Hi,
okay hier also:
FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 04
Ran by Nic (administrator) on NICSLAPTOP on 20-01-2014 22:21:24
Running from C:\Users\Nic\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Akamai Technologies, Inc.) C:\Users\Nic\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Nic\AppData\Local\Akamai\netsession_win.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [11733888 2012-12-03] (Motorola Solutions, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258592 2012-11-27] (CyberLink Corp.)
HKLM-x32\...\Run: [HotkeyApp] - C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] - C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] - C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2012-10-04] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Nic\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin [839560 2013-12-11] (Adobe Systems Incorporated)
MountPoints2: I - "I:\Setup.exe"
HKU\UpdatusUser\...\Run: [AppLauncher] - C:\Program Files (x86)\Medion MediaPack 3\Ashampoo AppLauncher (Medion)\AppLauncher.exe [969656 2012-08-10] (Ashampoo)
HKU\UpdatusUser\...\Run: [Power2GoExpress8] - NA
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-01-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-01-18] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
SearchScopes: HKCU - DefaultScope {A52E9410-439B-4B56-979B-E8DD75BB1959} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - {A52E9410-439B-4B56-979B-E8DD75BB1959} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Nic\AppData\Roaming\Mozilla\Firefox\Profiles\w55zh353.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Play4Free - C:\Users\Nic\AppData\Roaming\Mozilla\Firefox\Profiles\w55zh353.default\Extensions\battlefieldplay4free@ea.com [2013-07-03]
FF Extension: GFACE Experience Plugin - C:\Users\Nic\AppData\Roaming\Mozilla\Firefox\Profiles\w55zh353.default\Extensions\cryenginebrowserplugin@crytek.com [2013-09-26]
FF Extension: WOT - C:\Users\Nic\AppData\Roaming\Mozilla\Firefox\Profiles\w55zh353.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-02-01]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-02-01]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-02-01]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-02-01]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-02-01]
==================== Services (Whitelisted) =================
U2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
U2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
U2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
U2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
U2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
U3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-12-03] ()
U2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
U2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-27] ()
U2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [283032 2014-01-20] ()
U2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
U2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72512 2013-12-09] (IObit)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
U3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
U2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386160 2012-12-03] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
U3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
U3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1342848 2012-12-03] (Motorola Solutions, Inc.)
U1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
U3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
U0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-10] (Kaspersky Lab ZAO)
U0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
U1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2013-10-09] (Kaspersky Lab ZAO)
U1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-12-10] (Kaspersky Lab ZAO)
U3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
U3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-09] (Kaspersky Lab ZAO)
U1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-04-25] (Kaspersky Lab ZAO)
U1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-04-25] (Kaspersky Lab ZAO)
U3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4358776 2012-12-30] (Intel Corporation)
U3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
U3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
U3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
U3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-11-29] (Windows (R) Win 7 DDK provider)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-04-25] (Kaspersky Lab ZAO)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-20 22:21 - 2014-01-20 22:23 - 00019869 _____ C:\Users\Nic\Desktop\FRST.txt
2014-01-20 22:21 - 2014-01-20 22:21 - 00000000 ____D C:\FRST
2014-01-20 22:20 - 2014-01-20 22:20 - 02076672 _____ (Farbar) C:\Users\Nic\Desktop\FRST64.exe
2014-01-20 18:33 - 2014-01-20 18:33 - 00000000 ____D C:\Users\Nic\Desktop\ranger
2014-01-19 14:14 - 2014-01-19 14:14 - 00000000 ____D C:\Users\Nic\Desktop\GTA IV SAVES!!!
2014-01-19 14:12 - 2014-01-19 14:13 - 00000000 ____D C:\Users\Nic\Desktop\GV_eflc_tbogt_savedata_db_m26
2014-01-18 00:06 - 2014-01-18 00:06 - 00001283 _____ C:\Users\Nic\Desktop\SteamApps - Verknüpfung.lnk
2014-01-17 23:28 - 2014-01-17 23:28 - 00001874 _____ C:\Users\Nic\Desktop\LaunchGTAIV.exe - Verknüpfung.lnk
2014-01-17 22:23 - 2013-12-07 07:37 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-01-17 22:23 - 2013-12-07 07:37 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-17 22:23 - 2013-12-07 06:15 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-01-17 22:23 - 2013-12-07 06:15 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-17 22:23 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-17 22:23 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-17 22:23 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2014-01-17 22:23 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-17 22:23 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-01-17 22:23 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-01-17 22:23 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2014-01-17 22:23 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-17 22:23 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-17 22:23 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-01-17 22:23 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-01-17 22:19 - 2014-01-17 22:27 - 00000000 ____D C:\Users\Nic\Desktop\LCPDFR Install (ASI Loaders)
2014-01-17 21:21 - 2014-01-18 00:05 - 00000000 ____D C:\Users\Nic\Desktop\vdHmod
2014-01-16 16:44 - 2014-01-16 16:44 - 00000000 ____D C:\Users\Nic\Desktop\schafter
2014-01-16 16:32 - 2014-01-16 16:32 - 00000000 ____D C:\Users\Nic\Desktop\Vapid Cruiser Vector by EKALB
2014-01-16 16:32 - 2014-01-16 16:32 - 00000000 ____D C:\Users\Nic\Desktop\Vapid Cruiser LSPD by EKALB
2014-01-16 16:32 - 2014-01-16 16:32 - 00000000 ____D C:\Users\Nic\Desktop\Bravado Buffalo LSPD by EKALB
2014-01-15 18:44 - 2014-01-15 18:45 - 00000000 ____D C:\Users\Nic\Desktop\speedo
2014-01-15 16:55 - 2014-01-15 16:55 - 00000000 ____D C:\Users\Nic\Desktop\undercover
2014-01-15 16:55 - 2014-01-15 16:55 - 00000000 ____D C:\Users\Nic\Desktop\taxi
2014-01-15 16:54 - 2014-01-15 16:54 - 00000000 ____D C:\Users\Nic\Desktop\buffalo
2014-01-15 16:52 - 2014-01-16 16:20 - 00000000 ____D C:\Users\Nic\Desktop\EFLCMODS
2014-01-15 16:48 - 2014-01-15 16:48 - 00000000 ____D C:\Users\Nic\Desktop\indicator_script_v1
2014-01-11 22:50 - 2014-01-11 22:50 - 00002228 _____ C:\Users\Nic\Desktop\LaunchEFLC.exe - Verknüpfung.lnk
2014-01-11 22:41 - 2014-01-11 22:41 - 00000000 ____D C:\Users\Nic\AppData\Roaming\G17 Media
2014-01-11 18:52 - 2014-01-11 18:52 - 00001199 _____ C:\Users\Public\Desktop\ISO Workshop.lnk
2014-01-11 18:52 - 2014-01-11 18:52 - 00000000 ____D C:\Program Files (x86)\Glorylogic
2014-01-11 18:51 - 2014-01-11 18:51 - 05197469 _____ (Glorylogic ) C:\Users\Nic\Desktop\isoworkshop_4.5.exe
2014-01-11 18:13 - 2014-01-11 18:47 - 00001592 _____ C:\Windows\setupact.log
2014-01-11 18:13 - 2014-01-11 18:13 - 00000000 _____ C:\Windows\setuperr.log
2014-01-11 16:35 - 2014-01-11 16:35 - 00002399 _____ C:\Users\Public\Desktop\Star Wars Empire at War Forces of Corruption.lnk
2014-01-11 16:31 - 2014-01-11 16:35 - 00096191 _____ C:\Windows\DirectX.log
2014-01-11 16:30 - 2014-01-11 16:30 - 00000000 ____D C:\Users\Nic\AppData\Roaming\InstallShield
2014-01-11 16:30 - 2014-01-11 16:30 - 00000000 ____D C:\ProgramData\InstallShield
2014-01-11 16:28 - 2014-01-20 22:15 - 00284732 _____ C:\Windows\WindowsUpdate.log
2014-01-10 16:52 - 2014-01-16 13:28 - 00001224 _____ C:\Windows\PFRO.log
2014-01-10 00:21 - 2014-01-10 00:22 - 04645232 _____ (Piriform Ltd) C:\Users\Nic\Downloads\ccsetup409.exe
2014-01-07 12:27 - 2014-01-07 17:02 - 00002368 _____ C:\Users\Nic\Desktop\Petroglyph EaW Launcher.lnk
2014-01-07 12:22 - 2014-01-07 17:02 - 00002368 _____ C:\Users\UpdatusUser\Desktop\Petroglyph EaW Launcher.lnk
2014-01-07 12:22 - 2014-01-07 17:02 - 00002368 _____ C:\Users\Gast\Desktop\Petroglyph EaW Launcher.lnk
2014-01-07 12:18 - 2014-01-07 12:18 - 00000000 ____D C:\Windows\uninstall
2014-01-07 12:17 - 2014-01-07 12:17 - 00000000 ____D C:\Users\Nic\Documents\EaW-Mappack_4_setup
2014-01-07 12:17 - 2014-01-07 12:17 - 00000000 ____D C:\Users\Nic\Documents\EaW-Mappack_3_setup
2014-01-07 12:08 - 2014-01-11 16:36 - 00000000 ____D C:\Users\Nic\AppData\Roaming\Petroglyph
2014-01-07 12:07 - 2014-01-07 12:07 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2014-01-06 13:12 - 2014-01-06 13:25 - 00000000 ____D C:\Users\Nic\AppData\Local\Thomas_Grandjean_aka_Agen
2014-01-05 18:36 - 2014-01-05 18:36 - 00000875 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-05 18:35 - 2014-01-05 18:35 - 00004608 _____ C:\Users\Nic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 20:27 - 2014-01-04 20:27 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-04 20:27 - 2014-01-04 20:27 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-04 20:27 - 2014-01-04 20:27 - 00000000 ____D C:\Users\Gast\AppData\Local\Power2Go8
2014-01-04 20:26 - 2014-01-04 20:26 - 00001442 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-04 20:26 - 2014-01-04 20:26 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2014-01-04 20:25 - 2014-01-04 20:27 - 00000000 ____D C:\Users\Gast
2014-01-04 20:25 - 2014-01-04 20:26 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2014-01-04 20:25 - 2014-01-04 20:25 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Startmenü
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Intel
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2014-01-04 20:25 - 2013-08-22 16:31 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-01-04 20:25 - 2013-07-30 10:50 - 00002124 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-01-04 20:25 - 2013-06-19 19:01 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-01-04 20:25 - 2012-11-18 11:22 - 00001711 _____ C:\Users\Gast\Desktop\Kindersicherung einrichten.lnk
2014-01-04 20:25 - 2012-08-11 05:24 - 00001217 _____ C:\Users\Gast\Desktop\ALDI Foto.lnk
2014-01-04 20:25 - 2012-08-11 05:22 - 00001275 _____ C:\Users\Gast\Desktop\Medion Services.lnk
2014-01-04 20:25 - 2012-08-05 13:12 - 00001809 _____ C:\Users\Gast\Desktop\ALDI Talk.lnk
2014-01-04 20:25 - 2012-08-05 13:11 - 00001153 _____ C:\Users\Gast\Desktop\ALDI Süd Reisen.lnk
2014-01-04 20:25 - 2012-08-05 13:11 - 00001025 _____ C:\Users\Gast\Desktop\ALDI Süd Startseite.lnk
2014-01-04 20:25 - 2012-08-05 13:10 - 00001895 _____ C:\Users\Gast\Desktop\ALDI Süd Blumen Service.lnk
2014-01-04 20:25 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-04 20:25 - 2012-07-26 09:13 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-12-29 16:32 - 2014-01-20 15:51 - 00168111 _____ C:\MyXML.xml
2013-12-29 16:32 - 2013-12-29 16:32 - 00002057 _____ C:\Users\Public\Desktop\Start Menu 8.lnk
2013-12-29 16:31 - 2013-12-29 16:32 - 07039808 _____ (IObit ) C:\Users\Nic\Downloads\startmenu-setup.exe
2013-12-28 22:30 - 2013-12-28 22:30 - 34003228 _____ (G17 Media) C:\Users\Nic\Desktop\LCPDFR1.0.Installer.exe
2013-12-27 12:16 - 2013-12-27 10:27 - 00840264 _____ C:\Windows\SysWOW64\pbsvc_pg.exe
2013-12-27 11:48 - 2013-12-27 11:48 - 00000000 ____D C:\Users\Nic\Documents\My Games
2013-12-27 11:43 - 2013-12-27 12:16 - 00000000 ____D C:\Users\Nic\Documents\America's Army
2013-12-27 11:43 - 2013-12-27 11:43 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-12-27 11:43 - 2013-12-27 11:43 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-12-27 11:43 - 2013-12-27 11:43 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-12-27 11:43 - 2013-12-27 11:43 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-12-27 11:43 - 2013-12-27 11:43 - 00000000 ____D C:\Program Files (x86)\OpenAL
2013-12-23 21:20 - 2013-12-23 21:20 - 00578888 _____ C:\Users\Nic\Desktop\focvista64.exe
2013-12-23 21:16 - 2014-01-11 16:32 - 00000000 ____D C:\Program Files (x86)\LucasArts
2013-12-22 13:40 - 2013-12-22 13:53 - 00001119 _____ C:\Users\Nic\Desktop\SMG.txt
2013-12-21 18:58 - 2014-01-04 16:20 - 00000000 ____D C:\Users\Nic\AppData\Local\Akamai
2013-12-21 18:58 - 2013-12-21 18:58 - 00000000 ____D C:\AeriaGames
2013-12-21 15:55 - 2013-12-21 15:56 - 01211636 _____ C:\Users\Nic\Desktop\Trift shop.wav
==================== One Month Modified Files and Folders =======
2014-01-20 22:23 - 2014-01-20 22:21 - 00019869 _____ C:\Users\Nic\Desktop\FRST.txt
2014-01-20 22:21 - 2014-01-20 22:21 - 00000000 ____D C:\FRST
2014-01-20 22:20 - 2014-01-20 22:20 - 02076672 _____ (Farbar) C:\Users\Nic\Desktop\FRST64.exe
2014-01-20 22:15 - 2014-01-11 16:28 - 00284732 _____ C:\Windows\WindowsUpdate.log
2014-01-20 22:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-20 21:43 - 2013-04-25 13:11 - 00000000 ____D C:\Users\Nic\AppData\Roaming\Skype
2014-01-20 21:42 - 2013-05-28 12:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-20 21:03 - 2013-02-01 09:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2014-01-20 18:33 - 2014-01-20 18:33 - 00000000 ____D C:\Users\Nic\Desktop\ranger
2014-01-20 17:27 - 2013-05-05 00:44 - 00283032 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-20 17:27 - 2013-05-05 00:39 - 00283032 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-20 16:01 - 2013-05-05 00:39 - 00283032 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-20 15:52 - 2013-04-25 13:03 - 00000000 ____D C:\Users\Nic\Documents\Youcam
2014-01-20 15:51 - 2013-12-29 16:32 - 00168111 _____ C:\MyXML.xml
2014-01-20 15:50 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-20 00:42 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2014-01-19 14:14 - 2014-01-19 14:14 - 00000000 ____D C:\Users\Nic\Desktop\GTA IV SAVES!!!
2014-01-19 14:13 - 2014-01-19 14:12 - 00000000 ____D C:\Users\Nic\Desktop\GV_eflc_tbogt_savedata_db_m26
2014-01-18 18:51 - 2013-08-22 15:37 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 18:49 - 2013-02-01 06:09 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-18 18:49 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2014-01-18 00:06 - 2014-01-18 00:06 - 00001283 _____ C:\Users\Nic\Desktop\SteamApps - Verknüpfung.lnk
2014-01-18 00:05 - 2014-01-17 21:21 - 00000000 ____D C:\Users\Nic\Desktop\vdHmod
2014-01-17 23:28 - 2014-01-17 23:28 - 00001874 _____ C:\Users\Nic\Desktop\LaunchGTAIV.exe - Verknüpfung.lnk
2014-01-17 22:27 - 2014-01-17 22:19 - 00000000 ____D C:\Users\Nic\Desktop\LCPDFR Install (ASI Loaders)
2014-01-17 22:09 - 2013-02-01 05:06 - 00754172 _____ C:\Windows\system32\perfh007.dat
2014-01-17 22:09 - 2013-02-01 05:06 - 00156362 _____ C:\Windows\system32\perfc007.dat
2014-01-17 22:09 - 2012-07-26 08:28 - 01748838 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-17 21:45 - 2013-09-04 14:59 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-17 21:08 - 2013-04-26 18:10 - 00000000 ____D C:\Users\Nic\AppData\Local\LogMeIn Hamachi
2014-01-16 16:44 - 2014-01-16 16:44 - 00000000 ____D C:\Users\Nic\Desktop\schafter
2014-01-16 16:32 - 2014-01-16 16:32 - 00000000 ____D C:\Users\Nic\Desktop\Vapid Cruiser Vector by EKALB
2014-01-16 16:32 - 2014-01-16 16:32 - 00000000 ____D C:\Users\Nic\Desktop\Vapid Cruiser LSPD by EKALB
2014-01-16 16:32 - 2014-01-16 16:32 - 00000000 ____D C:\Users\Nic\Desktop\Bravado Buffalo LSPD by EKALB
2014-01-16 16:20 - 2014-01-15 16:52 - 00000000 ____D C:\Users\Nic\Desktop\EFLCMODS
2014-01-16 13:28 - 2014-01-10 16:52 - 00001224 _____ C:\Windows\PFRO.log
2014-01-15 18:45 - 2014-01-15 18:44 - 00000000 ____D C:\Users\Nic\Desktop\speedo
2014-01-15 16:56 - 2013-07-30 10:44 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-15 16:55 - 2014-01-15 16:55 - 00000000 ____D C:\Users\Nic\Desktop\undercover
2014-01-15 16:55 - 2014-01-15 16:55 - 00000000 ____D C:\Users\Nic\Desktop\taxi
2014-01-15 16:54 - 2014-01-15 16:54 - 00000000 ____D C:\Users\Nic\Desktop\buffalo
2014-01-15 16:48 - 2014-01-15 16:48 - 00000000 ____D C:\Users\Nic\Desktop\indicator_script_v1
2014-01-13 01:47 - 2013-06-02 20:06 - 00000000 ____D C:\Users\Nic\AppData\Roaming\vlc
2014-01-11 22:50 - 2014-01-11 22:50 - 00002228 _____ C:\Users\Nic\Desktop\LaunchEFLC.exe - Verknüpfung.lnk
2014-01-11 22:41 - 2014-01-11 22:41 - 00000000 ____D C:\Users\Nic\AppData\Roaming\G17 Media
2014-01-11 18:52 - 2014-01-11 18:52 - 00001199 _____ C:\Users\Public\Desktop\ISO Workshop.lnk
2014-01-11 18:52 - 2014-01-11 18:52 - 00000000 ____D C:\Program Files (x86)\Glorylogic
2014-01-11 18:51 - 2014-01-11 18:51 - 05197469 _____ (Glorylogic ) C:\Users\Nic\Desktop\isoworkshop_4.5.exe
2014-01-11 18:47 - 2014-01-11 18:13 - 00001592 _____ C:\Windows\setupact.log
2014-01-11 18:13 - 2014-01-11 18:13 - 00000000 _____ C:\Windows\setuperr.log
2014-01-11 18:13 - 2013-04-25 16:36 - 00000000 ____D C:\Users\Nic\Filme
2014-01-11 16:36 - 2014-01-07 12:08 - 00000000 ____D C:\Users\Nic\AppData\Roaming\Petroglyph
2014-01-11 16:35 - 2014-01-11 16:35 - 00002399 _____ C:\Users\Public\Desktop\Star Wars Empire at War Forces of Corruption.lnk
2014-01-11 16:35 - 2014-01-11 16:31 - 00096191 _____ C:\Windows\DirectX.log
2014-01-11 16:32 - 2013-12-23 21:16 - 00000000 ____D C:\Program Files (x86)\LucasArts
2014-01-11 16:32 - 2013-02-01 07:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-11 16:30 - 2014-01-11 16:30 - 00000000 ____D C:\Users\Nic\AppData\Roaming\InstallShield
2014-01-11 16:30 - 2014-01-11 16:30 - 00000000 ____D C:\ProgramData\InstallShield
2014-01-10 00:22 - 2014-01-10 00:21 - 04645232 _____ (Piriform Ltd) C:\Users\Nic\Downloads\ccsetup409.exe
2014-01-10 00:22 - 2013-04-26 18:07 - 00000000 ____D C:\Program Files\CCleaner
2014-01-09 15:58 - 2013-05-05 00:17 - 00000000 ____D C:\Program Files (x86)\APB Reloaded
2014-01-09 09:02 - 2013-10-02 19:51 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-09 09:02 - 2013-10-02 19:51 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-07 17:02 - 2014-01-07 12:27 - 00002368 _____ C:\Users\Nic\Desktop\Petroglyph EaW Launcher.lnk
2014-01-07 17:02 - 2014-01-07 12:22 - 00002368 _____ C:\Users\UpdatusUser\Desktop\Petroglyph EaW Launcher.lnk
2014-01-07 17:02 - 2014-01-07 12:22 - 00002368 _____ C:\Users\Gast\Desktop\Petroglyph EaW Launcher.lnk
2014-01-07 12:25 - 2013-04-25 17:31 - 00000000 ____D C:\Users\Nic\Desktop\GAMES
2014-01-07 12:18 - 2014-01-07 12:18 - 00000000 ____D C:\Windows\uninstall
2014-01-07 12:17 - 2014-01-07 12:17 - 00000000 ____D C:\Users\Nic\Documents\EaW-Mappack_4_setup
2014-01-07 12:17 - 2014-01-07 12:17 - 00000000 ____D C:\Users\Nic\Documents\EaW-Mappack_3_setup
2014-01-07 12:07 - 2014-01-07 12:07 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2014-01-06 13:25 - 2014-01-06 13:12 - 00000000 ____D C:\Users\Nic\AppData\Local\Thomas_Grandjean_aka_Agen
2014-01-05 18:36 - 2014-01-05 18:36 - 00000875 _____ C:\Users\Public\Desktop\VLC media player.lnk
2014-01-05 18:35 - 2014-01-05 18:35 - 00004608 _____ C:\Users\Nic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-04 20:27 - 2014-01-04 20:27 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-04 20:27 - 2014-01-04 20:27 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-04 20:27 - 2014-01-04 20:27 - 00000000 ____D C:\Users\Gast\AppData\Local\Power2Go8
2014-01-04 20:27 - 2014-01-04 20:25 - 00000000 ____D C:\Users\Gast
2014-01-04 20:26 - 2014-01-04 20:26 - 00001442 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-04 20:26 - 2014-01-04 20:26 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2014-01-04 20:26 - 2014-01-04 20:25 - 00000000 ____D C:\Users\Gast\AppData\Local\Packages
2014-01-04 20:25 - 2014-01-04 20:25 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Startmenü
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Intel
2014-01-04 20:25 - 2014-01-04 20:25 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2014-01-04 16:20 - 2013-12-21 18:58 - 00000000 ____D C:\Users\Nic\AppData\Local\Akamai
2014-01-04 13:56 - 2013-09-06 15:52 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-04 13:55 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2014-01-03 14:39 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-29 16:32 - 2013-12-29 16:32 - 00002057 _____ C:\Users\Public\Desktop\Start Menu 8.lnk
2013-12-29 16:32 - 2013-12-29 16:31 - 07039808 _____ (IObit ) C:\Users\Nic\Downloads\startmenu-setup.exe
2013-12-29 16:32 - 2013-05-07 14:41 - 00003156 _____ C:\Windows\System32\Tasks\StartMenuAutoupdate
2013-12-28 22:30 - 2013-12-28 22:30 - 34003228 _____ (G17 Media) C:\Users\Nic\Desktop\LCPDFR1.0.Installer.exe
2013-12-27 12:44 - 2013-05-05 00:39 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2013-12-27 12:16 - 2013-12-27 11:43 - 00000000 ____D C:\Users\Nic\Documents\America's Army
2013-12-27 11:49 - 2013-04-25 15:25 - 00000000 ____D C:\Users\Nic\AppData\Local\PunkBuster
2013-12-27 11:48 - 2013-12-27 11:48 - 00000000 ____D C:\Users\Nic\Documents\My Games
2013-12-27 11:43 - 2013-12-27 11:43 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2013-12-27 11:43 - 2013-12-27 11:43 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-12-27 11:43 - 2013-12-27 11:43 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2013-12-27 11:43 - 2013-12-27 11:43 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-12-27 11:43 - 2013-12-27 11:43 - 00000000 ____D C:\Program Files (x86)\OpenAL
2013-12-27 10:27 - 2013-12-27 12:16 - 00840264 _____ C:\Windows\SysWOW64\pbsvc_pg.exe
2013-12-26 23:23 - 2013-02-01 07:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-26 23:23 - 2013-02-01 07:52 - 00000000 ____D C:\ProgramData\Skype
2013-12-26 23:18 - 2013-10-25 21:42 - 00000000 ____D C:\Users\Nic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-23 21:20 - 2013-12-23 21:20 - 00578888 _____ C:\Users\Nic\Desktop\focvista64.exe
2013-12-22 13:53 - 2013-12-22 13:40 - 00001119 _____ C:\Users\Nic\Desktop\SMG.txt
2013-12-22 13:30 - 2013-05-17 21:57 - 00000000 ____D C:\Users\Nic\Documents\Bandicam
2013-12-21 18:58 - 2013-12-21 18:58 - 00000000 ____D C:\AeriaGames
2013-12-21 15:56 - 2013-12-21 15:55 - 01211636 _____ C:\Users\Nic\Desktop\Trift shop.wav
2013-12-21 14:07 - 2013-04-25 19:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
Some content of TEMP:
====================
C:\Users\Nic\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Nic\AppData\Local\Temp\drm_dyndata_7410004.dll
C:\Users\Nic\AppData\Local\Temp\_is43A8.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-17 20:20
==================== End Of Log ============================
--- --- ---
Und die Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 04
Ran by Nic at 2014-01-20 22:23:44
Running from C:\Users\Nic\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc)
America's Army: Proving Grounds Beta (x32 Version: - )
ArmA 2 Free Uninstall (x32 Version: - )
ArtMoney SE v7.41 (x32 Version: 7.41 - System SoftLab)
Ashampoo AppLauncher (Medion) v.1.0.0 (x32 Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Bandicam (x32 Version: 1.8.7.347 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (x32 Version: - Bandisoft.com)
Battlefield 3™ (x32 Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlefield Play4Free (x32 Version: - EA Digital illusions)
CCleaner (Version: 4.09 - Piriform)
CyberLink LabelPrint 2.5 (x32 Version: 2.5.5415 - CyberLink Corp.) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3718_45957 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (x32 Version: 3.0.3618 - CyberLink Corp.) Hidden
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.0.1920 - CyberLink Corp.) Hidden
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (x32 Version: 10.0.4915.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy 1.5 (x32 Version: 1.5.2715b - CyberLink Corp.) Hidden
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
CyberLink PowerRecover (x32 Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.1930 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (x32 Version: 7.2.8000.17 - Dolby Laboratories Inc)
Empire at War Mappack 2.00 (x32 Version: 2.00 - Petroglyph Games Inc.)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Grand Theft Auto IV (x32 Version: - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (x32 Version: - Rockstar North / Toronto)
GTA IV Vehicle Mod Installer v1.5 (x32 Version: - MobileD2)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2963 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.6.0.0519 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.6.1212.0302 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software Driver (Version: 15.06.0000.0133 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (x32 Version: 11.7.0.1013 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (Version: 3.5.41.0 - Intel Corporation)
Intel® PROSet/Wireless Software (x32 Version: 15.6.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.06.0000.0090 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
ISO Workshop 4.5 (x32 Version: - Glorylogic)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Launch Manager (x32 Version: 1.5.1.8 - Wistron Corp.)
LCPD First Response (x32 Version: 1.0 - G17 Media)
Left 4 Dead 2 (x32 Version: - Valve)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Mediathek (x32 Version: 1.4.0 - Medion)
Medion Home Cinema 10 (x32 Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Need for Speed(TM) Hot Pursuit (x32 Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ Most Wanted (x32 Version: - )
Need for Speed™ The Run (x32 Version: 1.1.0.0 - Electronic Arts)
Need For Speed™ World (x32 Version: 1.0.0.1398 - Electronic Arts)
NVIDIA Grafiktreiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.11.3 (Version: 1.11.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
OpenAL (x32 Version: - )
Origin (x32 Version: 9.3.2.2730 - Electronic Arts, Inc.)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PlanetSide 2 (2) (HKCU Version: - Sony Online Entertainment)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6833 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Star Wars Empire at War (x32 Version: 1.0 - LucasArts)
Star Wars Empire at War Forces of Corruption (x32 Version: 1.0 - LucasArts)
Start Menu 8 (x32 Version: 1.4.0.0 - IObit)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (Version: 16.2.10.5 - Synaptics Incorporated)
System Requirements Lab CYRI (x32 Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU Version: 3.0.13 - TeamSpeak Systems GmbH)
VLC media player 2.1.2 (Version: 2.1.2 - VideoLAN)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Restore Points =========================
27-12-2013 10:40:43 DirectX wurde installiert
06-01-2014 19:29:27 Geplanter Prüfpunkt
11-01-2014 15:34:30 DirectX wurde installiert
18-01-2014 17:46:34 Windows Update
==================== Hosts content: ==========================
2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {07A18649-E09B-4AF8-B1D7-99AC490242C3} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2013-12-09] (IObit)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2179A488-9F13-474A-B0DB-CC8BFDBA73F8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {3763096E-DDD7-4121-86C7-F87E70379944} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {4A4120A5-2219-460B-8A0D-9AB900077023} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {9BC69F5F-77BC-4BAC-9651-0B346EA4A320} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-16] (Synaptics Incorporated)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B9947B91-AB1F-4DBB-AA7C-C009C262FD6E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {ED02164C-3B18-4C47-BA99-C23308DE35F9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {F3426C5C-C960-4468-B58E-80DF70B7FB10} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-02-01 08:53 - 2013-01-02 15:55 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-02-01 07:43 - 2013-01-16 21:27 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-17 22:39 - 2013-04-25 13:17 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2013-05-07 14:41 - 2013-12-09 16:10 - 00348992 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2013-05-07 14:41 - 2013-12-09 16:10 - 00183616 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2013-05-07 14:41 - 2013-12-09 16:10 - 00051008 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2013-12-29 16:32 - 2013-12-09 16:10 - 00089920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\NTFSScan.dll
2013-09-02 14:20 - 2013-12-09 16:10 - 00039744 _____ () C:\Program Files (x86)\IObit\Start Menu 8\pri.dll
2013-09-02 14:20 - 2013-12-09 16:11 - 00041280 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2013-02-01 08:02 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-08-17 22:38 - 2012-08-17 22:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2013-08-24 11:46 - 2013-08-24 11:46 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\e1703d2acd816693ae5e6f42cb057951\PSIClient.ni.dll
2013-02-01 08:10 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-20 16:59 - 2013-12-20 16:59 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Faulty Device Manager Devices =============
Name: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Description: Intel(R) Centrino(R) Wireless Bluetooth(R) 4.0 + High Speed Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Could not start eventlog service, could not read events.
Der angeforderte Dienst wurde bereits gestartet.
Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 8054.97 MB
Available physical RAM: 5502.95 MB
Total Pagefile: 11638.97 MB
Available Pagefile: 6097.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:869.8 GB) (Free:488.26 GB) NTFS
Drive d: (Recover) (Fixed) (Total:60 GB) (Free:38.64 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: CEAAD2D8)
Partition: GPT Partition Type
==================== End Of Log ============================
Übrigens hat auch die Volltändige Untersuchung durch Kaspersky keine Funde mehr gehabt. |
FRST 32-Bit | FRST 64-Bit
So funktioniert es: