| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Ordner Spacekace in Laufwerk C. Gefährlich?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
06.09.2014, 16:37
| #1 |
 |  Ordner Spacekace in Laufwerk C. Gefährlich? Hallo, ich habe eben bemerkt, dass ich auf dem Laufwerk C einen Ordner mit der Bezeichnung Spacekace habe. Dieser ist mir neu. In dem Ordner befindet sich nur die Datei "deliverysystem-log.log". Eine Suche mit Google hat mir Angst vor einer Infektion mit einem Rootkit gemacht. Hier die Malwarebyte (findet nichts) und FRST Logs... Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 06.09.2014 Suchlauf-Zeit: 15:14:09 Logdatei: das.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.09.06.02 Rootkit Datenbank: v2014.08.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: xxx Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 327828 Verstrichene Zeit: 9 Min, 25 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-09-2014
Ran by Nico (administrator) on NICO-PC on 06-09-2014 15:36:47
Running from C:\Users\Nico\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Nico\AppData\Local\Akamai\netsession_win.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Akamai Technologies, Inc.) C:\Users\Nico\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4944\Battle.net.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-26] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2048815063-3532768989-2356643285-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Nico\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2048815063-3532768989-2356643285-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {74F9432C-AA05-4FB6-867D-BD2D30880251} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {74F9432C-AA05-4FB6-867D-BD2D30880251} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: Default -> 309322B7DACB4EEE2B3EF58AC6A1A5B8000C7767C0F3BDC348956BB7A8F1AF8B
CHR DefaultSearchKeyword: Default -> DDF7DD28148308F6FA6A9F16A9758D4081E7A354CD81BFA25229213B1BD82B56
CHR DefaultSearchProvider: Default -> B05EB190E7A662CFD2ECAECAC3862C75BA718B005A769F04C97091678E147B07
CHR DefaultSearchURL: Default -> 06AD2463E0DC38E71606B1210B4B3A51A9FD521ADE7DF14ECCA9C6312A612358
CHR Profile: C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-11]
CHR Extension: (Google Drive) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-11]
CHR Extension: (Adblock Plus) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-11]
CHR Extension: (Google-Suche) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-11]
CHR Extension: (Google Wallet) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11]
CHR Extension: (Google Mail) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-09-05] (BitRaider, LLC)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-10] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-12] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-07-26] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-06-10] (Apple, Inc.) [File not signed]
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-06 15:37 - 2014-09-06 15:37 - 00380416 _____ () C:\Users\Nico\Downloads\j4f4yrz3.exe
2014-09-06 15:36 - 2014-09-06 15:37 - 00015374 _____ () C:\Users\Nico\Downloads\FRST.txt
2014-09-06 15:36 - 2014-09-06 15:36 - 02104832 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2014-09-06 15:36 - 2014-09-06 15:36 - 00000000 ____D () C:\FRST
2014-09-06 15:34 - 2014-09-06 15:34 - 01096704 _____ (Farbar) C:\Users\Nico\Downloads\FRST.exe
2014-09-06 15:30 - 2014-09-06 15:30 - 00001154 _____ () C:\Users\Nico\Desktop\das.txt
2014-09-05 18:45 - 2014-09-05 18:45 - 00000934 _____ () C:\Users\Nico\Desktop\Sweet Home 3D.lnk
2014-09-05 18:45 - 2014-09-05 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2014-09-05 18:45 - 2014-09-05 18:45 - 00000000 ____D () C:\Program Files\Sweet Home 3D
2014-09-05 18:43 - 2014-09-05 18:43 - 41573088 _____ (eTeks ) C:\Users\Nico\Downloads\SweetHome3D-4.4-windows-oc.exe
2014-09-05 12:56 - 2014-09-05 12:56 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-09-05 12:56 - 2014-09-05 12:56 - 00000000 ____D () C:\ProgramData\BitRaider
2014-09-05 12:55 - 2014-09-05 12:55 - 00001439 _____ () C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2014-09-05 12:55 - 2014-09-05 12:55 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-09-05 12:54 - 2014-09-05 12:55 - 00014271 _____ () C:\Users\Nico\Documents\Install STAR WARS The Old Republic.log
2014-09-05 12:53 - 2014-09-05 12:54 - 29720272 _____ () C:\Users\Nico\Downloads\SWTOR_setup.exe
2014-09-03 23:49 - 2014-09-03 23:50 - 00001103 _____ () C:\Users\Public\Desktop\Diablo II.lnk
2014-09-03 23:49 - 2014-09-03 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2014-09-03 23:49 - 2014-09-03 23:50 - 00000000 ____D () C:\Program Files (x86)\Diablo II
2014-09-03 23:15 - 2014-09-03 23:15 - 02679048 _____ (Blizzard Entertainment) C:\Users\Nico\Downloads\Downloader_Diablo2_Lord_of_Destruction_deDE.exe
2014-09-03 23:14 - 2014-09-03 23:14 - 02766595 _____ (Blizzard Entertainment) C:\Users\Nico\Downloads\Downloader_Diablo2_deDE.exe
2014-09-03 14:02 - 2014-09-03 14:02 - 00004146 _____ () C:\Windows\System32\Tasks\Definitionsupdate Microsoft Security Essentials
2014-09-03 13:47 - 2014-09-03 13:47 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-03 13:47 - 2014-09-03 13:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-03 13:47 - 2014-09-03 13:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-02 17:06 - 2014-09-02 17:06 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Guild Wars 2
2014-09-02 11:43 - 2014-09-02 11:43 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-09-02 11:43 - 2014-09-02 11:43 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-02 11:16 - 2014-09-02 11:15 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-02 11:15 - 2014-09-02 11:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-02 11:15 - 2014-09-02 11:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-02 11:15 - 2014-09-02 11:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-02 11:15 - 2014-09-02 11:15 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-02 11:08 - 2014-09-02 11:08 - 00000000 ____D () C:\Users\Nico\Documents\Diablo III
2014-09-01 22:25 - 2014-09-01 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-09-01 22:23 - 2014-09-02 11:07 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-09-01 22:11 - 2014-09-01 22:11 - 00001122 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-09-01 22:11 - 2014-09-01 22:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-09-01 22:11 - 2014-09-01 22:11 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-09-01 21:21 - 2014-09-03 13:35 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Panda Security
2014-09-01 21:20 - 2014-09-03 13:40 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-01 21:19 - 2014-09-03 13:35 - 00000000 ____D () C:\ProgramData\Panda Security
2014-08-31 03:48 - 2014-08-31 03:48 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-08-31 02:43 - 2014-08-31 02:50 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Curse Client
2014-08-31 02:43 - 2014-08-31 02:43 - 00001028 _____ () C:\Users\Nico\Desktop\Curse.lnk
2014-08-31 02:43 - 2014-08-31 02:43 - 00001014 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-08-30 12:13 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-30 12:04 - 2014-09-02 11:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-30 12:04 - 2014-08-30 12:04 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-30 12:03 - 2014-08-30 12:03 - 00000000 ____D () C:\Program Files\Java
2014-08-30 11:57 - 2014-08-30 11:57 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-30 11:57 - 2014-08-30 11:57 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-30 11:57 - 2014-08-30 11:57 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-30 11:46 - 2014-08-30 11:47 - 01364531 _____ () C:\Users\Nico\Desktop\adwcleaner_3.308.exe
2014-08-30 11:36 - 2014-08-30 11:36 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-08-30 10:37 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-30 10:37 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-30 10:37 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-17 14:39 - 2014-08-17 15:42 - 00000000 ____D () C:\Users\Nico\AppData\Local\Microsoft Game Studios
2014-08-17 14:38 - 2014-08-17 15:43 - 00000000 ____D () C:\ProgramData\Microsoft Games
2014-08-17 14:37 - 2014-08-17 15:43 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft Game Studios
2014-08-17 13:35 - 2014-08-17 13:44 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Apple Computer
2014-08-17 13:35 - 2014-08-17 13:35 - 00000000 ____D () C:\Users\Nico\AppData\Local\Apple Computer
2014-08-17 13:34 - 2014-08-30 11:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-17 13:34 - 2014-08-17 13:34 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-08-17 13:33 - 2014-08-17 13:33 - 00000000 ____D () C:\Users\Nico\AppData\Local\Apple
2014-08-17 13:32 - 2014-08-30 11:30 - 00000000 ____D () C:\ProgramData\Apple
2014-08-14 20:19 - 2014-08-30 10:30 - 00000000 ____D () C:\Users\Nico\AppData\Local\FreePDF_XP
2014-08-14 20:17 - 2014-08-18 12:09 - 00000000 ____D () C:\Users\Nico\Desktop\BA
2014-08-14 20:10 - 2014-08-14 20:10 - 00000000 ____D () C:\Users\Nico\AppData\Local\PDF24
2014-08-14 11:47 - 2014-08-14 11:47 - 00000000 ____D () C:\Users\Nico\AppData\Local\Secunia PSI
2014-08-14 11:42 - 2014-08-14 11:42 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-08-13 15:54 - 2014-08-13 15:54 - 00000000 ____D () C:\Users\Nico\Documents\Benutzerdefinierte Office-Vorlagen
2014-08-13 15:07 - 2014-08-18 21:03 - 00005128 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Nico-PC-Nico Nico-PC
2014-08-13 15:01 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 15:01 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 15:01 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 15:01 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 15:01 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 15:01 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 15:01 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 15:01 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 13:16 - 2014-08-13 13:16 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-13 13:07 - 2014-08-30 11:37 - 00000000 ____D () C:\ProgramData\FreePDF
2014-08-13 13:07 - 2014-08-30 11:37 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-08-13 13:06 - 2014-08-13 13:06 - 00000000 ____D () C:\Program Files\gs
2014-08-13 13:00 - 2014-08-13 13:00 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-08-13 12:57 - 2014-08-13 13:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-13 12:55 - 2014-08-30 10:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-13 12:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 12:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 12:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 12:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 12:46 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 12:46 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 12:46 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 12:46 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 12:46 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 12:46 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 12:46 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 12:46 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 12:45 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 12:45 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 12:45 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 12:45 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 12:45 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 12:45 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 12:45 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 12:45 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 12:45 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 12:45 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 12:45 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 12:45 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 12:45 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 12:45 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 12:45 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 12:45 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 12:45 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 12:45 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 12:45 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 12:45 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 12:45 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 12:45 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 12:45 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 12:45 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 12:45 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 12:45 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 12:45 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 12:45 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 12:45 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 12:45 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 12:45 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 12:45 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 12:45 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 12:45 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 12:45 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 12:45 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 12:45 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 12:45 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 12:45 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 12:45 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 12:45 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 12:45 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 12:45 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 12:45 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 12:45 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 12:45 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 12:45 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 12:45 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 12:45 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 12:45 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 12:45 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 12:45 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 12:45 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 12:45 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 12:45 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 12:45 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 12:45 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 12:45 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 12:45 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 12:45 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 12:45 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 12:45 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 12:45 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 12:45 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 12:45 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 12:45 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 12:45 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 12:45 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 12:44 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 12:44 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 12:44 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 12:44 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 14:30 - 2014-08-12 14:30 - 00000000 ____D () C:\Users\Nico\AppData\Local\The Lord of the Rings Online
2014-08-11 22:33 - 2014-08-12 13:28 - 00000000 ____D () C:\Users\Nico\AppData\Local\Turbine
2014-08-11 22:31 - 2014-08-11 22:31 - 00000000 ____D () C:\Program Files (x86)\Turbine
2014-08-11 20:05 - 2014-08-11 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-11 20:04 - 2014-09-06 15:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-11 20:04 - 2014-09-06 10:22 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-11 20:04 - 2014-08-30 11:38 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-11 20:04 - 2014-08-18 19:42 - 00000000 ____D () C:\Users\Nico\AppData\Local\Google
2014-08-11 20:04 - 2014-08-11 20:04 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-11 20:04 - 2014-08-11 20:04 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-10 22:48 - 2014-08-10 22:48 - 00000000 ____D () C:\Program Files (x86)\Flixster
2014-08-10 22:39 - 2014-08-12 14:29 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\dvdcss
2014-08-10 18:06 - 2014-08-10 22:44 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-08 17:06 - 2014-08-09 18:06 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Origin
2014-08-08 17:04 - 2014-08-10 20:11 - 00000000 ____D () C:\ProgramData\Origin
2014-08-08 13:28 - 2014-08-08 13:28 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\NVIDIA
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-06 15:37 - 2014-09-06 15:37 - 00380416 _____ () C:\Users\Nico\Downloads\j4f4yrz3.exe
2014-09-06 15:37 - 2014-09-06 15:36 - 00015374 _____ () C:\Users\Nico\Downloads\FRST.txt
2014-09-06 15:37 - 2014-04-10 21:00 - 00000000 ____D () C:\Users\Nico\AppData\Local\Battle.net
2014-09-06 15:36 - 2014-09-06 15:36 - 02104832 _____ (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2014-09-06 15:36 - 2014-09-06 15:36 - 00000000 ____D () C:\FRST
2014-09-06 15:34 - 2014-09-06 15:34 - 01096704 _____ (Farbar) C:\Users\Nico\Downloads\FRST.exe
2014-09-06 15:30 - 2014-09-06 15:30 - 00001154 _____ () C:\Users\Nico\Desktop\das.txt
2014-09-06 15:14 - 2014-06-16 16:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-06 15:13 - 2014-04-10 20:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-06 15:09 - 2014-08-11 20:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-06 15:01 - 2014-04-09 03:05 - 01291747 ____N () C:\Windows\WindowsUpdate.log
2014-09-06 11:05 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-06 11:05 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-06 10:22 - 2014-08-11 20:04 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-06 10:22 - 2014-04-21 17:31 - 00000434 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-06 10:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-05 18:45 - 2014-09-05 18:45 - 00000934 _____ () C:\Users\Nico\Desktop\Sweet Home 3D.lnk
2014-09-05 18:45 - 2014-09-05 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2014-09-05 18:45 - 2014-09-05 18:45 - 00000000 ____D () C:\Program Files\Sweet Home 3D
2014-09-05 18:43 - 2014-09-05 18:43 - 41573088 _____ (eTeks ) C:\Users\Nico\Downloads\SweetHome3D-4.4-windows-oc.exe
2014-09-05 12:56 - 2014-09-05 12:56 - 00000000 ____D () C:\Users\Public\Documents\BitRaider
2014-09-05 12:56 - 2014-09-05 12:56 - 00000000 ____D () C:\ProgramData\BitRaider
2014-09-05 12:55 - 2014-09-05 12:55 - 00001439 _____ () C:\Users\Public\Desktop\Star Wars - The Old Republic.lnk
2014-09-05 12:55 - 2014-09-05 12:55 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-09-05 12:55 - 2014-09-05 12:54 - 00014271 _____ () C:\Users\Nico\Documents\Install STAR WARS The Old Republic.log
2014-09-05 12:55 - 2014-07-13 15:38 - 00000000 _____ () C:\end
2014-09-05 12:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-05 12:54 - 2014-09-05 12:53 - 29720272 _____ () C:\Users\Nico\Downloads\SWTOR_setup.exe
2014-09-05 10:22 - 2014-07-22 18:27 - 00253440 ___SH () C:\Users\Nico\Desktop\Thumbs.db
2014-09-04 10:58 - 2009-07-14 06:45 - 05069424 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-03 23:50 - 2014-09-03 23:49 - 00001103 _____ () C:\Users\Public\Desktop\Diablo II.lnk
2014-09-03 23:50 - 2014-09-03 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
2014-09-03 23:50 - 2014-09-03 23:49 - 00000000 ____D () C:\Program Files (x86)\Diablo II
2014-09-03 23:50 - 2014-06-24 22:11 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-03 23:15 - 2014-09-03 23:15 - 02679048 _____ (Blizzard Entertainment) C:\Users\Nico\Downloads\Downloader_Diablo2_Lord_of_Destruction_deDE.exe
2014-09-03 23:14 - 2014-09-03 23:14 - 02766595 _____ (Blizzard Entertainment) C:\Users\Nico\Downloads\Downloader_Diablo2_deDE.exe
2014-09-03 23:14 - 2014-04-09 07:07 - 00000000 ____D () C:\Users\Nico
2014-09-03 15:14 - 2014-04-09 19:49 - 00000000 ____D () C:\Users\Nico\AppData\Local\PMB Files
2014-09-03 14:44 - 2014-04-09 19:49 - 00000000 ____D () C:\ProgramData\PMB Files
2014-09-03 14:02 - 2014-09-03 14:02 - 00004146 _____ () C:\Windows\System32\Tasks\Definitionsupdate Microsoft Security Essentials
2014-09-03 13:47 - 2014-09-03 13:47 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-03 13:47 - 2014-09-03 13:47 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-03 13:47 - 2014-09-03 13:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-03 13:47 - 2014-06-24 17:28 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-03 13:47 - 2014-04-09 14:40 - 00139816 _____ () C:\Users\Nico\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-03 13:46 - 2014-06-09 17:20 - 00000000 ____D () C:\Users\Nico\Documents\CCleaner
2014-09-03 13:45 - 2014-04-11 13:18 - 00000000 ____D () C:\Windows\Minidump
2014-09-03 13:40 - 2014-09-01 21:20 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-09-03 13:35 - 2014-09-01 21:21 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Panda Security
2014-09-03 13:35 - 2014-09-01 21:19 - 00000000 ____D () C:\ProgramData\Panda Security
2014-09-02 17:06 - 2014-09-02 17:06 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Guild Wars 2
2014-09-02 11:43 - 2014-09-02 11:43 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-09-02 11:43 - 2014-09-02 11:43 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-02 11:16 - 2014-04-09 17:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-02 11:15 - 2014-09-02 11:16 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-02 11:15 - 2014-09-02 11:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-02 11:15 - 2014-09-02 11:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-02 11:15 - 2014-09-02 11:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-02 11:15 - 2014-09-02 11:15 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-02 11:15 - 2014-08-30 12:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-02 11:08 - 2014-09-02 11:08 - 00000000 ____D () C:\Users\Nico\Documents\Diablo III
2014-09-02 11:07 - 2014-09-01 22:23 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-09-01 22:25 - 2014-09-01 22:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-09-01 22:11 - 2014-09-01 22:11 - 00001122 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-09-01 22:11 - 2014-09-01 22:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-09-01 22:11 - 2014-09-01 22:11 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-31 03:50 - 2014-07-12 20:01 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\AVAST Software
2014-08-31 03:50 - 2014-07-12 19:53 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-31 03:50 - 2014-07-12 19:53 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-31 03:48 - 2014-08-31 03:48 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-08-31 02:50 - 2014-08-31 02:43 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Curse Client
2014-08-31 02:43 - 2014-08-31 02:43 - 00001028 _____ () C:\Users\Nico\Desktop\Curse.lnk
2014-08-31 02:43 - 2014-08-31 02:43 - 00001014 _____ () C:\Users\Nico\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse.lnk
2014-08-30 12:13 - 2014-06-26 17:18 - 00000000 ____D () C:\AdwCleaner
2014-08-30 12:04 - 2014-08-30 12:04 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-30 12:03 - 2014-08-30 12:03 - 00000000 ____D () C:\Program Files\Java
2014-08-30 11:57 - 2014-08-30 11:57 - 00002770 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-30 11:57 - 2014-08-30 11:57 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-30 11:57 - 2014-08-30 11:57 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-30 11:47 - 2014-08-30 11:46 - 01364531 _____ () C:\Users\Nico\Desktop\adwcleaner_3.308.exe
2014-08-30 11:45 - 2014-04-10 21:03 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-08-30 11:44 - 2014-04-24 19:52 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-08-30 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-30 11:40 - 2014-08-17 13:34 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-30 11:38 - 2014-08-11 20:04 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-30 11:37 - 2014-08-13 13:07 - 00000000 ____D () C:\ProgramData\FreePDF
2014-08-30 11:37 - 2014-08-13 13:07 - 00000000 ____D () C:\Program Files (x86)\FreePDF_XP
2014-08-30 11:37 - 2014-04-25 17:57 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\DVDVideoSoft
2014-08-30 11:36 - 2014-08-30 11:36 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-08-30 11:35 - 2014-07-13 13:36 - 00000000 ____D () C:\Users\Nico\AppData\Local\Deployment
2014-08-30 11:30 - 2014-08-17 13:32 - 00000000 ____D () C:\ProgramData\Apple
2014-08-30 11:20 - 2011-03-20 11:08 - 00698980 _____ () C:\Windows\system32\perfh007.dat
2014-08-30 11:20 - 2011-03-20 11:08 - 00149088 _____ () C:\Windows\system32\perfc007.dat
2014-08-30 11:20 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-30 11:19 - 2014-04-10 18:15 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-30 11:19 - 2014-04-09 16:45 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Adobe
2014-08-30 11:18 - 2014-04-10 18:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-30 11:17 - 2014-06-24 16:56 - 00000000 ____D () C:\Users\Nico\AppData\Local\Adobe
2014-08-30 11:16 - 2014-04-09 17:49 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-30 10:40 - 2014-08-13 12:55 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-30 10:30 - 2014-08-14 20:19 - 00000000 ____D () C:\Users\Nico\AppData\Local\FreePDF_XP
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 04:07 - 2014-08-30 10:37 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-30 10:37 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-30 10:37 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-18 21:03 - 2014-08-13 15:07 - 00005128 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Nico-PC-Nico Nico-PC
2014-08-18 20:51 - 2014-07-12 19:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-18 19:42 - 2014-08-11 20:04 - 00000000 ____D () C:\Users\Nico\AppData\Local\Google
2014-08-18 12:09 - 2014-08-14 20:17 - 00000000 ____D () C:\Users\Nico\Desktop\BA
2014-08-17 15:43 - 2014-08-17 14:38 - 00000000 ____D () C:\ProgramData\Microsoft Games
2014-08-17 15:43 - 2014-08-17 14:37 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Microsoft Game Studios
2014-08-17 15:42 - 2014-08-17 14:39 - 00000000 ____D () C:\Users\Nico\AppData\Local\Microsoft Game Studios
2014-08-17 13:44 - 2014-08-17 13:35 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Apple Computer
2014-08-17 13:35 - 2014-08-17 13:35 - 00000000 ____D () C:\Users\Nico\AppData\Local\Apple Computer
2014-08-17 13:34 - 2014-08-17 13:34 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-08-17 13:33 - 2014-08-17 13:33 - 00000000 ____D () C:\Users\Nico\AppData\Local\Apple
2014-08-14 20:10 - 2014-08-14 20:10 - 00000000 ____D () C:\Users\Nico\AppData\Local\PDF24
2014-08-14 12:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 11:47 - 2014-08-14 11:47 - 00000000 ____D () C:\Users\Nico\AppData\Local\Secunia PSI
2014-08-14 11:42 - 2014-08-14 11:42 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-08-14 11:41 - 2014-07-26 15:29 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Nico)
2014-08-13 19:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 17:43 - 2014-06-15 22:52 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\vlc
2014-08-13 15:54 - 2014-08-13 15:54 - 00000000 ____D () C:\Users\Nico\Documents\Benutzerdefinierte Office-Vorlagen
2014-08-13 15:10 - 2014-04-09 12:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 15:06 - 2014-04-09 12:46 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 15:00 - 2014-04-30 09:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 13:16 - 2014-08-13 13:16 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-13 13:06 - 2014-08-13 13:06 - 00000000 ____D () C:\Program Files\gs
2014-08-13 13:01 - 2014-08-13 12:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-13 13:00 - 2014-08-13 13:00 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-08-13 13:00 - 2014-06-05 13:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-13 12:57 - 2014-04-09 07:07 - 00000000 ____D () C:\Users\Nico\AppData\Local\VirtualStore
2014-08-13 12:52 - 2014-06-05 13:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 12:51 - 2010-11-21 09:16 - 00000000 ____D () C:\Windows\ShellNew
2014-08-12 14:40 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-12 14:30 - 2014-08-12 14:30 - 00000000 ____D () C:\Users\Nico\AppData\Local\The Lord of the Rings Online
2014-08-12 14:29 - 2014-08-10 22:39 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\dvdcss
2014-08-12 13:28 - 2014-08-11 22:33 - 00000000 ____D () C:\Users\Nico\AppData\Local\Turbine
2014-08-11 22:31 - 2014-08-11 22:31 - 00000000 ____D () C:\Program Files (x86)\Turbine
2014-08-11 20:05 - 2014-08-11 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-11 20:04 - 2014-08-11 20:04 - 00004102 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-11 20:04 - 2014-08-11 20:04 - 00003850 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-10 22:48 - 2014-08-10 22:48 - 00000000 ____D () C:\Program Files (x86)\Flixster
2014-08-10 22:48 - 2014-04-10 18:15 - 00000883 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flixster.lnk
2014-08-10 22:48 - 2014-04-10 18:15 - 00000871 _____ () C:\Users\Public\Desktop\Flixster.lnk
2014-08-10 22:44 - 2014-08-10 18:06 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-10 20:11 - 2014-08-08 17:04 - 00000000 ____D () C:\ProgramData\Origin
2014-08-10 20:00 - 2014-06-11 12:33 - 00000000 ____D () C:\Users\Nico\AppData\Local\PunkBuster
2014-08-10 20:00 - 2014-06-10 18:52 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-10 18:06 - 2014-06-10 18:52 - 00281872 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-10 18:06 - 2014-06-10 18:52 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-09 18:06 - 2014-08-08 17:06 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\Origin
2014-08-08 13:28 - 2014-08-08 13:28 - 00000000 ____D () C:\Users\Nico\AppData\Roaming\NVIDIA
2014-08-07 04:06 - 2014-08-13 12:44 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 12:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-06 10:39
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-09-2014
Ran by Nico at 2014-09-06 15:37:30
Running from C:\Users\Nico\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
ArcGIS 10.2.2 for Desktop (HKLM-x32\...\ArcGIS 10.2.2 for Desktop) (Version: 10.2.3552 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.2.2 for Desktop (x32 Version: 10.2.3552 - Environmental Systems Research Institute, Inc.) Hidden
BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
Desktop Restore (HKLM\...\{15D07D6F-E4CC-41D9-88A3-94115E5E5A10}) (Version: 1.6.3 - JOConnell)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.0 - SAMSUNG)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Flixster (HKLM-x32\...\com.wb.DC2) (Version: 2.2.3 - Warner Bros. Entertainment, Inc.)
Flixster (x32 Version: 2.2.3 - Warner Bros. Entertainment, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (FRA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (ITA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.9 - Samsung)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.50 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Sweet Home 3D version 4.4 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
06-09-2014 08:32:03 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-06-16 21:40 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {11B6C961-646C-4299-A8E8-4D74A09F81CE} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {15FEFD6F-F3C6-4321-AC6C-3C5F0B4ECB40} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)
Task: {19AA24C7-EC7F-48DC-A4D3-A6DF22B2EBB3} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)
Task: {1CC4B017-9C5D-4093-A7F4-AC9BB2F06D01} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {4D8C196A-841F-440D-9F8D-C90BA6D1E4B9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {5BDF5EE3-83B0-4DF2-88BC-8016796DA31B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11] (Google Inc.)
Task: {6D558D4F-D6C4-41AE-8DC6-29C8182D38E8} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2011-01-12] (Samsung Electronics)
Task: {8B616943-0705-4797-8069-F060BAE38A6C} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)
Task: {8D0ED9DD-EE46-4530-B95B-639666D07700} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {95981088-BD5D-4688-80C8-27EF913898F0} - System32\Tasks\Definitionsupdate Microsoft Security Essentials => C:\Program Files\Microsoft Security Client\MpCmdRun.exe [2014-03-11] (Microsoft Corporation)
Task: {A5BCB12D-903D-4DAB-A912-3F196B2BE7E6} - System32\Tasks\Driver Booster SkipUAC (Nico) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {A9987F19-648B-49BD-801B-C784996E8D2F} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Nico-PC-Nico Nico-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-08-13] (Microsoft Corporation)
Task: {AC0FA78E-5944-4B90-BAA8-7D9A7BA07548} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {DAA03928-2A88-4516-97C5-37C178E4F1D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-11] (Google Inc.)
Task: {F32A8609-7E6D-46FA-AA59-35AB909920A5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-08-04 17:08 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-13 12:55 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-06-10 18:52 - 2014-08-10 18:06 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-09 11:36 - 2014-04-09 11:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-04 16:59 - 2014-07-02 22:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-09 11:47 - 2010-07-05 19:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2014-09-01 22:11 - 2014-09-01 22:11 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4944\libcef.dll
2014-09-01 22:11 - 2014-09-01 22:11 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4944\libglesv2.dll
2014-09-01 22:11 - 2014-09-01 22:11 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4944\libegl.dll
2014-09-03 16:15 - 2014-08-30 04:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-03 16:15 - 2014-08-30 04:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-03 16:15 - 2014-08-30 04:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-03 16:15 - 2014-08-30 04:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-03 16:15 - 2014-08-30 04:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/06/2014 10:41:30 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/06/2014 10:22:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/05/2014 10:42:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/05/2014 10:19:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 10:55:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 00:39:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/03/2014 01:42:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/03/2014 10:17:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/02/2014 01:46:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/02/2014 11:37:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/05/2014 05:18:06 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/05/2014 01:12:20 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISTINE-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3CB4B361-5AA5-40C3-8E41-B785CF389BDC}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/05/2014 00:56:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "BitRaider Mini-Support Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (09/05/2014 10:29:02 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.183.1615.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.5.0216.00
Quellpfad: 4.5.0216.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (09/05/2014 10:19:05 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.183.1615.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.5.0216.00
Quellpfad: 4.5.0216.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (09/04/2014 01:45:56 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (09/04/2014 11:48:59 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (09/04/2014 11:00:14 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.183.1505.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.5.0216.00
Quellpfad: 4.5.0216.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (09/04/2014 10:58:54 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.183.1505.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.5.0216.00
Quellpfad: 4.5.0216.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (09/03/2014 06:57:12 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Microsoft Office Sessions:
=========================
Error: (09/06/2014 10:41:30 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (09/06/2014 10:22:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/05/2014 10:42:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (09/05/2014 10:19:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 10:55:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 00:39:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (09/03/2014 01:42:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/03/2014 10:17:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/02/2014 01:46:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe
Error: (09/02/2014 11:37:17 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-06-23 17:39:58.290
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-23 17:39:58.288
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-23 17:39:58.286
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-23 17:39:58.276
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-23 17:39:58.274
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-23 17:39:58.272
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-18 13:51:12.143
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-18 13:51:12.143
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-18 13:51:12.127
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-18 13:51:12.096
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 56%
Total physical RAM: 4008.19 MB
Available physical RAM: 1755.25 MB
Total Pagefile: 8014.56 MB
Available Pagefile: 5573.56 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:573.24 GB) (Free:468.51 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 1F8D46A3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22.8 GB) - (Type=12)
==================== End Of Log ============================
 |
| Themen zu Ordner Spacekace in Laufwerk C. Gefährlich? |
| adobe, adware, akamai, browser, combofix, defender, desktop, downloader, driver booster, fehler, gefährlich?, google, home, homepage, iexplore.exe, kaspersky, laufwerk c, office 365, realtek, registry, rootkit, rundll, scan, schutz, security, services.exe, software, spacekace, svchost.exe, windows |
Baum-Darstellung