12-20 18:22 - 00000000 ____D () C:\ProgramData\SafeWeb
2014-12-20 18:20 - 2014-12-20 18:20 - 00372600 _____ () C:\Users\Nicolas\Downloads\SoftonicDownloader_for_grand-theft-auto-san-andreas.exe
2014-12-20 18:19 - 2014-12-20 18:19 - 00587528 _____ () C:\Users\Nicolas\Downloads\installer_gta-sanandreas_English.exe
2014-12-20 18:18 - 2014-12-20 18:18 - 00021471 _____ () C:\Users\Nicolas\Downloads\GTAIVSA.com_GTA_IV_San_Andreas_BETA_3_World_Enhancement (1).rar
2014-12-20 18:17 - 2014-12-20 18:17 - 00021471 _____ () C:\Users\Nicolas\Downloads\GTAIVSA.com_GTA_IV_San_Andreas_BETA_3_World_Enhancement.rar
2014-12-16 17:00 - 2014-12-16 17:00 - 00000000 ____D () C:\Users\Nicolas\Downloads\Neuer Ordner (2)
2014-12-16 17:00 - 2014-12-16 17:00 - 00000000 ____D () C:\Users\Nicolas\Downloads\Neuer Ordner
2014-12-15 14:14 - 2014-12-15 14:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-14 21:40 - 2014-12-14 21:41 - 05302296 _____ () C:\Users\Nicolas\Downloads\cfosspeed-v964.exe
2014-12-14 19:09 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-14 19:09 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-10 13:46 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 13:46 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 13:46 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 13:46 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 11:28 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 11:28 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 11:28 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 11:28 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 11:28 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 11:28 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-10 11:27 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 11:27 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 11:27 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 11:27 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 11:27 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 11:27 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 11:27 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 11:27 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 11:27 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 11:27 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 11:27 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 11:27 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 11:27 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 11:27 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 11:27 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 11:27 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 11:27 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 11:27 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 11:27 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 11:27 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 11:27 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 11:27 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 11:27 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 11:27 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 11:27 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 11:27 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 11:27 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 11:27 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 11:27 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 11:27 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 11:27 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 11:27 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 11:27 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 11:27 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 11:27 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 11:27 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 11:27 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 11:27 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 11:27 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-09 13:56 - 2014-12-09 14:00 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-09 13:55 - 2014-12-09 13:55 - 00638376 _____ (Oracle Corporation) C:\Users\Nicolas\Downloads\jre-8u25-windows-i586-iftw.exe
2014-12-08 20:44 - 2014-12-08 20:44 - 01112064 _____ () C:\Users\Nicolas\Downloads\MicrosoftFixit50409.msi
2014-12-07 20:23 - 2014-12-07 20:23 - 00007580 _____ () C:\Users\Nicolas\Downloads\Stoppschild.svg
2014-12-07 18:34 - 2014-12-07 18:34 - 00000000 ____D () C:\WINDOWS\SysWOW64\BestPractices
2014-12-07 18:34 - 2014-12-07 18:34 - 00000000 ____D () C:\WINDOWS\system32\msmq
2014-12-07 18:34 - 2014-12-07 18:34 - 00000000 ____D () C:\WINDOWS\system32\BestPractices
2014-12-07 18:34 - 2014-12-07 18:34 - 00000000 ____D () C:\inetpub

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-05 20:23 - 2013-11-20 18:00 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\ClassicShell
2015-01-05 20:02 - 2014-08-25 14:29 - 00000000 ____D () C:\Users\Nicolas\Desktop\Kroatien - Privlaka 2014
2015-01-05 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-05 19:38 - 2013-06-08 16:36 - 00001150 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001UA.job
2015-01-05 19:38 - 2013-06-08 16:36 - 00001098 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001Core.job
2015-01-05 19:32 - 2013-10-11 19:45 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-05 19:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-01-05 19:26 - 2013-11-30 13:39 - 00000358 _____ () C:\WINDOWS\Tasks\GlaryInitialize 4.job
2015-01-05 19:26 - 2013-09-07 16:44 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-01-05 19:25 - 2014-07-11 17:26 - 00000000 ___DO () C:\Users\Nicolas\OneDrive
2015-01-05 19:25 - 2013-11-30 13:38 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4
2015-01-05 19:25 - 2013-10-11 19:45 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-05 19:25 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-05 19:24 - 2013-08-22 14:25 - 01048576 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-05 19:23 - 2014-07-11 16:48 - 00000000 ____D () C:\Users\Nicolas
2015-01-05 19:23 - 2014-05-08 08:04 - 00000024 _____ () C:\Users\Nicolas\random.dat
2015-01-05 18:23 - 2014-05-08 08:04 - 00000046 _____ () C:\Users\Nicolas\jagex_cl_runescape_LIVE.dat
2015-01-05 15:23 - 2014-08-28 17:08 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{22801DC1-1C3A-49C9-B455-DA095770254F}
2015-01-05 15:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-02 17:36 - 2013-06-08 11:38 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4237666859-1210962419-3479872745-1001
2015-01-01 18:29 - 2013-06-08 16:36 - 00000000 ____D () C:\Users\Nicolas\AppData\Local\Google
2014-12-29 20:02 - 2014-05-08 08:04 - 00000000 ____D () C:\Users\Nicolas\jagexcache
2014-12-29 16:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-29 14:10 - 2014-03-18 11:03 - 01871602 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-29 14:10 - 2014-03-18 10:25 - 00805650 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-29 14:10 - 2014-03-18 10:25 - 00170502 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-28 18:26 - 2014-07-12 11:02 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-12-28 18:23 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-12-28 16:01 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-26 20:52 - 2014-10-24 16:44 - 00000000 ____D () C:\Users\Nicolas\Desktop\Filme
2014-12-22 21:25 - 2013-10-11 19:44 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-21 13:04 - 2013-06-17 15:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-20 17:37 - 2013-06-17 21:03 - 00282104 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-12-20 17:37 - 2013-06-17 20:59 - 00282104 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-12-19 17:52 - 2013-07-02 13:41 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\Skype
2014-12-18 22:28 - 2013-06-17 20:59 - 00282104 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-12-14 21:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-12-13 00:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-13 00:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-13 00:27 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 18:37 - 2013-07-19 17:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-10 18:32 - 2013-06-09 13:40 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 14:31 - 2014-08-24 21:34 - 00000228 _____ () C:\Users\Nicolas\BullseyeCoverageError.txt
2014-12-09 13:57 - 2014-05-08 08:02 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-09 13:57 - 2014-05-08 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-09 13:56 - 2014-01-03 18:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-08 11:46 - 2014-11-25 23:19 - 00000000 ____D () C:\Users\Nicolas\AppData\Roaming\vlc
2014-12-07 18:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-12-07 18:34 - 2013-08-22 10:50 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2014-12-07 18:34 - 2013-08-22 04:29 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqtrig.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\infoadmn.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\infoadmn.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-12-07 18:33 - 2014-07-11 17:25 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-12-07 18:33 - 2014-07-11 17:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\infoctrs.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\infoctrs.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-12-07 18:33 - 2014-07-11 17:25 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-12-07 18:33 - 2013-08-22 12:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2014-12-07 18:33 - 2013-08-22 12:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2014-12-07 18:33 - 2013-08-22 12:44 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2014-12-07 18:33 - 2013-08-22 12:44 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2014-12-07 18:33 - 2013-08-22 12:40 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2014-12-07 18:33 - 2013-08-22 12:35 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2014-12-07 18:33 - 2013-08-22 12:32 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2014-12-07 18:33 - 2013-08-22 12:26 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2014-12-07 18:33 - 2013-08-22 12:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2014-12-07 18:33 - 2013-08-22 12:05 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqmigplugin.dll
2014-12-07 18:33 - 2013-08-22 11:53 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2014-12-07 18:33 - 2013-08-22 11:51 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqtrig.dll
2014-12-07 18:33 - 2013-08-22 11:41 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe
2014-12-07 18:33 - 2013-08-22 11:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqise.dll
2014-12-07 18:33 - 2013-08-22 11:32 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2014-12-07 18:33 - 2013-08-22 11:25 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsec.dll
2014-12-07 18:33 - 2013-08-22 11:23 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2014-12-07 18:33 - 2013-08-22 11:21 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqad.dll
2014-12-07 18:33 - 2013-08-22 11:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2014-12-07 18:33 - 2013-08-22 11:10 - 01408512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2014-12-07 18:33 - 2013-08-22 07:59 - 00009096 _____ () C:\WINDOWS\system32\msmqtrc.mof
2014-12-07 18:33 - 2013-08-22 05:16 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2014-12-07 18:33 - 2013-08-22 05:16 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2014-12-07 18:33 - 2013-08-22 05:16 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2014-12-07 18:33 - 2013-08-22 05:16 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2014-12-07 18:33 - 2013-08-22 05:06 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2014-12-07 18:33 - 2013-08-22 04:54 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2014-12-07 18:33 - 2013-08-22 04:41 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2014-12-07 18:33 - 2013-08-22 04:31 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2014-12-07 18:33 - 2013-08-22 04:19 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqise.dll
2014-12-07 18:33 - 2013-08-22 04:16 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcmiplugin.dll
2014-12-07 18:33 - 2013-08-22 04:09 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsec.dll
2014-12-07 18:33 - 2013-08-22 04:08 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2014-12-07 18:33 - 2013-08-22 04:06 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqad.dll
2014-12-07 18:33 - 2013-08-22 04:05 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2014-12-07 18:33 - 2013-08-22 00:55 - 00009096 _____ () C:\WINDOWS\SysWOW64\msmqtrc.mof

Files to move or delete:
====================
C:\Users\Nicolas\jagex_cl_runescape_LIVE.dat
C:\Users\Nicolas\jagex_cl_runescape_LIVE1.dat
C:\Users\Nicolas\jagex_cl_runescape_LIVE2.dat
C:\Users\Nicolas\jagex_cl_speccollect_LIVE.dat
C:\Users\Nicolas\random.dat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-03 12:54

==================== End Of Log ============================

--- --- ---

additional text:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-01-2015
Ran by Nicolas at 2015-01-05 20:27:17
Running from C:\Users\Nicolas\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

clear.fi SDK - Video 2 (x32 Version: 2.1.2128 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2112 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3015 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3125 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Age of Mythology - The Titans Expansion (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: - )
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
AwesomiumSetup (HKLM-x32\...\{19EF99D1-7EE6-4B5E-ABEE-0B3825F703B0}) (Version: 1.00.0000 - SIX Networks GmbH)
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Play4Free (Nicolas) (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.59.96 - Broadcom Corporation)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CD Bremse 1.49 (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\CD Bremse_is1) (Version: 1.49 - )
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3112 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 27.0.4.0 - COMODO)
Cossacks - Back To War (HKLM-x32\...\Cossacks : Back To War) (Version: - )
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3318_45364 - CyberLink Corp.)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Dethkarz (HKLM-x32\...\Dethkarz) (Version: - )
DIE SIEDLER - Das Erbe der Könige (HKLM-x32\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Pdf Perfect Prereq (HKLM-x32\...\{1fc96138-d342-4c3a-979a-7aa9ae35bf87}) (Version: 1.0.0.0 - Covus Freemium GmbH)
Free Pdf Perfect Prereq (x32 Version: 1.0.0.0 - Covus Freemium GmbH) Hidden
Free YouTube to MP3 Converter version 3.12.27.225 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.27.225 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Freemium Free PDF Perfect (HKLM-x32\...\{88265079-D6F4-4292-86BE-D2053E80BFE4}) (Version: 1.0 - Freemium)
Gameforge Live 2.0.1 "Baby Genius" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.1 - Gameforge)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Glary Utilities 4.0 (HKLM-x32\...\Glary Utilities 4) (Version: 4.0.0.53 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.1.4.2 (HKLM-x32\...\{94E11973-ED58-47A0-907C-ABF6D95C5DD8}) (Version: 4.1.4.2 - The Document Foundation)
Linkey (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\Linkey) (Version: 0.0.0.599 - Aztec Media Inc) <==== ATTENTION
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microprose GP500 (HKLM-x32\...\GP500) (Version: - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\MK LOL) (Version: - )
MKLOL (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\MKLOL) (Version: - )
Moorhuhnjagd (HKLM-x32\...\Moorhuhnjagd) (Version: - )
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9014 - NTI Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3202 - Acer)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 beta r2302 - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Safe Web (HKLM-x32\...\SafeWeb) (Version: 2.7.45 - Acute Angle Solutions Ltd)
Settings Manager (HKLM-x32\...\Settings Manager) (Version: 5.0.0.14733 - Aztec Media Inc) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Unity Web Player (HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
VIS (HKLM-x32\...\VIS) (Version: - ) <==== ATTENTION
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4237666859-1210962419-3479872745-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

15-12-2014 21:52:41 Windows Update
20-12-2014 14:37:21 Windows Update
23-12-2014 22:21:11 Windows Update
28-12-2014 15:59:52 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16EFA966-3ED8-4E5D-8366-7B62881E3336} - System32\Tasks\{84267DC1-6078-44B9-B78C-A459687A9B51} => pcalua.exe -a "C:\Programme\Liquid Entertainment\DER RINGKRIEG™\Rings.exe" -d "C:\Programme\Liquid Entertainment\DER RINGKRIEG™"
Task: {1D7457F3-7D0D-4693-8D03-279BD8D51465} - System32\Tasks\{92D4E00C-69F8-4BDE-BACC-B8C152C5E0C0} => pcalua.exe -a D:\Detinst.exe -d D:\
Task: {214FE432-9C57-4BFE-9B32-9131CA66F82F} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-09-20] (CyberLink)
Task: {3D53337C-0CF2-4126-829C-F24C67E12A09} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-11-19] (Acer Incorporated)
Task: {406176E3-10C1-4126-8842-356212080477} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11] (Google Inc.)
Task: {4379264D-F433-46DD-A857-020CCC076024} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {463742B4-EA0D-4006-83B2-63B2CEE1DE20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-11] (Google Inc.)
Task: {4CC312B7-6E38-48D7-968B-5A32EF6DE919} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {5973892A-E570-48C2-942D-80BCF9A53397} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
Task: {712575FD-3946-48B0-8E42-92720561E276} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {7EF63D65-0BC1-41D4-BA3E-CE4A53BAB9E1} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe [2013-11-19] (Glarysoft Ltd)
Task: {8154D370-E893-48DA-8FB4-5F92B9149B8F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001UA => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-08] (Google Inc.)
Task: {81F6BD5F-9D3F-4461-8392-11D8DD1DBCCD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
Task: {9BCA1EB6-5CB7-4148-98C2-A4CAE60847C1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {A65C8F43-EEF1-4484-8064-F0D74CC87F4A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001Core => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-08] (Google Inc.)
Task: {B247FA39-D78E-4C4A-82A2-472A3749D8A5} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)
Task: {DB64B269-2CDE-44B5-BE36-0D25D11BF885} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {E68DE6BF-A61B-40BA-9006-BC6326D1B81D} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\WINDOWS\Tasks\GlaryInitialize 4.job => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001Core.job => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4237666859-1210962419-3479872745-1001UA.job => C:\Users\Nicolas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-12-20 18:22 - 2014-11-26 14:58 - 00669200 _____ () C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll
2013-05-29 13:19 - 2013-05-29 13:19 - 02094216 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
2013-06-17 20:59 - 2014-08-17 15:15 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2013-06-12 17:11 - 2013-10-15 17:25 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2013-10-15 17:26 - 2014-12-10 11:38 - 02465272 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe
2014-12-18 14:00 - 2014-12-18 14:00 - 04214776 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe
2014-05-13 11:41 - 2014-05-13 11:41 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exe
2014-12-20 18:22 - 2014-11-26 14:58 - 00493584 _____ () C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll
2014-08-06 15:04 - 2014-08-06 15:04 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-05 17:56 - 2015-01-05 17:56 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010500\algo.dll
2015-01-05 19:26 - 2015-01-05 19:26 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\15010501\algo.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 01:38 - 2012-11-03 01:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 01:37 - 2012-11-03 01:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2013-11-19 04:56 - 2013-11-19 04:56 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 4\zlib1.dll
2014-08-06 15:04 - 2014-08-06 15:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-26 12:36 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-22 21:25 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-22 21:25 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-18 14:00 - 2014-12-18 14:00 - 01628152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\RiotLauncher.dll
2014-05-13 11:30 - 2013-10-15 17:50 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-05-13 11:30 - 2013-10-15 17:50 - 16032616 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2014-12-22 21:25 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-22 21:25 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-22 21:25 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Nicolas\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "Driver Mender"
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "KSS"
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "MKLOL"
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4237666859-1210962419-3479872745-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

========================= Accounts: ==========================

Administrator (S-1-5-21-4237666859-1210962419-3479872745-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-4237666859-1210962419-3479872745-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4237666859-1210962419-3479872745-1003 - Limited - Enabled)
Nicolas (S-1-5-21-4237666859-1210962419-3479872745-1001 - Administrator - Enabled) => C:\Users\Nicolas

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2015 07:55:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 140

Startzeit: 01d0291873468807

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 66ba2e6b-950c-11e4-bee5-20898483a972

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/05/2015 07:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17a0

Startzeit: 01d02916ffc6e23b

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: f3501b2a-950a-11e4-bee5-20898483a972

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (01/05/2015 07:30:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1048

Startzeit: 01d0291503b05cb4

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: f7783a26-9508-11e4-bee5-20898483a972

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/05/2015 07:19:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17b0

Startzeit: 01d029137142e9a9

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 66f05bdd-9507-11e4-bee4-20898483a972

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

System errors:
=============
Error: (01/05/2015 07:23:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062

Error: (01/05/2015 07:23:29 PM) (Source: DCOM) (EventID: 10010) (User: NICOLAS-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (01/05/2015 07:23:27 PM) (Source: DCOM) (EventID: 10010) (User: NICOLAS-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (01/05/2015 05:54:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎01.‎2015 um 17:43:36 unerwartet heruntergefahren.

Error: (01/05/2015 04:50:15 PM) (Source: DCOM) (EventID: 10010) (User: NICOLAS-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (01/05/2015 01:41:58 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (01/05/2015 01:41:58 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (01/05/2015 01:33:56 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (01/04/2015 03:43:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎01.‎2015 um 14:51:43 unerwartet heruntergefahren.

Error: (01/04/2015 01:06:10 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎01.‎2015 um 13:03:37 unerwartet heruntergefahren.

Microsoft Office Sessions:
=========================
Error: (01/05/2015 07:55:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2068914001d02918734688074294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe66ba2e6b-950c-11e4-bee5-20898483a972microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/05/2015 07:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2068917a001d02916ffc6e23b4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exef3501b2a-950a-11e4-bee5-20898483a972microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_for_grand-theft-auto-iv.exe

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_for_grand-theft-auto-san-andreas.exe

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_fuer_battlefield-2.exe

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_fuer_gta-iv-san-andreas(1).exe

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_fuer_gta-iv-san-andreas.exe

Error: (01/05/2015 07:44:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Nicolas\Downloads\SoftonicDownloader_fuer_slender.exe

Error: (01/05/2015 07:30:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689104801d0291503b05cb44294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exef7783a26-9508-11e4-bee5-20898483a972microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/05/2015 07:19:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2068917b001d029137142e9a94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe66f05bdd-9507-11e4-bee4-20898483a972microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

CodeIntegrity Errors:
===================================
Date: 2015-01-05 19:24:54.880
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

Date: 2015-01-05 19:24:54.708
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

Date: 2015-01-05 17:54:18.873
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

Date: 2015-01-05 17:54:18.716
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

Date: 2015-01-04 15:43:58.114
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

Date: 2015-01-04 15:43:57.942
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

Date: 2015-01-04 13:06:09.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

Date: 2015-01-04 13:06:08.989
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

Date: 2015-01-04 01:00:52.520
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

Date: 2015-01-04 01:00:52.364
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 3911.27 MB
Available physical RAM: 1751.91 MB
Total Pagefile: 7731.27 MB
Available Pagefile: 5215.02 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:678.75 GB) (Free:512.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 6815AAA5)

Partition: GPT Partition Type.

schrauber · 06.01.2015, 00:48

hi,

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Avast-Virusmeldung ja oder nein ?

Plagegeister aller Art und deren Bekämpfung: Avast-Virusmeldung ja oder nein ?