| xXxBarisxXx | 05.02.2015 16:22 |
Ich habe antivir von avira wie mach ichs da Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015 01
Ran by Baris at 2015-02-05 14:06:38
Running from C:\Users\Saturn\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.6.0.393 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.2.740 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 11.6.24.203_WHQL (HKLM\...\Elantech) (Version: 11.6.24.203 - ELAN Microelectronic Corp.)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.8.2.5 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FileZilla Client 3.7.4.1 (HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Glary Utilities 2.56.0.1822 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.56.0.1822 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.94 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.156 - McAfee, Inc.)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.3 - Notepad++ Team)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2008 - Acer)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Pokki (HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\Pokki) (Version: 0.266.1.172 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.228 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.19 - Qualcomm Atheros Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.57 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
V-bates 2.0.0.438 (HKLM\...\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}_is1) (Version: 2.0.0.438 - Southstarco) <==== ATTENTION
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Saturn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Saturn\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Saturn\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Saturn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Saturn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Saturn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Saturn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Saturn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Saturn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Saturn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520385442-11042346-106642047-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Saturn\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
20-01-2015 22:41:08 Removed LogMeIn Hamachi
22-01-2015 18:56:53 DirectX wurde installiert
01-02-2015 17:29:01 Installed Minecraft
04-02-2015 22:31:25 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1197D9F1-3D00-4001-95D2-F8C7C640B443} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-01-23] (Acer Incorporated)
Task: {184B0B00-D4E9-45C9-AC5A-56004E2021A2} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {19D4148B-40A5-44B1-9CF4-8A1023409CA0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {252877D0-2958-404E-9071-F6173B1EE003} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2520385442-11042346-106642047-1002UA => C:\Users\Saturn\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-05] (Facebook Inc.)
Task: {4324E7FE-EC5D-4A55-A0A6-8B9BB72FD2AA} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {5BB18426-E595-4EFC-8184-29F965D7AFF1} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {6286A344-F801-426C-BCC5-A5511054A020} - System32\Tasks\AdobeAAMUpdater-1.0-Acer-Baris => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {65AF9DF6-9031-45DA-8754-6210E738BAC5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2520385442-11042346-106642047-1002Core => C:\Users\Saturn\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-09-05] (Facebook Inc.)
Task: {7A5FEF87-C3AC-4E91-9D10-2F0FBB396912} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {820954BD-8378-441A-B737-C11CED543E0C} - System32\Tasks\FF Watcher {098D5A1E-A914-499F-B2FC-78A445E626F9} => C:\Program Files\V-bates\PrefHelper.exe [2014-01-28] () <==== ATTENTION
Task: {A2DB402D-C940-4872-8C0F-74BE59317A30} - System32\Tasks\FF Watcher {8053C1CD-5914-48EB-AAB1-802857E4487E} => C:\Program Files\V-bates\PrefHelper.exe [2014-01-28] () <==== ATTENTION
Task: {ABA8B275-AE92-4B51-94FC-EF683B745EC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.)
Task: {CA3A2CF0-9DDF-4591-AD45-C6842DA007E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-16] (Google Inc.)
Task: {D08AFE4E-3930-4FA1-88A6-91CF5308E184} - System32\Tasks\MySearchDial => C:\Users\Saturn\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {D4448A2A-243B-404C-B16F-5D65C6F709DB} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {F1635E5E-C33B-4EC4-98B5-6323D6A55788} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\Saturn\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION
Task: {FBD568BB-DAA1-4F8F-A14B-F1D139CFC7E8} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-17] (Acer Incorporate)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2520385442-11042346-106642047-1002Core.job => C:\Users\Saturn\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2520385442-11042346-106642047-1002UA.job => C:\Users\Saturn\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FF Watcher {098D5A1E-A914-499F-B2FC-78A445E626F9}.job => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\FF Watcher {8053C1CD-5914-48EB-AAB1-802857E4487E}.job => C:\Program Files\V-bates\PrefHelper.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MySearchDial.job => C:\Users\Saturn\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) ==============
2014-09-03 15:55 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-31 11:53 - 2014-05-31 11:53 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-04-16 13:16 - 2014-01-28 13:06 - 00209408 _____ () C:\Program Files\V-bates\ExtensionUpdaterService.exe
2013-05-31 00:23 - 2013-05-31 00:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-05-31 00:19 - 2013-05-31 00:19 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-05-31 00:53 - 2013-05-31 00:53 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-01-25 01:22 - 2014-01-25 01:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-03-23 15:50 - 2014-03-23 15:50 - 00054696 _____ () C:\Program Files\Java\jre7\bin\prism-d3d.dll
2014-03-23 15:50 - 2014-03-23 15:50 - 00197544 _____ () C:\Program Files\Java\jre7\bin\glass.dll
2014-03-23 15:50 - 2014-03-23 15:50 - 00640424 _____ () C:\Program Files\Java\jre7\bin\libxml2.dll
2014-03-23 15:50 - 2014-03-23 15:50 - 00209832 _____ () C:\Program Files\Java\jre7\bin\libxslt.dll
2014-03-23 15:50 - 2014-03-23 15:50 - 14863784 _____ () C:\Program Files\Java\jre7\bin\jfxwebkit.dll
2014-03-23 15:50 - 2014-03-23 15:50 - 00319912 _____ () C:\Program Files\Java\jre7\bin\javafx-font.dll
2014-05-23 01:10 - 2014-05-23 01:10 - 00671904 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 18:08 - 2013-02-20 21:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Saturn\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-18 13:13 - 2015-01-18 13:13 - 00043008 _____ () c:\users\saturn\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpegwjgk.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Saturn\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Saturn\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Saturn\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2013-09-05 17:44 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-16 13:16 - 2014-01-28 13:06 - 00194560 _____ () C:\Program Files\V-bates\Extension32.dll
2014-09-03 15:12 - 2014-09-03 15:12 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2013-09-05 18:08 - 2013-02-20 21:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2014-02-11 20:29 - 2014-02-11 20:29 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-02-04 09:20 - 2015-01-27 04:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libglesv2.dll
2015-02-04 09:20 - 2015-01-27 04:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\libegl.dll
2015-02-04 09:20 - 2015-01-27 04:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.94\pdf.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Saturn\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2520385442-11042346-106642047-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Saturn\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\StartupApproved\Run: => "Clownfish"
HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\StartupApproved\Run: => "EADM"
==================== Accounts: =============================
Administrator (S-1-5-21-2520385442-11042346-106642047-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2520385442-11042346-106642047-1003 - Limited - Enabled)
Baris (S-1-5-21-2520385442-11042346-106642047-1002 - Administrator - Enabled) => C:\Users\Saturn
Gast (S-1-5-21-2520385442-11042346-106642047-501 - Limited - Disabled)
Gaste (S-1-5-21-2520385442-11042346-106642047-1006 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2520385442-11042346-106642047-1005 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (02/05/2015 01:36:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: osk.exe, Version: 6.3.9600.17238, Zeitstempel: 0x53d0db93
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0d6c
ID des fehlerhaften Prozesses: 0x2bb4
Startzeit der fehlerhaften Anwendung: 0xosk.exe0
Pfad der fehlerhaften Anwendung: osk.exe1
Pfad des fehlerhaften Moduls: osk.exe2
Berichtskennung: osk.exe3
Vollständiger Name des fehlerhaften Pakets: osk.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: osk.exe5
Error: (02/05/2015 01:00:37 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (02/05/2015 00:35:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: osk.exe, Version: 6.3.9600.17238, Zeitstempel: 0x53d0db93
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f0d6c
ID des fehlerhaften Prozesses: 0x15e8
Startzeit der fehlerhaften Anwendung: 0xosk.exe0
Pfad der fehlerhaften Anwendung: osk.exe1
Pfad des fehlerhaften Moduls: osk.exe2
Berichtskennung: osk.exe3
Vollständiger Name des fehlerhaften Pakets: osk.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: osk.exe5
Error: (02/04/2015 10:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WWAHost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 45c
Startzeit: 01d040c58cb3a079
Endzeit: 4294967295
Anwendungspfad: C:\Windows\System32\WWAHost.exe
Berichts-ID: d4a82226-acb8-11e4-bf2c-48d224b58381
Vollständiger Name des fehlerhaften Pakets: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Windows.Store
Error: (02/04/2015 10:57:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Acer)
Description: Bei der Aktivierung der App „winstore_cw5n1h2txyewy!Windows.Store“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/04/2015 10:57:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Acer)
Description: Die App „winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy+Windows.Store“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (02/04/2015 09:59:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.9600.16384, Zeitstempel: 0x52158ff5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00009948
ID des fehlerhaften Prozesses: 0xba0
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3
Vollständiger Name des fehlerhaften Pakets: NvBackend.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvBackend.exe5
Error: (02/04/2015 09:59:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvBackend.exe, Version: 11.10.13.1, Zeitstempel: 0x52f202d0
Name des fehlerhaften Moduls: nvspcap.dll_unloaded, Version: 11.10.13.1, Zeitstempel: 0x52f20257
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x000c9860
ID des fehlerhaften Prozesses: 0xba0
Startzeit der fehlerhaften Anwendung: 0xNvBackend.exe0
Pfad der fehlerhaften Anwendung: NvBackend.exe1
Pfad des fehlerhaften Moduls: NvBackend.exe2
Berichtskennung: NvBackend.exe3
Vollständiger Name des fehlerhaften Pakets: NvBackend.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvBackend.exe5
Error: (02/04/2015 09:41:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (02/04/2015 09:41:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
System errors:
=============
Error: (02/04/2015 09:09:15 PM) (Source: DCOM) (EventID: 10010) (User: Acer)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/04/2015 09:08:45 PM) (Source: DCOM) (EventID: 10010) (User: Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/03/2015 10:07:31 PM) (Source: DCOM) (EventID: 10010) (User: Acer)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/03/2015 10:07:01 PM) (Source: DCOM) (EventID: 10010) (User: Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/03/2015 04:23:28 PM) (Source: DCOM) (EventID: 10010) (User: Acer)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/03/2015 04:22:57 PM) (Source: DCOM) (EventID: 10010) (User: Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/03/2015 03:50:45 PM) (Source: DCOM) (EventID: 10010) (User: Acer)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/03/2015 03:50:14 PM) (Source: DCOM) (EventID: 10010) (User: Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/03/2015 03:06:22 PM) (Source: DCOM) (EventID: 10010) (User: Acer)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/03/2015 03:05:52 PM) (Source: DCOM) (EventID: 10010) (User: Acer)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (02/05/2015 01:36:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: osk.exe6.3.9600.1723853d0db93ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c2bb401d04137bf556edbC:\WINDOWS\System32\osk.exeC:\WINDOWS\SYSTEM32\ntdll.dll9f6ccc60-ad33-11e4-bf2c-48d224b58381
Error: (02/05/2015 01:00:37 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (02/05/2015 00:35:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: osk.exe6.3.9600.1723853d0db93ntdll.dll6.3.9600.1727853eebd22c000037400000000000f0d6c15e801d040c6f4ded416C:\WINDOWS\System32\osk.exeC:\WINDOWS\SYSTEM32\ntdll.dll8f40a5d8-acc6-11e4-bf2c-48d224b58381
Error: (02/04/2015 10:58:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WWAHost.exe6.3.9600.1703145c01d040c58cb3a0794294967295C:\Windows\System32\WWAHost.exed4a82226-acb8-11e4-bf2c-48d224b58381winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewyWindows.Store
Error: (02/04/2015 10:57:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Acer)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927142
Error: (02/04/2015 10:57:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Acer)
Description: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy+Windows.Store
Error: (02/04/2015 09:59:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvBackend.exe11.10.13.152f202d0msvcrt.dll7.0.9600.1638452158ff5c000000500009948ba001d03317b1acc81bC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exeC:\WINDOWS\SYSTEM32\msvcrt.dllb1806d3d-acb0-11e4-bf2c-48d224b58381
Error: (02/04/2015 09:59:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvBackend.exe11.10.13.152f202d0nvspcap.dll_unloaded11.10.13.152f20257c00001a5000c9860ba001d03317b1acc81bC:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exenvspcap.dlla66b7669-acb0-11e4-bf2c-48d224b58381
Error: (02/04/2015 09:41:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Saturn\Downloads\esetsmartinstaller_deu.exe
Error: (02/04/2015 09:41:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Saturn\Downloads\esetsmartinstaller_deu.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 68%
Total physical RAM: 5962.27 MB
Available physical RAM: 1890.84 MB
Total Pagefile: 12106.27 MB
Available Pagefile: 5006.68 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:447.61 GB) (Free:205.55 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01
Ran by Baris (administrator) on ACER on 05-02-2015 14:05:03
Running from C:\Users\Saturn\Downloads
Loaded Profiles: Baris (Available profiles: Baris)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\V-bates\ExtensionUpdaterService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dropbox, Inc.) C:\Users\Saturn\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\ARA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\old_chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-06-25] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-05-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [VX1000] => C:\WINDOWS\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2688920 2014-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [bdruninstaller] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\downloader\setuplauncher.exe" /run:"setupdownloader.exe" /args:"/token:antivirus /after_restart"
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133248 2013-05-31] ( (Atheros Communications))
HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\Run: [Facebook Update] => C:\Users\Saturn\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-05] (Facebook Inc.)
HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30878816 2014-12-11] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
AppInit_DLLs-x32: ,C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\Users\Saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Saturn\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2520385442-11042346-106642047-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2520385442-11042346-106642047-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2520385442-11042346-106642047-1002 -> DefaultScope {0CC70608-3DE2-4D03-AEDE-5D91F6801D57} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B010DE662D20140214&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2520385442-11042346-106642047-1002 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M6769CE4F-8330-4780-9C68-97A028AE197D&SearchSource=58&CUI=&UM=5&UP=SPB9CB065E-730C-41CD-8096-5A8A79996F5D&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2520385442-11042346-106642047-1002 -> {0CC70608-3DE2-4D03-AEDE-5D91F6801D57} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B010DE662D20140214&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2520385442-11042346-106642047-1002 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_21_ch&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyBtA0C0E0ByE0DzztAzyyEtN0D0Tzu0SzzyBtCtN1L2XzutBtFtBtDtFtCtAtFzztN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0CtA0CyEtB0B0DtG0AtAtDyDtG0CyCtB0EtG0FtD0C0EtGtDyDtDyEzyyE0FtAyBtAtDtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtCtD0E0AyCtByCtG0FzzyDzytGzztAzyyCtG0D0FzztAtGyBzy0DzzzztCzzyEyBtDyDyD2Q&cr=1041861193&ir=
SearchScopes: HKU\S-1-5-21-2520385442-11042346-106642047-1002 -> {A3811F2A-F977-4933-A262-E9A9D7C948EE} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyBtA0C0E0ByE0DzztAzyyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtBtB0A0FtA0DyDtGzy0EzztCtG0DyByB0AtGyDtC0E0FtGyD0A0B0FyDzy0CtA0B0CyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtCtD0E0AyCtByCtG0FzzyDzytGzztAzyyCtG0D0FzztAtGyBzy0DzzzztCzzyEyBtDyDyD2Q&cr=1457698353&ir=
SearchScopes: HKU\S-1-5-21-2520385442-11042346-106642047-1002 -> {F634ADD6-9242-435C-942D-FD491A4997F6} URL =
BHO: V-bates -> {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} -> C:\Program Files\V-bates\Extension64.dll ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: V-bates -> {21EAF666-26B3-4a3c-ABD0-CA2F5A326744} -> C:\Program Files\V-bates\Extension32.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} -> No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {3004627E-F8E9-4E8B-909D-316753CBA923} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://start.qone8.com/?type=sc&ts=1397650483&from=smt&uid=WDCXWD5000LPVX-22V0TT0_WD-WXC1A639720597205
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2520385442-11042346-106642047-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Saturn\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-2520385442-11042346-106642047-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF Extension: V-bates - C:\Program Files\V-bates\Firefox [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
Chrome:
=======
CHR HomePage: Default -> hxxp://speedial.com/?f=1&a=spd_ir_14_21_ch&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyBtA0C0E0ByE0DzztAzyyEtN0D0Tzu0SzzyBtCtN1L2XzutBtFtBtDtFtCtAtFzztN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0CtA0CyEtB0B0DtG0AtAtDyDtG0CyCtB0EtG0FtD0C0EtGtDyDtDyEzyyE0FtAyBtAtDtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtCtD0E0AyCtByCtG0FzzyDzytGzztAzyyCtG0D0FzztAtGyBzy0DzzzztCzzyEyBtDyDyD2Q&cr=1041861193&ir=
CHR StartupUrls: Default -> "hxxp://speedial.com/?f=1&a=spd_ir_14_21_ch&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyBtA0C0E0ByE0DzztAzyyEtN0D0Tzu0SzzyBtCtN1L2XzutBtFtBtDtFtCtAtFzztN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0CtA0CyEtB0B0DtG0AtAtDyDtG0CyCtB0EtG0FtD0C0EtGtDyDtDyEzyyE0FtAyBtAtDtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtCtD0E0AyCtByCtG0FzzyDzytGzztAzyyCtG0D0FzztAtGyBzy0DzzzztCzzyEyBtDyDyD2Q&cr=1041861193&ir=", "hxxp://search.conduit.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M6769CE4F-8330-4780-9C68-97A028AE197D&SearchSource=55&CUI=&UM=5&UP=SPB9CB065E-730C-41CD-8096-5A8A79996F5D&SSPV=", "hxxp://www.bing.com/?pc=U223", "hxxp://start.qone8.com/?type=hp&ts=1397650483&from=smt&uid=WDCXWD5000LPVX-22V0TT0_WD-WXC1A639720597205", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_16_ch&cd=2XzuyEtN2Y1L1QzuyDyE0B0E0FyBtA0C0E0ByE0DzztAzyyEtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtBtB0A0FtA0DyDtGzy0EzztCtG0DyByB0AtGyDtC0E0FtGyD0A0B0FyDzy0CtA0B0CyE0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtCtD0E0AyCtByCtG0FzzyDzytGzztAzyyCtG0D0FzztAtGyBzy0DzzzztCzzyEyBtDyDyD2Q&cr=1457698353&ir="
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-16]
CHR Extension: (Google Drive) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16]
CHR Extension: (Adblock Plus) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-24]
CHR Extension: (Google-Suche) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16]
CHR Extension: (Avast SafePrice) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-09-03]
CHR Extension: (Avira SafeSearch) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffalmjohbhdhlkajphgkhloccibhmoog [2014-09-03]
CHR Extension: (SiteAdvisor) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-02-16]
CHR Extension: (Avira Browserschutz) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-12-24]
CHR Extension: (AdBlock) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-12-24]
CHR Extension: (Avast Online Security) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-24]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2014-10-11]
CHR Extension: (Skype Click to Call) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-18]
CHR Extension: (Google Wallet) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16]
CHR Extension: (Battlefield Play4Free) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-03-31]
CHR Extension: (Instagram for Chrome) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-04-24]
CHR Extension: (Google Mail) - C:\Users\Saturn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16]
CHR HKLM\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-16]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Saturn\AppData\Local\speedial.crx [2014-04-19]
CHR HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
CHR HKU\S-1-5-21-2520385442-11042346-106642047-1002\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Saturn\AppData\Local\speedial.crx [2014-04-19]
CHR HKLM-x32\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - No Path
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-09-03]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Saturn\AppData\Local\speedial.crx [2014-04-19]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-18] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [310912 2013-05-31] (Windows (R) Win 7 DDK provider)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154320 2014-12-03] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2014-05-31] ()
R2 V-bates Updater; C:\Program Files\V-bates\ExtensionUpdaterService.exe [209408 2014-01-28] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43064 2014-10-14] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-05-30] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-05 14:05 - 2015-02-05 14:06 - 00031959 _____ () C:\Users\Saturn\Downloads\FRST.txt
2015-02-05 14:04 - 2015-02-05 14:05 - 00000000 ____D () C:\FRST
2015-02-05 14:03 - 2015-02-05 14:03 - 02131968 _____ (Farbar) C:\Users\Saturn\Downloads\FRST64.exe
2015-02-05 00:13 - 2015-02-05 00:19 - 00000127 _____ () C:\Users\Saturn\Desktop\Neues Textdokument.txt
2015-02-04 23:00 - 2015-02-04 23:00 - 01191200 _____ () C:\Users\Saturn\Downloads\Windows 8 Setup Tool - CHIP-Installer.exe
2015-02-04 21:50 - 2015-02-04 21:50 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2015-02-04 21:48 - 2015-02-04 21:48 - 02867648 _____ () C:\Users\Saturn\Downloads\bitdefender_antivirus.exe
2015-02-04 21:41 - 2015-02-04 21:41 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-04 21:38 - 2015-02-04 21:38 - 02347384 _____ (ESET) C:\Users\Saturn\Downloads\esetsmartinstaller_deu.exe
2015-02-04 18:52 - 2015-02-04 18:52 - 10459409 _____ () C:\Users\Saturn\Desktop\trailer.mp4
2015-02-03 16:41 - 2015-02-03 16:41 - 00011524 _____ () C:\Users\Saturn\Downloads\Download.htm
2015-02-03 16:41 - 2015-02-03 16:41 - 00011524 _____ () C:\Users\Saturn\Downloads\Download (1).htm
2015-02-02 17:14 - 2015-02-02 17:14 - 00001157 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-02-01 23:31 - 2015-02-01 23:31 - 00016312 _____ () C:\Users\Saturn\Downloads\KitChooser_Source.rar
2015-02-01 21:45 - 2015-02-01 21:47 - 29826488 _____ (Wireshark development team) C:\Users\Saturn\Downloads\Wireshark-win64-1.12.3.exe
2015-02-01 19:18 - 2015-02-01 19:18 - 02314240 _____ () C:\Users\Saturn\Downloads\MinecraftInstaller (6).msi
2015-02-01 18:58 - 2015-02-01 18:58 - 02314240 _____ () C:\Users\Saturn\Downloads\MinecraftInstaller (5).msi
2015-02-01 18:46 - 2015-02-01 18:46 - 02314240 _____ () C:\Users\Saturn\Downloads\MinecraftInstaller (4).msi
2015-02-01 17:56 - 2015-02-01 17:56 - 02314240 _____ () C:\Users\Saturn\Downloads\MinecraftInstaller (3).msi
2015-02-01 17:29 - 2015-02-01 17:29 - 02314240 _____ () C:\Users\Saturn\Downloads\MinecraftInstaller (2).msi
2015-02-01 17:29 - 2015-02-01 17:29 - 02314240 _____ () C:\Users\Saturn\Downloads\MinecraftInstaller (1).msi
2015-02-01 17:28 - 2015-02-01 17:28 - 02314240 _____ () C:\Users\Saturn\Downloads\MinecraftInstaller.msi
2015-01-31 22:38 - 2015-01-31 22:38 - 00015565 _____ () C:\Users\Saturn\Downloads\KitChooser.jar
2015-01-31 16:35 - 2015-02-03 18:01 - 00000314 _____ () C:\Users\Saturn\Desktop\jd-gui.cfg
2015-01-31 01:47 - 2015-01-31 01:47 - 00096901 _____ () C:\Users\Saturn\Downloads\KingKits.jar
2015-01-31 01:36 - 2015-01-31 01:36 - 00139236 _____ () C:\Users\Saturn\Downloads\ServerSigns.jar
2015-01-31 01:36 - 2015-01-31 01:36 - 00039672 _____ () C:\Users\Saturn\Downloads\KingKitsSpecial-1.1.7.jar
2015-01-30 23:09 - 2015-01-30 23:10 - 00012325 _____ () C:\Users\Saturn\Downloads\Itemizer (6).jar
2015-01-30 23:09 - 2015-01-30 23:09 - 00008035 _____ () C:\Users\Saturn\Downloads\Itemizer (5).jar
2015-01-30 23:08 - 2015-01-30 23:08 - 00016557 _____ () C:\Users\Saturn\Downloads\Itemizer (4).jar
2015-01-30 23:07 - 2015-01-30 23:07 - 00015641 _____ () C:\Users\Saturn\Downloads\Itemizer (3).jar
2015-01-30 21:28 - 2015-01-30 21:28 - 00003234 _____ () C:\Users\Saturn\Downloads\cBans_v2.0.jar
2015-01-28 23:36 - 2015-01-28 23:36 - 00013496 _____ () C:\Users\Saturn\Downloads\SupportChat_Source.rar
2015-01-28 23:06 - 2015-01-28 23:06 - 00343172 _____ () C:\Users\Saturn\Downloads\HolographicDisplays.jar
2015-01-28 22:30 - 2015-01-28 22:30 - 02936397 _____ () C:\Users\Saturn\Downloads\forge-1.7.2-10.12.2.1147-installer.jar
2015-01-28 22:30 - 2015-01-28 22:30 - 00192564 _____ () C:\Users\Saturn\Downloads\ShadersModCore-v2.3.4-mc1.7.2-f1019.jar
2015-01-28 22:26 - 2015-01-28 22:26 - 00882551 _____ () C:\Users\Saturn\Downloads\OptiFine_1.7.2_HD_U_D4.jar
2015-01-28 22:24 - 2015-01-28 22:24 - 00221141 _____ () C:\Users\Saturn\Downloads\ShadersModCore-v2.3.30-mc1.7.2-f.jar
2015-01-28 20:34 - 2015-01-28 20:34 - 00000000 ____D () C:\Essentials
2015-01-28 18:00 - 2015-01-28 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-28 18:00 - 2015-01-28 18:00 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-27 23:02 - 2015-01-27 23:02 - 00000000 ____D () C:\Users\Saturn\Desktop\Neuer Ordner (3)
2015-01-27 22:44 - 2015-01-27 22:44 - 00022312 _____ () C:\Users\Saturn\Downloads\JCVaultListener-2.0.3.jar
2015-01-27 22:25 - 2015-01-27 22:26 - 00018694 _____ () C:\Users\Saturn\Downloads\Votifier.jar
2015-01-27 22:24 - 2015-01-27 22:24 - 00009292 _____ () C:\Users\Saturn\Downloads\GAListener (1).jar
2015-01-27 22:15 - 2015-01-27 22:15 - 00065222 _____ () C:\Users\Saturn\Downloads\GAListener.jar
2015-01-27 21:52 - 2015-01-27 21:52 - 00055594 _____ () C:\Users\Saturn\Downloads\CombatTag.jar
2015-01-27 21:52 - 2015-01-27 21:52 - 00023176 _____ () C:\Users\Saturn\Downloads\Votifier.rar
2015-01-27 17:27 - 2015-02-01 19:37 - 04000249 _____ () C:\Users\Saturn\Downloads\WinRAR-archive--neu-.rar
2015-01-27 13:20 - 2015-01-27 13:32 - 00012191 _____ () C:\Users\Saturn\Desktop\permissions.yml
2015-01-26 23:45 - 2015-01-26 23:45 - 00021457 _____ () C:\Users\Saturn\Downloads\ChatEssentials.jar
2015-01-26 22:59 - 2015-01-26 22:59 - 00011916 _____ () C:\Users\Saturn\Downloads\InfinityDispenser.jar
2015-01-26 22:44 - 2015-01-26 22:44 - 00015641 _____ () C:\Users\Saturn\Downloads\Itemizer (2).jar
2015-01-26 22:40 - 2015-01-26 22:40 - 00015607 _____ () C:\Users\Saturn\Downloads\Itemizer (1).jar
2015-01-26 22:39 - 2015-01-26 22:39 - 00019508 _____ () C:\Users\Saturn\Downloads\iDispenser.jar
2015-01-26 19:11 - 2015-01-30 21:26 - 00040570 _____ () C:\Users\Saturn\Desktop\bPCS.jar
2015-01-26 19:11 - 2015-01-26 19:11 - 00007068 _____ () C:\Users\Saturn\Desktop\bFrieden.jar
2015-01-26 18:45 - 2015-01-26 18:45 - 00017624 _____ () C:\Users\Saturn\Downloads\Itemizer.jar
2015-01-26 18:43 - 2015-01-26 18:43 - 00223996 _____ () C:\Users\Saturn\Downloads\Shopkeepers (11).jar
2015-01-26 18:42 - 2015-01-26 18:42 - 00107169 _____ () C:\Users\Saturn\Downloads\Shopkeepers (10).jar
2015-01-26 18:40 - 2015-01-26 18:40 - 00110363 _____ () C:\Users\Saturn\Downloads\Shopkeepers (9).jar
2015-01-26 18:35 - 2015-01-26 18:35 - 00135432 _____ () C:\Users\Saturn\Downloads\Shopkeepers (8).jar
2015-01-26 18:33 - 2015-01-26 18:33 - 00106133 _____ () C:\Users\Saturn\Downloads\Shopkeepers (7).jar
2015-01-26 18:32 - 2015-01-26 18:32 - 00103194 _____ () C:\Users\Saturn\Downloads\Shopkeepers (6).jar
2015-01-26 18:30 - 2015-01-26 18:30 - 00098442 _____ () C:\Users\Saturn\Downloads\Shopkeepers (5).jar
2015-01-26 18:29 - 2015-01-26 18:29 - 00088271 _____ () C:\Users\Saturn\Downloads\Shopkeepers (4).jar
2015-01-26 18:28 - 2015-01-26 18:28 - 00086700 _____ () C:\Users\Saturn\Downloads\Shopkeepers (3).jar
2015-01-26 18:27 - 2015-01-26 18:27 - 00258867 _____ () C:\Users\Saturn\Downloads\Shopkeepers (2).jar
2015-01-26 17:24 - 2015-01-26 17:24 - 00140404 _____ () C:\Users\Saturn\Downloads\Ultrabans.jar
2015-01-26 00:05 - 2015-01-26 00:05 - 00133575 _____ () C:\Users\Saturn\Downloads\Shopkeepers (1).jar
2015-01-25 23:57 - 2015-01-25 23:57 - 00258867 _____ () C:\Users\Saturn\Downloads\Shopkeepers.jar
2015-01-25 23:53 - 2015-01-25 23:53 - 00078233 _____ () C:\Users\Saturn\Downloads\ParticleMenu.jar
2015-01-25 23:44 - 2015-01-25 23:44 - 00081919 _____ () C:\Users\Saturn\Downloads\UltimateParticles.jar
2015-01-25 23:30 - 2015-01-25 23:30 - 00040682 _____ () C:\Users\Saturn\Downloads\TeleParticles.jar
2015-01-25 23:19 - 2015-01-25 23:19 - 00019889 _____ () C:\Users\Saturn\Downloads\PlayerParticles_v2.6.jar
2015-01-25 23:16 - 2015-01-25 23:16 - 00005428 _____ () C:\Users\Saturn\Downloads\DiscoArmour (1).jar
2015-01-25 21:21 - 2015-01-25 21:21 - 00012799 _____ () C:\Users\Saturn\Downloads\SupportChat.jar
2015-01-25 21:08 - 2015-01-25 21:08 - 07174418 _____ () C:\Users\Saturn\Downloads\Plugins 1.o0.rar
2015-01-22 19:00 - 2015-01-22 19:00 - 00002057 _____ () C:\Users\Public\Desktop\Microsoft LifeCam.lnk
2015-01-22 19:00 - 2015-01-22 19:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
2015-01-22 18:58 - 2015-01-22 18:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft LifeCam
2015-01-22 18:58 - 2015-01-22 18:58 - 00000000 ____D () C:\Program Files\Microsoft LifeCam
2015-01-22 18:54 - 2015-01-22 18:54 - 29546352 _____ (Microsoft Corporation) C:\Users\Saturn\Downloads\LifeCam3.22.exe
2015-01-21 23:37 - 2015-01-21 23:37 - 00532048 _____ () C:\Users\Saturn\Downloads\PermissionsEx (1).jar
2015-01-21 23:33 - 2015-01-21 23:33 - 00722603 _____ () C:\Users\Saturn\Downloads\PermissionsEx.jar
2015-01-21 23:31 - 2015-01-21 23:31 - 00990670 _____ () C:\Users\Saturn\Downloads\Essentials.zip
2015-01-21 22:51 - 2015-01-21 22:51 - 00027073 _____ () C:\Users\Saturn\Downloads\AdminShop.jar
2015-01-21 18:22 - 2015-01-21 18:23 - 07903505 _____ () C:\Users\Saturn\Downloads\minecraft_server.1.8.1.jar
2015-01-21 16:38 - 2015-01-21 16:38 - 00788580 _____ () C:\Users\Saturn\Downloads\jd-gui-0.3.6.windows.zip
2015-01-21 16:38 - 2013-11-03 22:19 - 00808448 _____ () C:\Users\Saturn\Desktop\jd-gui.exe
2015-01-20 22:47 - 2015-01-28 18:00 - 00000942 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-01-20 22:46 - 2015-01-20 22:46 - 08536064 _____ () C:\Users\Saturn\Downloads\hamachi291.msi
2015-01-20 22:38 - 2015-01-20 22:38 - 00006978 _____ () C:\Users\Saturn\Desktop\bFriede.zip
2015-01-20 22:37 - 2015-01-20 22:37 - 00000000 ____D () C:\Users\Saturn\Desktop\bFriede
2015-01-20 22:20 - 2015-02-01 19:37 - 00000000 ____D () C:\Users\Saturn\Desktop\PvP
2015-01-20 13:16 - 2015-01-20 13:16 - 00044296 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-01-18 21:21 - 2015-01-18 21:21 - 21311477 _____ () C:\Users\Saturn\Downloads\Offical Lays Texturepack.rar
2015-01-18 19:05 - 2015-01-18 19:05 - 00026671 _____ () C:\Users\Saturn\Downloads\WGRegionEffects.jar
2015-01-18 19:04 - 2015-01-18 19:04 - 00324043 _____ () C:\Users\Saturn\Downloads\worldguard-5.9.zip
2015-01-18 19:03 - 2015-01-18 19:03 - 00014110 _____ () C:\Users\Saturn\Downloads\ColoredSigns.jar
2015-01-18 18:46 - 2015-01-18 18:46 - 00723561 _____ () C:\Users\Saturn\Downloads\PermissionsEx-1.23.1.jar
2015-01-18 18:43 - 2015-01-18 18:43 - 00002818 _____ () C:\Users\Saturn\Downloads\Head.jar
2015-01-18 18:42 - 2015-01-18 18:43 - 00005428 _____ () C:\Users\Saturn\Downloads\DiscoArmour.jar
2015-01-18 16:26 - 2015-01-18 16:26 - 01055067 _____ () C:\Users\Saturn\Downloads\VBCABLEDriver_Pack42b.zip
2015-01-18 16:19 - 2015-01-18 16:20 - 10328598 _____ (Nullsoft, Inc.) C:\Users\Saturn\Downloads\winamp5666_full_en-us_redux.exe
2015-01-18 16:18 - 2015-01-18 16:20 - 00000991 _____ () C:\Users\Public\Desktop\Winamp.lnk
2015-01-18 16:18 - 2015-01-18 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-01-18 16:18 - 2015-01-18 16:18 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2015-01-18 16:18 - 2015-01-18 16:18 - 00000000 ____D () C:\Program Files (x86)\Winamp Detect
2015-01-18 16:17 - 2015-01-27 13:32 - 00000000 ____D () C:\Users\Saturn\Desktop\Virtual Audio Cable 4.10 (Full)
2015-01-18 16:17 - 2015-01-18 16:27 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\Winamp
2015-01-18 16:17 - 2015-01-18 16:20 - 00000000 ____D () C:\Program Files (x86)\Winamp
2015-01-18 16:16 - 2015-01-18 16:17 - 17888872 _____ (Nullsoft, Inc.) C:\Users\Saturn\Downloads\winamp57_3444_beta_full_all.exe
2015-01-18 16:16 - 2015-01-18 16:16 - 00380841 _____ () C:\Users\Saturn\Downloads\Virtual Audio Cable 4.10 (Full).rar
2015-01-18 13:05 - 2015-01-18 13:06 - 10440843 _____ () C:\Users\Saturn\Downloads\Rewinside.zip
2015-01-18 12:56 - 2015-01-18 12:57 - 75591642 _____ () C:\Users\Saturn\Downloads\_____Ameno_Rewinside_____.mp4
2015-01-18 01:33 - 2015-01-18 01:33 - 00887784 _____ () C:\Users\Saturn\Downloads\OptiFine_1.8.1_HD_U_C1.jar
2015-01-18 01:33 - 2015-01-18 01:33 - 00818617 _____ () C:\Users\Saturn\Downloads\OptiFine_1.7.5_HD_U_D1 (1).jar
2015-01-18 01:33 - 2015-01-18 01:33 - 00792689 _____ () C:\Users\Saturn\Downloads\OptiFine_1.7.4_HD_D1.jar
2015-01-18 01:18 - 2015-01-18 01:18 - 00856122 _____ () C:\Users\Saturn\Downloads\OptiFine_1.7.2_HD_D4 (1).jar
2015-01-18 01:15 - 2015-01-18 01:15 - 00818889 _____ () C:\Users\Saturn\Downloads\OptiFine_1.7.4_HD_U_D1.jar
2015-01-18 01:12 - 2015-01-18 01:12 - 00814735 _____ () C:\Users\Saturn\Downloads\OptiFine_1.7.9_HD_U_D2.jar
2015-01-17 23:55 - 2015-01-18 00:02 - 34234741 _____ () C:\Users\Saturn\Downloads\Ameno_REMIX_Original_24_H_Mitschnitt_Rewinside__By_Mpire.mp4
2015-01-17 23:30 - 2015-01-17 23:30 - 00000000 ____D () C:\Users\Saturn\Documents\MAGIX_MusicEditor
2015-01-17 23:30 - 2015-01-17 23:30 - 00000000 ____D () C:\Users\Saturn\AppData\Local\Xara
2015-01-17 23:30 - 2015-01-17 23:30 - 00000000 ____D () C:\Users\Saturn\AppData\Local\Magix
2015-01-17 23:09 - 2015-02-01 15:40 - 00000000 ___RD () C:\Users\Saturn\Documents\MAGIX
2015-01-17 23:09 - 2015-02-01 15:40 - 00000000 ____D () C:\ProgramData\MAGIX
2015-01-17 23:09 - 2015-02-01 15:40 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2015-01-17 23:08 - 2015-01-17 23:08 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2015-01-17 21:50 - 2015-01-17 23:45 - 12577574 _____ () C:\Users\Saturn\Downloads\Magix Video Deluxe 2014 Premium.zip
2015-01-17 19:07 - 2015-01-17 19:07 - 00000000 ____D () C:\Users\Saturn\AppData\Local\DVDVideoSoft_Ltd
2015-01-17 18:40 - 2015-01-17 19:09 - 00000000 ____D () C:\Users\Saturn\AppData\Local\Opera Software
2015-01-17 18:34 - 2015-01-17 19:09 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-01-17 18:32 - 2015-01-17 18:32 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\TuneUp Software
2015-01-17 18:32 - 2015-01-17 18:32 - 00000000 ____D () C:\Users\Saturn\AppData\Local\TuneUp Software
2015-01-17 18:29 - 2015-01-17 18:41 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-01-17 18:29 - 2015-01-17 18:29 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-01-17 18:28 - 2015-01-17 19:11 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\DVDVideoSoft
2015-01-17 18:27 - 2015-01-17 18:27 - 20431920 _____ (DVDVideoSoft Ltd. ) C:\Users\Saturn\Downloads\FreeScreenVideoRecorder.exe
2015-01-17 15:36 - 2015-01-17 15:36 - 01568433 _____ () C:\Users\Saturn\Downloads\worldedit-bukkit-6.0.jar
2015-01-17 13:22 - 2015-01-17 13:22 - 00000000 _____ () C:\Users\Saturn\Desktop\01788064028.txt
2015-01-16 20:30 - 2015-01-16 20:31 - 00888174 _____ () C:\Users\Saturn\Downloads\OptiFine_1.8.1_HD_U_C3.jar
2015-01-16 18:44 - 2015-01-16 18:44 - 00320143 _____ () C:\Users\Saturn\Downloads\Multiverse-Inventories-2.5.jar
2015-01-16 18:43 - 2015-01-16 18:43 - 00325807 _____ () C:\Users\Saturn\Downloads\Multiverse-Core-2.4.jar
2015-01-16 18:43 - 2015-01-16 18:43 - 00081462 _____ () C:\Users\Saturn\Downloads\Multiverse-Portals-2.4.jar
2015-01-16 18:42 - 2015-01-18 19:05 - 00000000 ____D () C:\Users\Saturn\Desktop\Lobby
2015-01-16 18:40 - 2015-01-16 18:46 - 01989061 _____ () C:\Users\Saturn\Downloads\Server Lobby - by Pokemoon100.rar
2015-01-16 17:03 - 2015-01-16 17:03 - 15848603 _____ () C:\Users\Saturn\Downloads\ERA_-_Ameno.mp4
2015-01-16 13:06 - 2015-01-16 13:06 - 00050911 _____ () C:\Users\Saturn\Downloads\Lobby.schematic
2015-01-16 12:12 - 2015-01-16 12:16 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\.technic
2015-01-15 23:17 - 2015-01-15 23:17 - 09433891 _____ () C:\Users\Saturn\Downloads\YouTube_Kacke_-_Ficky_Maus_treibt_unanstndige_Dinge.mp4
2015-01-15 23:15 - 2015-01-15 23:16 - 23668678 _____ () C:\Users\Saturn\Downloads\YouTube_poop_-_Tagesschau_am_17.05.2012.mp4
2015-01-15 23:02 - 2015-01-15 23:03 - 49289555 _____ () C:\Users\Saturn\Downloads\Lisa_Cat_feat._Elotrix.mp4
2015-01-15 22:59 - 2015-01-15 23:03 - 94816523 _____ () C:\Users\Saturn\Downloads\Lisa_Cat_feat.__ReaaznnSchubidu_und_Elotrix_2.mp4
2015-01-15 19:28 - 2015-01-15 19:17 - 22764208 ____N () C:\Users\Saturn\Desktop\TechnicLauncher.exe
2015-01-15 19:16 - 2015-01-15 19:17 - 22764208 _____ () C:\Users\Saturn\Downloads\TechnicLauncher.exe
2015-01-14 17:22 - 2015-01-14 17:29 - 21066924 _____ () C:\Users\Saturn\Downloads\ia.zip
2015-01-09 23:57 - 2015-01-19 17:49 - 00000000 ____D () C:\Users\Saturn\Desktop\Cloud Downloader 2.2
2015-01-09 23:55 - 2015-01-09 23:55 - 01174352 _____ () C:\Users\Saturn\Downloads\Cloud Downloader - CHIP-Installer.exe
2015-01-06 17:05 - 2015-01-06 17:41 - 69853406 _____ () C:\Users\Saturn\Downloads\Afrika-PvP v3 (schlechter PC).zip
2015-01-06 15:58 - 2015-01-06 15:58 - 38377191 _____ () C:\Users\Saturn\Downloads\BannerAWTemp.psd
2015-01-06 15:49 - 2015-01-06 15:49 - 00000000 ____D () C:\Users\Saturn\Desktop\Youtube Banner Template #6 By MX9
2015-01-06 15:48 - 2015-01-06 15:49 - 12612144 _____ () C:\Users\Saturn\Downloads\Youtube Banner Template #6 By MX9.rar
2015-01-06 05:37 - 2015-01-06 05:37 - 00233378 _____ () C:\Users\Saturn\Downloads\instant-dance-party-song.ogg
2015-01-06 05:18 - 2015-01-06 05:20 - 102983184 _____ () C:\Users\Saturn\Downloads\clrbrowser4_repack (1).zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-05 14:05 - 2014-02-16 10:47 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\Skype
2015-02-05 14:03 - 2005-10-14 05:59 - 00499308 ____H () C:\Users\Saturn\AppData\Roaming\Barislog.dat
2015-02-05 14:00 - 2014-04-19 01:00 - 00000304 _____ () C:\WINDOWS\Tasks\MySearchDial.job
2015-02-05 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-05 13:46 - 2014-04-16 13:16 - 00000302 _____ () C:\WINDOWS\Tasks\FF Watcher {098D5A1E-A914-499F-B2FC-78A445E626F9}.job
2015-02-05 13:46 - 2014-04-16 13:16 - 00000292 _____ () C:\WINDOWS\Tasks\FF Watcher {8053C1CD-5914-48EB-AAB1-802857E4487E}.job
2015-02-05 13:26 - 2014-05-18 18:43 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\.minecraft
2015-02-05 13:25 - 2014-06-30 12:12 - 01582909 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-05 12:42 - 2014-04-14 15:02 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{480E1AC6-271B-4B12-832F-DE9C401F80DB}
2015-02-04 23:53 - 2014-09-05 16:47 - 00000940 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2520385442-11042346-106642047-1002UA.job
2015-02-04 22:40 - 2014-02-16 10:27 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2520385442-11042346-106642047-1002
2015-02-04 21:27 - 2014-02-17 18:13 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\TS3Client
2015-02-04 17:53 - 2014-09-05 16:47 - 00000918 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-2520385442-11042346-106642047-1002Core.job
2015-02-04 14:52 - 2014-06-30 12:12 - 00847872 ___SH () C:\Users\Saturn\Desktop\Thumbs.db
2015-02-04 14:19 - 2014-02-16 10:28 - 00004100 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 14:19 - 2014-02-16 10:28 - 00003864 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-04 14:19 - 2014-02-16 10:28 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-04 14:19 - 2014-02-16 10:28 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-04 12:10 - 2014-02-14 15:44 - 00000000 ____D () C:\Users\Saturn\AppData\Local\VirtualStore
2015-02-04 12:10 - 2013-07-19 10:52 - 00000000 ____D () C:\ProgramData\McAfee
2015-02-04 08:39 - 2014-02-16 10:53 - 00000000 ____D () C:\Users\Saturn\AppData\Local\Adobe
2015-02-04 00:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\tracing
2015-02-03 21:05 - 2014-03-23 16:40 - 00000000 ____D () C:\Users\Saturn\AppData\Local\Eclipse
2015-02-02 18:24 - 2014-02-17 16:15 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\FileZilla
2015-02-02 17:15 - 2014-06-11 16:41 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-02 17:14 - 2014-02-16 10:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-02 17:14 - 2014-02-16 10:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-28 18:21 - 2014-04-16 07:48 - 03190784 ___SH () C:\Users\Saturn\Downloads\Thumbs.db
2015-01-28 18:16 - 2014-06-17 15:25 - 00000000 ____D () C:\Users\Saturn\Documents\Euro Truck Simulator 2
2015-01-28 18:00 - 2014-12-23 15:38 - 00000000 ____D () C:\Users\Saturn\AppData\Local\LogMeIn Hamachi
2015-01-25 21:22 - 2014-04-14 12:36 - 00000000 ___DO () C:\Users\Saturn\SkyDrive
2015-01-22 19:00 - 2014-09-03 15:24 - 00004445 _____ () C:\WINDOWS\setupact.log
2015-01-22 18:54 - 2013-11-14 08:27 - 01804092 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-22 18:54 - 2013-11-14 08:11 - 00775588 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-22 18:54 - 2013-11-14 08:11 - 00163774 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-21 22:55 - 2014-04-15 17:57 - 00000000 ____D () C:\Users\Saturn\Desktop\Spiele
2015-01-21 19:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-19 19:24 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-19 17:28 - 2014-12-30 00:35 - 00000000 ____D () C:\Users\Saturn\Desktop\Anne
2015-01-18 13:13 - 2014-09-05 19:32 - 00000000 ___RD () C:\Users\Saturn\Dropbox
2015-01-18 13:13 - 2014-09-03 15:53 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\Dropbox
2015-01-18 13:10 - 2014-03-15 17:30 - 00000336 _____ () C:\WINDOWS\Tasks\GlaryInitialize.job
2015-01-18 13:10 - 2013-07-19 10:52 - 00000000 ____D () C:\Program Files\mcafee
2015-01-18 13:10 - 2013-07-19 10:52 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-18 13:10 - 2013-07-19 10:52 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-18 13:09 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-18 13:09 - 2013-08-22 15:44 - 05137064 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-18 13:08 - 2014-07-04 14:48 - 00045166 _____ () C:\WINDOWS\PFRO.log
2015-01-18 00:04 - 2014-04-15 17:58 - 00000000 ____D () C:\Users\Saturn\Desktop\Handy
2015-01-17 21:19 - 2014-12-25 18:48 - 00000000 ____D () C:\Users\Saturn\Documents\Bandicam
2015-01-16 15:33 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-16 12:24 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-01-16 12:21 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-01-13 14:19 - 2015-01-03 07:27 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-06 16:05 - 2014-06-11 18:39 - 00001456 _____ () C:\Users\Saturn\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-01-06 06:22 - 2014-03-16 12:39 - 00000000 ____D () C:\Users\Saturn\AppData\Roaming\OBS
2015-01-06 05:25 - 2015-01-05 03:58 - 00000000 ____D () C:\Users\Saturn\Desktop\twitch plugins
==================== Files in the root of some directories =======
2014-06-11 18:26 - 2014-12-28 17:35 - 0000132 _____ () C:\Users\Saturn\AppData\Roaming\Adobe IllExport-Filter CC - Voreinstellungen
2005-10-14 05:59 - 2015-02-05 14:03 - 0499308 ____H () C:\Users\Saturn\AppData\Roaming\Barislog.dat
2014-04-20 23:00 - 2014-04-20 23:00 - 0000047 _____ () C:\Users\Saturn\AppData\Roaming\WB.CFG
2014-06-11 18:39 - 2015-01-06 16:05 - 0001456 _____ () C:\Users\Saturn\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-02-21 14:15 - 2014-07-28 19:05 - 0003584 _____ () C:\Users\Saturn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-13 19:38 - 2014-04-13 19:38 - 0000094 _____ () C:\Users\Saturn\AppData\Local\fusioncache.dat
2014-05-20 15:22 - 2014-05-20 15:22 - 0002712 _____ () C:\Users\Saturn\AppData\Local\recently-used.xbel
2014-04-19 01:00 - 2014-04-19 01:00 - 0358193 _____ () C:\Users\Saturn\AppData\Local\speedial.crx
2014-05-28 16:55 - 2014-05-28 16:55 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Saturn\AppData\Local\Temp\0325281421407253mcinst.exe
C:\Users\Saturn\AppData\Local\Temp\Ask-Fm-Autolike.exe
C:\Users\Saturn\AppData\Local\Temp\AskFmApi.exe
C:\Users\Saturn\AppData\Local\Temp\avgnt.exe
C:\Users\Saturn\AppData\Local\Temp\bdfilters.dll
C:\Users\Saturn\AppData\Local\Temp\drm_dyndata_7390006.dll
C:\Users\Saturn\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpegwjgk.dll
C:\Users\Saturn\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Saturn\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Saturn\AppData\Local\Temp\jansi-64-git-Spigot-1.7.2-R0.3-122-gb58e277.dll
C:\Users\Saturn\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Saturn\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Saturn\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Saturn\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Saturn\AppData\Local\Temp\swt-win32-3349.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-02 15:29
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
#push |
FRST 32-Bit | FRST 64-Bit
Lesestoff: