| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internet langsam seit Änderung durch TuneUp UtilitiesWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.09.2014, 22:39
| #1 |
 |  Internet langsam seit Änderung durch TuneUp Utilities Hallo, Ich habe ein Problem. Ich hatte TuneUp Utilitis. Ich habe einen Vorschlag bekommen wie mein Internet Schneller wird natürlich habe ich bestätigt und das Programm hat alles erledigt. Nun laden alle Seiten z.b Youtube ect lange (bei den Videos). Ich habe mich bisschen Informiert und angeblich wurde die Registry verändert. Jetzt brauch ich eure Hilfe da ich so keine Videos mehr vernünftig schauen kann =( TuneUp habe ich Sofort gelöschst komplett ! Aber trotzdem ist das Problem noch da hoffe jemand kann mir da helfen. Wenn es an der Rigistry liegt ich habe keine Wiederherstellungspunkte ect. Hoffe ihr hilft mir schnell =)  |
|
21.09.2014, 01:37
| #2 |
| Ruhe in Frieden † 2019     | Internet langsam seit Änderung durch TuneUp Utilities Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Deswegen rate ich dazu solche "Wunderwaffen" nicht zu benutzen. lass uns schauen, was wir sehen  Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ |
|
21.09.2014, 03:12
| #3 |
| | Internet langsam seit Änderung durch TuneUp UtilitiesFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014 Ran by BonZZai (administrator) on BONZZAI-PC on 21-09-2014 04:03:21 Running from C:\Users\BonZZai\Downloads Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc2.exe (AMD) C:\Windows\System32\atieclxx.exe (Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeTray.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Users\BonZZai\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [Ocs_SM] => C:\Users\BonZZai\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2014-09-12] (OCS) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HDAudDeck] => c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe [5675184 2013-05-10] (VIA) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-18] (Google Inc.) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [smoother] => C:\Users\BonZZai\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe [489651 2014-08-27] () HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22040168 2014-08-27] (Skype Technologies S.A.) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-437646761-135901211-47947868-1000\...\MountPoints2: {73a36747-4c66-11e2-97f0-806e6f6e6963} - D:\Bin\ASSETUP.exe AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1411254557&from=cvs&uid=ST1000DM003-9YN162_S1D5526FXXXXS1D5526F&q={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF388E98DB5DFCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1411254557&from=cvs&uid=ST1000DM003-9YN162_S1D5526FXXXXS1D5526F&q={searchTerms} URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms} SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {03CDFE7B-8B33-4565-BCCC-3A0FEA895055} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {184A9DD7-741E-11E3-8FF2-3085A9F78590} URL = hxxp://searchinfinitas.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368696E66696E697461732E636F6D2F3F616666696C743D3426713D7B7365617263685465726D737D2669643D7B32324542383538362D433344392D343944312D423934302D3746424432343942364535367D&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0 SearchScopes: HKCU - {37B0EF2A-370F-47EB-8B45-45B5170F4DF5} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {56E47280-68DD-4167-AE5E-61138E294984} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {5F731F12-D4FD-4640-A74E-0C1CC8793B97} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D69653726726C7A3D31493747474E495F64654445353736&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0 SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org.anonymize-me.de/?anonymto=687474703A2F2F7777772E666972657461622E6F72672F3F747970653D647333736526703D7B7365617263685465726D737D&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0 SearchScopes: HKCU - {D160EDD2-06B7-424E-84EE-0E3C064E2798} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {EB6ACCE1-F406-4C8B-90B5-B102C657B832} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKLM - Kango - {F051F6BF-82D9-49A7-9E6C-BA63CDB487D2} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\11-suche.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\7e359293-3f24-40c5-bebe-ec2c522ee932.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\a22d3231-3f5c-4f15-bd94-a0d288cfd46d.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\bingp.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\df4d687e-f4c7-40ff-ad66-2f9c6eb49005.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\safeguard-secure-search.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\search.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{0277BDC7-BD8F-431E-8CBC-5E1F2B951ECF}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{23F6A38A-964D-489E-A743-F3B9A7D78230}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{30295452-738A-4968-A588-92B0BA09898F}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{9B892BC4-140F-4EFF-AD92-22DDA85F6C84}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{B7748BCB-37C7-40FD-8C38-D04FA3FD8B4F}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{FF348E83-EEBB-4A2D-9C1D-0829BE838A01}.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: WEB.DE MailCheck - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\toolbar@web.de [2014-09-18] FF Extension: FreemiumA - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{afa59d4f-18ec-4866-949b-f406270e15cb} [2014-08-21] FF Extension: 4shared Desktop Plugin - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\4sharedCopyLinks.xpi.tmp [2013-03-14] FF Extension: Cliqz Beta - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\cliqz@cliqz.com.xpi [2014-07-22] FF Extension: Facebook Toolbar - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\firefox@facebook.com.xpi [2012-12-21] FF Extension: Mark Ads Sites In Search - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\jid1-LGBwZ7tVjRcfIg@jetpack.xpi [2014-06-28] FF Extension: Smoother Web - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-09-11] FF Extension: FirefoxAdKiller - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi [2014-06-28] FF Extension: Adblock Plus - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-28] FF Extension: Tab Mix Plus - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-04-25] FF Extension: DownThemAll! - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-24] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-11-16] FF HKLM-x32\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\BonZZai\AppData\Roaming\Helper FF Extension: Helper - C:\Users\BonZZai\AppData\Roaming\Helper [2014-08-15] FF HKCU\...\Firefox\Extensions: [happylyrics@hpyproductions.net] - C:\Program Files (x86)\HappyLyrics\FF FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff Chrome: ======= CHR Profile: C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\default CHR Extension: (Plus-HD-2.4) - C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf [2013-06-26] CHR HKLM-x32\...\Chrome\Extension: [cenfbebdhgbldbkkndbjgjngdnkghemj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2599\ch\MediaWatchV1home2599.crx [] CHR HKLM-x32\...\Chrome\Extension: [ealchnonpofjocgofjpopjdoegbbkofj] - C:\Program Files (x86)\HappyLyrics\Chrome.crx [] CHR HKLM-x32\...\Chrome\Extension: [egboolelbjcdgnopcmdokdiegcmnfpfn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8960\ch\MediaViewV1alpha8960.crx [] CHR HKLM-x32\...\Chrome\Extension: [fdfmghmenmllgflfnbcdomgbelmjkepl] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha113\ch\MediaViewV1alpha113.crx [] CHR HKLM-x32\...\Chrome\Extension: [fgibjgmnimooanbagcfpnkmngejcojaf] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx [] CHR HKLM-x32\...\Chrome\Extension: [peeijnafianehabjhnlkiopmolfloakl] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode9005\ch\MediaBuzzV1mode9005.crx [] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [468648 2014-01-09] (Elex do Brasil Participações Ltda) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 SearchAnonymizer; C:\Users\BonZZai\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2014-09-12] () [File not signed] R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-12] (VIA Technologies, Inc.) S2 AddonsHelper; No ImagePath S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] () S3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] () S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed] R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation) R3 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [219648 2014-01-09] (Elex do Brasil Participações Ltda) R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [44032 2014-01-09] (Elex do Brasil Participações Ltda) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-21] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-19] (Synaptics Incorporated) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2087-01-13 02:31 - 2087-01-13 02:31 - 00000000 ____D () C:\ProgramData\eSellerate 2087-01-13 02:31 - 2014-01-29 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2050-01-01 02:17 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2050-01-01 02:17 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2050-01-01 02:17 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2050-01-01 02:17 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2050-01-01 02:17 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2050-01-01 02:17 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2050-01-01 02:17 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2050-01-01 02:17 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2050-01-01 02:17 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2050-01-01 02:17 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2050-01-01 02:17 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2050-01-01 02:17 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2050-01-01 02:04 - 2050-01-01 02:04 - 00003218 _____ () C:\Windows\System32\Tasks\{E5B542E3-C766-40FD-BDEE-1AA277504F6C} 2050-01-01 01:59 - 2050-01-01 02:12 - 00001686 _____ () C:\Users\BonZZai\AppData\Local\Cracklock.settings 2014-09-21 04:03 - 2014-09-21 04:03 - 00029426 _____ () C:\Users\BonZZai\Downloads\FRST.txt 2014-09-21 04:03 - 2014-09-21 04:03 - 00000000 ____D () C:\FRST 2014-09-21 04:02 - 2014-09-21 04:03 - 02105856 _____ (Farbar) C:\Users\BonZZai\Downloads\FRST64.exe 2014-09-21 01:14 - 2014-09-21 01:14 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\EurekaLab s.a.s 2014-09-21 01:11 - 2014-09-21 01:11 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\dlg 2014-09-21 01:09 - 2014-09-21 01:29 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Systweak 2014-09-21 01:08 - 2014-09-21 01:08 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox(1).exe 2014-09-21 01:07 - 2014-09-21 01:07 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox.exe 2014-09-21 01:02 - 2014-09-21 01:02 - 00004034 _____ () C:\Windows\System32\Tasks\LaunchSignup 2014-09-21 01:02 - 2014-09-21 01:02 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Video Performer 2014-09-21 00:32 - 2014-09-21 00:39 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00803636 _____ () C:\Users\BonZZai\Downloads\RegpairSetup.exe 2014-09-21 00:32 - 2014-09-21 00:32 - 00001027 _____ () C:\Users\BonZZai\Desktop\Free Window Registry Repair.lnk 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-19 23:09 - 2014-09-19 23:09 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2014-09-19 23:09 - 2014-09-19 23:09 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2014-09-19 23:03 - 2014-09-19 23:03 - 00007598 _____ () C:\Users\BonZZai\AppData\Local\Resmon.ResmonCfg 2014-09-19 19:40 - 2014-09-19 19:40 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411148449 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-19 19:09 - 2014-09-19 19:09 - 00001260 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller.lnk 2014-09-19 19:09 - 2014-09-19 19:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-19 19:07 - 2014-09-19 19:07 - 01101648 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller - CHIP-Installer.exe 2014-09-19 15:46 - 2014-09-19 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-17 00:06 - 2014-09-17 00:07 - 02297624 _____ () C:\Users\BonZZai\Desktop\Metin2 Sycorax ,Hurensohn wird im TS Rassiert xTwinBlade.mp3.sfk 2014-09-16 03:38 - 2014-09-16 03:38 - 07566336 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe 2014-09-15 21:30 - 2014-09-15 22:07 - 114649879 _____ () C:\Users\BonZZai\Downloads\m2kmod_3.0.1.zip 2014-09-12 15:50 - 2014-09-21 03:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-12 15:50 - 2014-09-12 15:50 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-12 15:50 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-09-12 15:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-09-11 19:02 - 2014-09-11 19:02 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\RocketTab 2014-09-11 18:37 - 2014-09-11 18:44 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\InetStat 2014-09-11 18:36 - 2014-09-11 18:44 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\SmootherWeb 2014-09-11 00:45 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-11 00:45 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 00:45 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-11 00:45 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-11 00:45 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-11 00:45 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-11 00:45 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-11 00:45 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-11 00:45 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-11 00:45 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-11 00:45 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-11 00:45 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-11 00:45 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-11 00:45 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-11 00:45 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-11 00:45 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-11 00:45 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 00:45 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-11 00:45 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-11 00:45 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-11 00:45 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 00:45 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-11 00:45 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 00:45 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 00:45 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-11 00:45 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-11 00:45 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-11 00:45 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-11 00:45 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 00:45 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 00:45 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 00:45 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-11 00:45 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-11 00:45 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-11 00:45 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-11 00:45 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 00:45 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-11 00:45 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 00:45 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 00:45 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-11 00:45 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-11 00:45 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-11 00:45 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 00:45 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 00:45 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 00:45 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-11 00:45 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-11 00:45 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-11 00:45 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-11 00:45 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 00:36 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 00:36 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-10 23:33 - 2014-09-10 23:33 - 00001027 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-09-10 23:16 - 2014-09-11 18:08 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-09-10 23:03 - 2014-09-10 23:16 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-09-10 21:08 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-10 21:08 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-10 21:08 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-10 21:08 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-10 21:07 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-10 21:07 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-10 21:07 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 21:07 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 21:07 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-10 21:07 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-10 21:07 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-10 20:25 - 2014-06-16 08:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-09-10 20:25 - 2014-06-16 08:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2014-09-07 23:07 - 2014-09-07 23:07 - 00360448 _____ () C:\Users\BonZZai\Desktop\HWID-Generator(1).exe 2014-09-07 22:07 - 2014-09-10 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2014-09-07 22:05 - 2014-09-10 22:58 - 00000000 ____D () C:\Users\BonZZai\Desktop\bot 2014-09-07 22:04 - 2014-09-07 22:04 - 01101648 _____ () C:\Users\BonZZai\Downloads\Virtual Audio Cable - CHIP-Installer.exe 2014-09-07 22:04 - 2014-09-07 22:04 - 00279379 _____ () C:\Users\BonZZai\Downloads\VirtualAudioCable409.zip 2014-09-07 21:59 - 2014-09-10 23:41 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\foobar2000 2014-09-07 21:59 - 2014-09-10 23:33 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk 2014-09-07 21:59 - 2014-09-10 23:33 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-09-07 21:58 - 2014-09-07 21:58 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer(1).exe 2014-09-07 21:56 - 2014-09-07 21:56 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer.exe 2014-09-02 19:07 - 2014-09-02 19:11 - 07560704 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe 2014-08-27 21:39 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-27 21:39 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-27 21:39 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-26 04:21 - 2014-08-26 04:21 - 00062690 _____ () C:\Users\BonZZai\Downloads\MLB PRESET PACK.rar 2014-08-26 02:00 - 2014-08-26 02:02 - 177148588 _____ () C:\Users\BonZZai\Downloads\Editing pack.zip 2014-08-24 02:03 - 2014-08-24 02:06 - 949016928 _____ () C:\Users\BonZZai\Downloads\JuicyMT2 Client 2014 (PvP-Fun).rar 2014-08-23 20:58 - 2014-08-24 02:07 - 00000000 ____D () C:\Users\BonZZai\Desktop\materia 2014-08-23 20:57 - 2014-08-23 21:09 - 847967621 _____ () C:\Users\BonZZai\Downloads\METERIA2.rar 2014-08-23 20:57 - 2014-08-23 20:57 - 00305895 _____ () C:\Users\BonZZai\Downloads\Meteria2_Patch_04.08.14.rar 2014-08-22 15:57 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-22 15:57 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-22 15:57 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-22 15:57 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-22 15:57 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-22 15:57 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-22 15:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-22 15:57 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-22 15:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2087-01-13 02:31 - 2087-01-13 02:31 - 00000000 ____D () C:\ProgramData\eSellerate 2050-01-01 02:12 - 2050-01-01 01:59 - 00001686 _____ () C:\Users\BonZZai\AppData\Local\Cracklock.settings 2050-01-01 02:04 - 2050-01-01 02:04 - 00003218 _____ () C:\Windows\System32\Tasks\{E5B542E3-C766-40FD-BDEE-1AA277504F6C} 2014-09-21 04:03 - 2014-09-21 04:03 - 00029426 _____ () C:\Users\BonZZai\Downloads\FRST.txt 2014-09-21 04:03 - 2014-09-21 04:03 - 00000000 ____D () C:\FRST 2014-09-21 04:03 - 2014-09-21 04:02 - 02105856 _____ (Farbar) C:\Users\BonZZai\Downloads\FRST64.exe 2014-09-21 03:59 - 2013-03-01 00:01 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\TS3Client 2014-09-21 03:58 - 2013-03-16 06:48 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\vlc 2014-09-21 03:55 - 2009-07-14 06:45 - 00047008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-21 03:55 - 2009-07-14 06:45 - 00047008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-21 03:54 - 2014-03-02 16:51 - 00000000 ____D () C:\Program Files (x86)\iSafe 2014-09-21 03:52 - 2011-04-12 09:43 - 09196806 _____ () C:\Windows\system32\perfh007.dat 2014-09-21 03:52 - 2011-04-12 09:43 - 02802954 _____ () C:\Windows\system32\perfc007.dat 2014-09-21 03:52 - 2009-07-14 07:13 - 00006260 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-21 03:51 - 2012-12-21 20:43 - 01225609 _____ () C:\Windows\WindowsUpdate.log 2014-09-21 03:50 - 2013-10-30 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-21 03:50 - 2012-12-21 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-21 03:49 - 2014-04-21 22:04 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Skype 2014-09-21 03:48 - 2014-09-12 15:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-21 03:46 - 2013-12-07 22:43 - 01751890 _____ () C:\Windows\PFRO.log 2014-09-21 03:46 - 2013-12-07 22:43 - 00041370 _____ () C:\Windows\setupact.log 2014-09-21 03:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-21 03:30 - 2013-05-03 16:29 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA.job 2014-09-21 03:19 - 2012-12-22 03:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-21 03:12 - 2013-03-13 01:07 - 00000000 ____D () C:\Program Files (x86)\Metin2 2014-09-21 02:04 - 2013-04-21 21:04 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\PerformerSoft 2014-09-21 01:29 - 2014-09-21 01:09 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Systweak 2014-09-21 01:14 - 2014-09-21 01:14 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\EurekaLab s.a.s 2014-09-21 01:14 - 2009-07-14 04:34 - 00000568 _____ () C:\Windows\win.ini 2014-09-21 01:11 - 2014-09-21 01:11 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\dlg 2014-09-21 01:11 - 2012-12-21 22:30 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-21 01:11 - 2012-12-21 22:30 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-09-21 01:08 - 2014-09-21 01:08 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox(1).exe 2014-09-21 01:07 - 2014-09-21 01:07 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox.exe 2014-09-21 01:04 - 2013-03-07 19:16 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\CrashDumps 2014-09-21 01:02 - 2014-09-21 01:02 - 00004034 _____ () C:\Windows\System32\Tasks\LaunchSignup 2014-09-21 01:02 - 2014-09-21 01:02 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Video Performer 2014-09-21 00:39 - 2014-09-21 00:32 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00803636 _____ () C:\Users\BonZZai\Downloads\RegpairSetup.exe 2014-09-21 00:32 - 2014-09-21 00:32 - 00001027 _____ () C:\Users\BonZZai\Desktop\Free Window Registry Repair.lnk 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-20 22:30 - 2013-05-03 16:29 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core.job 2014-09-20 02:13 - 2013-05-02 01:56 - 00000000 ____D () C:\Users\BonZZai\Desktop\YOUTUBE 2014-09-19 23:09 - 2014-09-19 23:09 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2014-09-19 23:09 - 2014-09-19 23:09 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2014-09-19 23:08 - 2013-07-08 03:29 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-19 23:07 - 2012-12-22 03:14 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-09-19 23:04 - 2012-12-22 03:16 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Adobe 2014-09-19 23:03 - 2014-09-19 23:03 - 00007598 _____ () C:\Users\BonZZai\AppData\Local\Resmon.ResmonCfg 2014-09-19 22:53 - 2014-08-01 12:48 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-09-19 20:33 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\ShellNew 2014-09-19 19:40 - 2014-09-19 19:40 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411148449 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-19 19:23 - 2014-01-24 17:49 - 00000404 _____ () C:\Windows\Tasks\PC Health Advisor Defrag.job 2014-09-19 19:23 - 2014-01-24 17:49 - 00000386 _____ () C:\Windows\Tasks\PC Health Advisor.job 2014-09-19 19:11 - 2014-04-03 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2014-09-19 19:11 - 2014-04-03 19:42 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-09-19 19:09 - 2014-09-19 19:09 - 00001260 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller.lnk 2014-09-19 19:09 - 2014-09-19 19:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-19 19:09 - 2013-04-08 00:30 - 00000000 ____D () C:\Program Files (x86)\Azureus 2014-09-19 19:07 - 2014-09-19 19:07 - 01101648 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller - CHIP-Installer.exe 2014-09-19 18:59 - 2014-01-24 17:49 - 00003304 _____ () C:\Windows\System32\Tasks\PC Health Advisor 2014-09-19 18:59 - 2014-01-24 17:49 - 00003284 _____ () C:\Windows\System32\Tasks\PC Health Advisor Defrag 2014-09-19 18:58 - 2012-12-21 21:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-19 18:00 - 2014-01-24 17:49 - 00000472 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job 2014-09-19 16:16 - 2014-05-21 00:36 - 00000000 ____D () C:\Users\BonZZai\Desktop\Splitter - Kopie - Kopie 2014-09-19 15:46 - 2014-09-19 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-19 15:46 - 2014-04-21 22:04 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-09-19 15:46 - 2014-04-21 22:04 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-09-19 15:46 - 2013-02-24 01:05 - 00000000 ____D () C:\ProgramData\Skype 2014-09-19 01:21 - 2014-01-24 17:49 - 00000446 _____ () C:\Windows\Tasks\ParetoLogic Update Version3.job 2014-09-17 00:16 - 2014-03-04 03:31 - 00000000 ____D () C:\Users\BonZZai\Desktop\yttt 2014-09-17 00:07 - 2014-09-17 00:06 - 02297624 _____ () C:\Users\BonZZai\Desktop\Metin2 Sycorax ,Hurensohn wird im TS Rassiert xTwinBlade.mp3.sfk 2014-09-16 20:49 - 2014-07-21 14:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-09-16 03:38 - 2014-09-16 03:38 - 07566336 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe 2014-09-15 22:07 - 2014-09-15 21:30 - 114649879 _____ () C:\Users\BonZZai\Downloads\m2kmod_3.0.1.zip 2014-09-12 15:50 - 2014-09-12 15:50 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-12 03:37 - 2013-03-08 23:53 - 00004608 _____ () C:\Users\BonZZai\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-11 23:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-11 19:02 - 2014-09-11 19:02 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\RocketTab 2014-09-11 18:44 - 2014-09-11 18:37 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\InetStat 2014-09-11 18:44 - 2014-09-11 18:36 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\SmootherWeb 2014-09-11 18:08 - 2014-09-10 23:16 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-09-11 00:43 - 2014-04-12 03:00 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2014-09-11 00:43 - 2013-07-12 03:59 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-11 00:43 - 2013-06-27 16:50 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-09-11 00:43 - 2013-06-27 16:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-09-11 00:43 - 2013-06-27 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-09-11 00:36 - 2012-12-21 22:36 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-11 00:35 - 2014-05-07 01:11 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-10 23:41 - 2014-09-07 21:59 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\foobar2000 2014-09-10 23:33 - 2014-09-10 23:33 - 00001027 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-09-10 23:33 - 2014-09-07 21:59 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk 2014-09-10 23:33 - 2014-09-07 21:59 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-09-10 23:16 - 2014-09-10 23:03 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-09-10 23:03 - 2014-09-07 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2014-09-10 22:58 - 2014-09-07 22:05 - 00000000 ____D () C:\Users\BonZZai\Desktop\bot 2014-09-10 13:19 - 2012-12-22 03:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-10 13:19 - 2012-12-22 03:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-10 13:19 - 2012-12-22 03:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-08 22:46 - 2013-10-25 22:03 - 00001715 _____ () C:\Users\BonZZai\Desktop\ACC Daten.txt 2014-09-07 23:07 - 2014-09-07 23:07 - 00360448 _____ () C:\Users\BonZZai\Desktop\HWID-Generator(1).exe 2014-09-07 22:04 - 2014-09-07 22:04 - 01101648 _____ () C:\Users\BonZZai\Downloads\Virtual Audio Cable - CHIP-Installer.exe 2014-09-07 22:04 - 2014-09-07 22:04 - 00279379 _____ () C:\Users\BonZZai\Downloads\VirtualAudioCable409.zip 2014-09-07 21:58 - 2014-09-07 21:58 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer(1).exe 2014-09-07 21:56 - 2014-09-07 21:56 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer.exe 2014-09-05 04:10 - 2014-09-10 21:07 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-05 04:05 - 2014-09-10 21:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-03 21:58 - 2012-12-21 21:52 - 00000000 ____D () C:\Temp 2014-09-03 21:52 - 2013-07-29 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2014-09-03 21:52 - 2013-07-29 17:25 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive 2014-09-02 19:11 - 2014-09-02 19:07 - 07560704 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe 2014-08-28 18:42 - 2013-12-07 22:43 - 04933592 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-26 04:21 - 2014-08-26 04:21 - 00062690 _____ () C:\Users\BonZZai\Downloads\MLB PRESET PACK.rar 2014-08-26 02:08 - 2014-04-25 19:33 - 00000000 ____D () C:\Users\BonZZai\Desktop\^^^^^^^^^^ 2014-08-26 02:02 - 2014-08-26 02:00 - 177148588 _____ () C:\Users\BonZZai\Downloads\Editing pack.zip 2014-08-24 02:07 - 2014-08-23 20:58 - 00000000 ____D () C:\Users\BonZZai\Desktop\materia 2014-08-24 02:06 - 2014-08-24 02:03 - 949016928 _____ () C:\Users\BonZZai\Downloads\JuicyMT2 Client 2014 (PvP-Fun).rar 2014-08-23 21:09 - 2014-08-23 20:57 - 847967621 _____ () C:\Users\BonZZai\Downloads\METERIA2.rar 2014-08-23 20:57 - 2014-08-23 20:57 - 00305895 _____ () C:\Users\BonZZai\Downloads\Meteria2_Patch_04.08.14.rar 2014-08-23 04:07 - 2014-08-27 21:39 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-27 21:39 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-27 21:39 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys Files to move or delete: ==================== C:\Users\BonZZai\dpinst.exe C:\Users\BonZZai\Setup.exe Some content of TEMP: ==================== C:\Users\BonZZai\AppData\Local\Temp\AAMHelper.exe C:\Users\BonZZai\AppData\Local\Temp\AdobeApplicationManager.exe C:\Users\BonZZai\AppData\Local\Temp\CloudBackup6915.exe C:\Users\BonZZai\AppData\Local\Temp\sfamcc00001.dll C:\Users\BonZZai\AppData\Local\Temp\sfareca00001.dll C:\Users\BonZZai\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-11 23:19 ==================== End Of Log ============================ |
|
21.09.2014, 03:13
| #4 |
| | Internet langsam seit Änderung durch TuneUp UtilitiesCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by BonZZai at 2014-09-21 04:03:53
Running from C:\Users\BonZZai\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.12 - Advanced Micro Devices, Inc.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Atheros Communications Inc.)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.3.30498 - Ask.com) <==== ATTENTION
AVS Image Converter 2.3.1.244 (HKLM-x32\...\AVS Image Converter_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.3.492 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Driver Genius (HKLM-x32\...\Driver Genius_is1) (Version: 14.0 - Driver-Soft Inc.)
Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: 11.0 - Driver-Soft Inc.)
Driver Operating Service (HKCU\...\9b8aaf488bf6380a) (Version: 1.0.0.86 - Driver Operating Service)
FLV Media Player version 1.3 (HKLM-x32\...\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1) (Version: 1.3 - FLVMPlayer)
foobar2000 v1.3.4 beta 2 (HKLM-x32\...\foobar2000) (Version: 1.3.4 beta 2 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Driver Scout (HKLM-x32\...\{36e136d1-209a-4733-9b4e-bcfa2797265a}) (Version: 1.0.0.101 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.101 - Covus Freemium) Hidden
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version: - )
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.9.0.1001 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
ISY USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.14 - ISY)
ISY USB Wireless Adapter (x32 Version: 1.0.0.14 - ISY) Hidden
JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team)
Java 7 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417040FF}) (Version: 7.0.400 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
K-Lite Mega Codec Pack 10.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Magic Bullet Looks Vegas (HKLM-x32\...\Magic Bullet Looks Vegas) (Version: - )
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{7C419638-A20F-441A-8FE0-9D9724B1A793}) (Version: 11.4.3 - Red Giant Software)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (Version: 11.4.3 - Red Giant Software) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version: - )
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: - )
NewBlue 3D Transformations for Vegas (HKLM-x32\...\NewBlue 3D Transformations for Vegas) (Version: - )
NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version: - )
NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version: - )
NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version: - )
NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version: - )
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: - )
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version: - )
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: - )
NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version: - )
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: - )
NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version: - )
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: - )
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: - )
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: - )
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 24.0.1558.61 (HKLM-x32\...\Opera 24.0.1558.61) (Version: 24.0.1558.61 - Opera Software ASA)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.1.6.0 - ParetoLogic, Inc.)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Protegere (HKLM-x32\...\Protegere) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.8.100.5 - Red Giant, LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
Shutdown7 1.9 (HKLM-x32\...\Shutdown7 1.9) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SmootherWeb (HKCU Version: 1.0 - SmootherWeb LLC) Hidden
Snap.Do (HKLM-x32\...\{DB710586-8497-4D04-871C-969CE72F0060}) (Version: 11.6.1.13233 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKCU\...\{c23e40be-29a9-47a5-b46d-2067a25d2956}) (Version: 11.6.1.13233 - ReSoft Ltd.) <==== ATTENTION
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SweetIM for Messenger 3.7 (HKLM-x32\...\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}) (Version: 3.7.0007 - SweetIM Technologies Ltd.) <==== ATTENTION
SweetPacks bundle uninstaller (HKLM-x32\...\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}) (Version: 1.0.0001 - SweetIM Technologies Ltd.) <==== ATTENTION
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.143 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.143 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Video Performer (HKCU\...\Video Performer) (Version: - PerformerSoft LLC) <==== ATTENTION
VideoPlayer v2.0.6 (HKLM-x32\...\VideoPlayer) (Version: v2.0.6 - TUGUU SL) <==== ATTENTION
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
Virtual Audio Cable 4.9 (HKLM\...\Virtual Audio Cable 4.9) (Version: - )
VIS (HKLM-x32\...\VIS) (Version: - ) <==== ATTENTION
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
YAC (HKLM-x32\...\iSafe) (Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
10-09-2014 21:03:37 Gerätetreiber-Paketinstallation: EuMus Design Audio-, Video- und Gamecontroller
10-09-2014 22:35:44 Windows Update
16-09-2014 18:59:31 Windows Update
19-09-2014 16:57:15 Removed PriceSparrow
19-09-2014 17:00:01 TuneUp Utilities 2014 wird entfernt
19-09-2014 17:03:56 TuneUp Utilities 2014 wird entfernt
19-09-2014 17:06:21 TuneUp Utilities 2014 wird entfernt
19-09-2014 17:09:38 Revo Uninstaller's restore point - Azureus
19-09-2014 17:11:11 Revo Uninstaller's restore point - AVS4YOU Software Navigator 1.4
19-09-2014 21:08:07 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
19-09-2014 21:08:41 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
20-09-2014 23:36:45 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A84BFA0-E537-4691-B649-5C454BCDD6F0} - System32\Tasks\Driver Whiz-RTMScan => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
Task: {0B159648-241A-4EFC-A2EB-F90E964B9326} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
Task: {0EC81E02-CA59-4C98-871E-1D4C08E5681F} - System32\Tasks\DriverBoost-RTMRules => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {14ADD527-F516-48DB-86D5-D9D37FF15921} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {23EC4C4D-C257-4728-B5DF-71D20F60321F} - System32\Tasks\Driver Whiz-RTMUpdater => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
Task: {2C1E2974-6CB5-410C-A21D-45C549B5F601} - \DealPly No Task File <==== ATTENTION
Task: {38EDEB92-7804-4FE4-B1BE-B6C8C3CD067F} - System32\Tasks\{FBB67B26-EADD-41C8-B6EF-6B883B96CD45} => C:\Program Files\Sony\Vegas Pro 12.0\vegas120.exe [2014-01-29] (Sony Creative Software Inc.)
Task: {39DF60BE-A0EC-4A1D-97AE-5B56F083DFA5} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {420DD3D8-D1F1-44E1-A877-FB64917485FB} - \EPUpdater No Task File <==== ATTENTION
Task: {42F64D4E-A233-4C93-A050-B27C9F422903} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-08-29] ()
Task: {44D4F1C2-C584-4347-B248-861265E773EB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {48A09266-F648-49C7-878C-9AAFF04E537C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {4984265D-5453-494B-A313-5C25C39F7A7C} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2013-05-21] ()
Task: {49AA0246-EDE4-423E-B9E9-11DD31AC507A} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {4C3CD782-7BCB-4A3C-8248-D299E9AF26BB} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {4E684193-0DE3-477E-9110-315DB359E44A} - System32\Tasks\DriverBoost-RTMUpdater => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {5846F0EA-6C84-4254-9C79-791E5F2F472D} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-09-11] ()
Task: {594C965F-7F78-417C-A0C1-CB08A8B29158} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {5F969B3A-0F06-4DFB-8941-AD17E17A67F2} - System32\Tasks\DriverBoost-RTMScan => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {6537EE7A-DB9C-4D91-A9A4-4C7D9F4DFEE4} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {6E7698E5-4776-4038-8679-F8C85B99B09B} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {71BDB438-03D5-4C35-8189-57A269D6A305} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {76A60078-444B-428C-98E4-0C1C0843364B} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION
Task: {78F74A29-C505-4825-B37D-98866F55329E} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {88FC76A0-F244-482F-919E-BB0983BC13DF} - System32\Tasks\Driver Whiz-RTMRules => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
Task: {8D754980-48CF-4BAA-A85F-1DF2B3876A60} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2014-07-10] (ParetoLogic, Inc.)
Task: {91D4E94E-0C74-4EDB-9002-EF8914151DD9} - \RocketTab No Task File <==== ATTENTION
Task: {99BE8DC6-EB48-43B1-BE5F-41F19E70545E} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {A34E7C70-2BAD-42B7-8BC7-7367725B2171} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {A701A61E-E000-4FA1-BF1F-237A8C75BF5D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {AA40D05A-54C6-4FC7-995B-28392A488DE4} - System32\Tasks\SomotoUpdateCheckerAutoStart => C:\Users\BonZZai\AppData\Local\FilesFrog Update Checker\update_checker.exe <==== ATTENTION
Task: {AE4A772A-0C52-42E9-BE44-DD9A57F633C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {BC96EE73-C683-4F1D-AF06-8FBD4144C138} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20] ()
Task: {BD450A89-7C4C-487D-8F9E-4D0D71A686EE} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-05-21] ()
Task: {C0FFBCAA-3DCD-4019-9C8C-59C4DB6E9499} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {C4293AF3-A7B1-41F4-9764-CB09A93E18CB} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {CA988209-9674-4A49-BBB7-0428DD9C0A5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {D007FAFD-88DD-4190-BC1A-D046EC746F72} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {D623AB56-FBE1-419A-B9DA-6F011BF85933} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2014-07-10] (ParetoLogic, Inc.)
Task: {DCD007F2-0016-4788-B36A-34A0D28561EF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {DE9CAEF2-C2A2-4421-8126-D17150656D87} - System32\Tasks\Opera scheduled Autoupdate 1411148449 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-12] (Opera Software)
Task: {E089DB2A-D720-4E98-A761-C3DFA1DFB0F3} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {E451187D-C1BB-4779-9D4F-9393B23E7414} - System32\Tasks\Google Updater and Installer => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {EDA874AA-0AC2-4BE1-94B7-C6D85DF1398D} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2014-08-13] ()
Task: {EF16BFF5-81F0-4DD6-A3C3-4E486180A791} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {EF606A92-F7CC-47E9-98D3-DD0AB19D4809} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {FB0C2965-6B53-43BA-92FE-BA06B7F13B12} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core.job => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA.job => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
==================== Loaded Modules (whitelisted) =============
2014-08-15 00:19 - 2014-09-12 15:49 - 00040960 _____ () C:\Users\BonZZai\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
2014-01-03 22:22 - 2012-11-14 22:22 - 00078456 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-01-03 22:22 - 2012-11-14 22:22 - 00386168 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-10-29 12:08 - 2014-08-07 22:11 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-10-29 12:08 - 2014-08-07 22:11 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2012-10-29 12:08 - 2014-08-07 22:11 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-10 23:39 - 2014-08-07 22:11 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-03-02 16:51 - 2013-12-02 08:56 - 00068432 _____ () C:\Program Files (x86)\iSafe\tws\zlib1.dll
2014-03-02 16:51 - 2013-12-12 04:28 - 00087744 _____ () C:\Program Files (x86)\iSafe\tws\unacev2.dll
2014-03-02 16:51 - 2014-01-09 11:43 - 00185000 _____ () C:\Program Files (x86)\iSafe\libpng.dll
2014-07-03 06:45 - 2014-07-03 06:45 - 32733056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2013-10-30 19:53 - 2014-09-21 03:50 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00113171 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 02396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00268307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00031251 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00066579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 02021395 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00100371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00240659 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00076307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00045587 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00060947 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00531475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00708627 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00114195 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00040467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00133139 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01512467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00296979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01248787 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00054291 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00038419 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00189971 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 11148307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00036371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00116755 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00383507 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00118803 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00021011 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00291859 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00017939 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 01280019 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00336403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00344595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00198675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00027155 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00015891 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 01371667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00146451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00022035 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00733203 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00026131 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00171027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 10396179 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00724499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00026643 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00555027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00113683 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00053779 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00016915 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00032275 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00020499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00067091 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2014-02-05 03:32 - 2014-02-05 03:32 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-02-05 03:31 - 2014-02-05 03:31 - 01496083 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2014-09-10 13:19 - 2014-09-10 13:19 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/21/2014 03:47:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/21/2014 01:14:40 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (6F79FB1E) (80131506).
Error: (09/21/2014 01:14:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 01:03:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: install_helper_IE.exe, Version: 0.0.0.0, Zeitstempel: 0x52dfe8d2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00066fbb
ID des fehlerhaften Prozesses: 0x1c1c
Startzeit der fehlerhaften Anwendung: 0xinstall_helper_IE.exe0
Pfad der fehlerhaften Anwendung: install_helper_IE.exe1
Pfad des fehlerhaften Moduls: install_helper_IE.exe2
Berichtskennung: install_helper_IE.exe3
System errors:
=============
Error: (09/21/2014 03:50:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/21/2014 03:50:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Management and Security Application Local Management Service erreicht.
Error: (09/21/2014 03:50:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/21/2014 03:48:19 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Skype Click to Call PNR Service" wurde nicht richtig gestartet.
Error: (09/21/2014 03:46:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/21/2014 03:46:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AddonsHelper" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (09/21/2014 01:18:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/21/2014 01:18:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Management and Security Application Local Management Service erreicht.
Error: (09/21/2014 01:15:59 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Skype Click to Call PNR Service" wurde nicht richtig gestartet.
Error: (09/21/2014 01:14:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/21/2014 03:47:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/21/2014 01:14:40 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (6F79FB1E) (80131506).
Error: (09/21/2014 01:14:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 01:03:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: install_helper_IE.exe0.0.0.052dfe8d2ntdll.dll6.1.7601.18247521ea8e7c000000500066fbb1c1c01cfd527280ebcedC:\Users\BonZZai\AppData\Local\speedtest211\install_helper_IE.exeC:\Windows\SysWOW64\ntdll.dll65bf0104-411a-11e4-8b93-3085a9f78590
CodeIntegrity Errors:
===================================
Date: 2014-09-10 11:54:05.313
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-10 11:54:05.188
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-09 18:16:12.856
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-09 18:16:12.731
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 20:48:30.472
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 20:48:30.347
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-07 22:08:22.612
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-07 22:08:22.537
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 33%
Total physical RAM: 8144.43 MB
Available physical RAM: 5425.99 MB
Total Pagefile: 16587.05 MB
Available Pagefile: 13587.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:666.32 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 667C083D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter MiniToolBox by Farbar Version: 21-07-2014
Ran by BonZZai (administrator) on 21-09-2014 at 04:06:38
Running from "C:\Users\BonZZai\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
========================= FF Proxy Settings: ==============================
========================= Hosts content: =================================
========================= IP Configuration: ================================
N150 WLAN N USB-Adapter = Drahtlosnetzwerkverbindung 3 (Connected)
Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = LAN-Verbindung (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Drahtlosnetzwerkverbindung 5 (Media disconnected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
set global defaultcurhoplimit=64 icmpredirects=enabled
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : BonZZai-PC
Prim�res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : fritz.box
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 5:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #3
Physikalische Adresse . . . . . . : EC-1A-59-52-79-87
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 3:
Verbindungsspezifisches DNS-Suffix: fritz.box
Beschreibung. . . . . . . . . . . : N150 WLAN N USB-Adapter #2
Physikalische Adresse . . . . . . : EC-1A-59-52-79-87
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::4c2d:7eca:8e25:6fea%16(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.178.24(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Sonntag, 21. September 2014 03:46:50
Lease l�uft ab. . . . . . . . . . : Mittwoch, 1. Oktober 2014 03:46:54
Standardgateway . . . . . . . . . : 192.168.178.1
DHCP-Server . . . . . . . . . . . : 192.168.178.1
DHCPv6-IAID . . . . . . . . . . . : 283908697
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-18-66-74-BD-30-85-A9-F7-85-90
DNS-Server . . . . . . . . . . . : 192.168.178.1
NetBIOS �ber TCP/IP . . . . . . . : Aktiviert
Ethernet-Adapter LAN-Verbindung:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Physikalische Adresse . . . . . . : 30-85-A9-F7-85-90
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Server: fritz.box
Address: 192.168.178.1
Name: google.com
Addresses: 2a00:1450:4005:800::1003
173.194.39.3
173.194.39.4
173.194.39.5
173.194.39.6
173.194.39.7
173.194.39.8
173.194.39.9
173.194.39.14
173.194.39.0
173.194.39.1
173.194.39.2
Ping wird ausgef�hrt f�r google.com [173.194.39.3] mit 32 Bytes Daten:
Antwort von 173.194.39.3: Bytes=32 Zeit=32ms TTL=55
Antwort von 173.194.39.3: Bytes=32 Zeit=33ms TTL=55
Ping-Statistik f�r 173.194.39.3:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 32ms, Maximum = 33ms, Mittelwert = 32ms
Server: fritz.box
Address: 192.168.178.1
Name: yahoo.com
Addresses: 98.139.183.24
206.190.36.45
98.138.253.109
Ping wird ausgef�hrt f�r yahoo.com [98.139.183.24] mit 32 Bytes Daten:
Antwort von 98.139.183.24: Bytes=32 Zeit=119ms TTL=49
Antwort von 98.139.183.24: Bytes=32 Zeit=118ms TTL=49
Ping-Statistik f�r 98.139.183.24:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 118ms, Maximum = 119ms, Mittelwert = 118ms
Ping wird ausgef�hrt f�r 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=64
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=64
Ping-Statistik f�r 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
17...ec 1a 59 52 79 87 ......Microsoft Virtual WiFi Miniport Adapter #3
16...ec 1a 59 52 79 87 ......N150 WLAN N USB-Adapter #2
11...30 85 a9 f7 85 90 ......Qualcomm Atheros AR8161/8165 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
1...........................Software Loopback Interface 1
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.178.1 192.168.178.24 25
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.178.0 255.255.255.0 Auf Verbindung 192.168.178.24 281
192.168.178.24 255.255.255.255 Auf Verbindung 192.168.178.24 281
192.168.178.255 255.255.255.255 Auf Verbindung 192.168.178.24 281
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.178.24 281
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.178.24 281
===========================================================================
St�ndige Routen:
Keine
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
1 306 ::1/128 Auf Verbindung
16 281 fe80::/64 Auf Verbindung
16 281 fe80::4c2d:7eca:8e25:6fea/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
16 281 ff00::/8 Auf Verbindung
===========================================================================
St�ndige Routen:
Keine
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/21/2014 03:47:01 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/21/2014 01:14:40 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (6F79FB1E) (80131506).
Error: (09/21/2014 01:14:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 01:03:56 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: install_helper_IE.exe, Version: 0.0.0.0, Zeitstempel: 0x52dfe8d2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00066fbb
ID des fehlerhaften Prozesses: 0x1c1c
Startzeit der fehlerhaften Anwendung: 0xinstall_helper_IE.exe0
Pfad der fehlerhaften Anwendung: install_helper_IE.exe1
Pfad des fehlerhaften Moduls: install_helper_IE.exe2
Berichtskennung: install_helper_IE.exe3
System errors:
=============
Error: (09/21/2014 03:50:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/21/2014 03:50:27 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Management and Security Application Local Management Service erreicht.
Error: (09/21/2014 03:50:18 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Computer Backup (MyPC Backup)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/21/2014 03:48:19 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Skype Click to Call PNR Service" wurde nicht richtig gestartet.
Error: (09/21/2014 03:46:58 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/21/2014 03:46:49 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AddonsHelper" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (09/21/2014 01:18:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/21/2014 01:18:15 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Management and Security Application Local Management Service erreicht.
Error: (09/21/2014 01:15:59 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Skype Click to Call PNR Service" wurde nicht richtig gestartet.
Error: (09/21/2014 01:14:37 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/21/2014 03:52:52 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/21/2014 03:47:01 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/21/2014 01:19:33 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/21/2014 01:14:40 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 2.0.50727.5485 - Schwerwiegender Fehler im Ausführungsmodul (6F79FB1E) (80131506).
Error: (09/21/2014 01:14:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/21/2014 01:03:56 AM) (Source: Application Error)(User: )
Description: install_helper_IE.exe0.0.0.052dfe8d2ntdll.dll6.1.7601.18247521ea8e7c000000500066fbb1c1c01cfd527280ebcedC:\Users\BonZZai\AppData\Local\speedtest211\install_helper_IE.exeC:\Windows\SysWOW64\ntdll.dll65bf0104-411a-11e4-8b93-3085a9f78590
CodeIntegrity Errors:
===================================
Date: 2014-09-10 11:54:05.313
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-10 11:54:05.188
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-09 18:16:12.856
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-09 18:16:12.731
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 20:48:30.472
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 20:48:30.347
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-07 22:08:22.612
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-07 22:08:22.537
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
========================= Devices: ================================
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
**** End of log ****
|
|
21.09.2014, 07:54
| #5 |
| Ruhe in Frieden † 2019 | Internet langsam seit Änderung durch TuneUp Utilities Hallo Schritt 1 Bitte deinstalliere folgende Programme (falls vorhanden) : Avira SearchFree Toolbar plus Web Protection Updater Java 7 Update 40 Java 7 Update 45 Protegere Snap.Do Snap.Do Engine Snap.Do Engine SweetIM for Messenger 3.7 SweetPacks bundle uninstaller Update Manager for SweetPacks 1.1 Updater Video Performer VideoPlayer v2.0.6 VIS YAC Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus. Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 4 Starte noch einmal FRST.
|
|
21.09.2014, 16:44
| #6 |
| | Internet langsam seit Änderung durch TuneUp UtilitiesCode:
ATTFilter # AdwCleaner v3.310 - Bericht erstellt am 21/09/2014 um 17:22:44
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : BonZZai - BONZZAI-PC
# Gestartet von : C:\Users\BonZZai\Downloads\AdwCleaner_3.310.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : AddonsHelper
Dienst Gelöscht : SearchAnonymizer
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Conduit
Ordner Gelöscht : C:\ProgramData\DNSErrorHelper
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\ProgramData\Uniblue
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Delta
Ordner Gelöscht : C:\Program Files (x86)\driver-soft
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\ParetoLogic
Ordner Gelöscht : C:\Program Files (x86)\pc speed up
Ordner Gelöscht : C:\Program Files (x86)\raving reyven
Ordner Gelöscht : C:\Program Files (x86)\SiteLookup
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Program Files (x86)\Common Files\ParetoLogic
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Program Files\SoftwareUpdater
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\apn
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\emaze
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\eSupport.com
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\genienext
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\lollipop
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\RocketTab
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\Software Updater
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\Temp\raving reyven
Ordner Gelöscht : C:\Users\BonZZai\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\BonZZai\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\BonZZai\AppData\LocalLow\Minibar
Ordner Gelöscht : C:\Users\BonZZai\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\BonZZai\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\BonZZai\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\Desk 365
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\Driver Pro
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\eCyber
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\eIntaller
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\ExpressFiles
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\goforfiles
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\HELPER
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\iSafe
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\pccustubinstaller
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\SearchProtect
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\Security System 2
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\SimplyTech
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\SmootherWeb
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\Software Updater
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Ordner Gelöscht : C:\Users\BonZZai\Documents\Mobogenie
Ordner Gelöscht : C:\Users\BonZZai\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Smartbar
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\CT3322950
Ordner Gelöscht : C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{afa59d4f-18ec-4866-949b-f406270e15cb}
Ordner Gelöscht : C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf
Datei Gelöscht : C:\Windows\System32\log\iSafeKrnlCall.log
Datei Gelöscht : C:\Users\BonZZai\daemonprocess.txt
Datei Gelöscht : C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\invalidprefs.js
Datei Gelöscht : C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\safeguard-secure-search.xml
Datei Gelöscht : C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\search.xml
***** [ Tasks ] *****
Task Gelöscht : BackgroundContainer Startup Task
Task Gelöscht : BrowserProtect
Task Gelöscht : Dealply
Task Gelöscht : Desk 365 RunAsStdUser
Task Gelöscht : EPUpdater
Task Gelöscht : Express FilesUpdate
Task Gelöscht : FreeDriverScout
Task Gelöscht : GoforFilesUpdate
Task Gelöscht : LaunchSignup
Task Gelöscht : paretologic registration3
Task Gelöscht : paretologic update version3
Task Gelöscht : PC Health Advisor Defrag
Task Gelöscht : PC Health Advisor
Task Gelöscht : RocketTab Update Task
Task Gelöscht : RocketTab
Task Gelöscht : Scheduled Update for Ask Toolbar
Task Gelöscht : Software Updater Ui
Task Gelöscht : Software Updater
Task Gelöscht : SomotoUpdateCheckerAutoStart
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [happylyrics@hpyproductions.net]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ealchnonpofjocgofjpopjdoegbbkofj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fgibjgmnimooanbagcfpnkmngejcojaf
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [smoother]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GutscheinCodes.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKCU\Software\5a6d88bbc3cb913
Schlüssel Gelöscht : HKLM\SOFTWARE\5a6d88bbc3cb913
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_funny-voice_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_funny-voice_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_morphvox(1)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_morphvox(1)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_morphvox(2)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_morphvox(2)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{58B41DCD-55B2-48EB-A55A-E330070FFC00}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{59279625-EFF0-4F55-98F0-51EDDD800DD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1E44819B-54E1-411B-9D9F-38D7B913BCF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9B6B03F1-16CF-4491-BBBB-E872802DD717}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1EC45B2-B5F7-4B87-955E-E97F778ACAE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B71E4FEB-89F8-4ACB-A60F-A7DE399119AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C46EFEA4-B0F3-428B-9E77-650E3634EC56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322342234}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9B6B03F1-16CF-4491-BBBB-E872802DD717}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{310D38FE-EB4C-467C-8781-B7C2AEB7847D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9B6B03F1-16CF-4491-BBBB-E872802DD717}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5882DB3D-175D-4CDC-A030-1B7EC2BC8EC6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061FB-EB79-4568-A03C-3CE26D68DAE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061FB-EB79-4568-A03C-3CE26D68DAE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122257}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126657}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346634}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\Driver Pro
Schlüssel Gelöscht : HKCU\Software\ExpressFiles
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\GoforFiles
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\performersoft llc
Schlüssel Gelöscht : HKCU\Software\PerformerSoft
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Speedchecker Limited
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Webplayer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AutoLyrics
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\HappyLyrics
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Desksvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Driver-Soft
Schlüssel Gelöscht : HKLM\SOFTWARE\eSafeSecControl
Schlüssel Gelöscht : HKLM\SOFTWARE\ExpressFiles
Schlüssel Gelöscht : HKLM\SOFTWARE\GoforFiles
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\MediaViewV1
Schlüssel Gelöscht : HKLM\SOFTWARE\MediaWatchV1
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic
Schlüssel Gelöscht : HKLM\SOFTWARE\PerformerSoft
Schlüssel Gelöscht : HKLM\SOFTWARE\portaldositesSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\VBMZ
Schlüssel Gelöscht : HKLM\SOFTWARE\visualbee
Schlüssel Gelöscht : HKLM\SOFTWARE\winzipersvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ParetoLogic
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\237AA359BFA99C94484AF769ACA080AD
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\237AA359BFA99C94484AF769ACA080AD
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\237AA359BFA99C94484AF769ACA080AD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17280
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [CustomizeSearch]
-\\ Mozilla Firefox v32.0.2 (x86 de)
[ Datei : C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\prefs.js ]
Zeile gelöscht : user_pref("CT3322950.1000082.isPlayDisplay", "true");
Zeile gelöscht : user_pref("CT3322950.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Zeile gelöscht : user_pref("CT3322950.1000234.TWC_TMP_city", "SULZBACH");
Zeile gelöscht : user_pref("CT3322950.1000234.TWC_TMP_country", "DE");
Zeile gelöscht : user_pref("CT3322950.1000234.TWC_country", "GERMANY");
Zeile gelöscht : user_pref("CT3322950.1000234.TWC_locId", "GMTH1656");
Zeile gelöscht : user_pref("CT3322950.1000234.TWC_location", "Sulzbach, TH, Germany");
Zeile gelöscht : user_pref("CT3322950.1000234.TWC_region", "DE");
Zeile gelöscht : user_pref("CT3322950.1000234.TWC_temp_dis", "c");
Zeile gelöscht : user_pref("CT3322950.1000234.TWC_wind_dis", "kmh");
Zeile gelöscht : user_pref("CT3322950.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.FF19Solved", "true");
Zeile gelöscht : user_pref("CT3322950.FirstTime", "true");
Zeile gelöscht : user_pref("CT3322950.FirstTimeFF3", "true");
Zeile gelöscht : user_pref("CT3322950.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3322950&SearchSource=2&CUI=UN31789874723153333&UM=2&q=");
Zeile gelöscht : user_pref("CT3322950.UserID", "UN31789874723153333");
Zeile gelöscht : user_pref("CT3322950.addressBarTakeOverEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT3322950.appOptions", "{\"130318455676773911\":{\"render\":true,\"disabled\":false,\"appGuid\":\"\",\"appClientGuid\":\"\",\"isPersonalApp\":false},\"130318455674901902\":{\"render\":true,[...]
Zeile gelöscht : user_pref("CT3322950.browser.search.defaultthis.engineName", "true");
Zeile gelöscht : user_pref("CT3322950.countryCode", "DE");
Zeile gelöscht : user_pref("CT3322950.defaultSearch", "true");
Zeile gelöscht : user_pref("CT3322950.embeddedsData", "[{\"appId\":\"130318455674433900\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Zeile gelöscht : user_pref("CT3322950.enableAlerts", "true");
Zeile gelöscht : user_pref("CT3322950.enableSearchFromAddressBar", "true");
Zeile gelöscht : user_pref("CT3322950.firstTimeDialogOpened", "true");
Zeile gelöscht : user_pref("CT3322950.fixPageNotFoundError", "true");
Zeile gelöscht : user_pref("CT3322950.fixPageNotFoundErrorByUser", "true");
Zeile gelöscht : user_pref("CT3322950.fixPageNotFoundErrorInHidden", "true");
Zeile gelöscht : user_pref("CT3322950.fullUserID", "UN31789874723153333.IN.20140124194531");
Zeile gelöscht : user_pref("CT3322950.homepageuserchanged", true);
Zeile gelöscht : user_pref("CT3322950.installDate", "24/01/2014 19:45:40");
Zeile gelöscht : user_pref("CT3322950.installSessionId", "{C02D2E16-C085-4242-B895-F07882545DB7}");
Zeile gelöscht : user_pref("CT3322950.installSp", "true");
Zeile gelöscht : user_pref("CT3322950.installType", "conduitnsisintegration");
Zeile gelöscht : user_pref("CT3322950.installerVersion", "1.8.1.4");
Zeile gelöscht : user_pref("CT3322950.isCheckedStartAsHidden", true);
Zeile gelöscht : user_pref("CT3322950.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.isFirstTimeToolbarLoading", "false");
Zeile gelöscht : user_pref("CT3322950.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Zeile gelöscht : user_pref("CT3322950.keyword", "true");
Zeile gelöscht : user_pref("CT3322950.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3322950&octid=CT3322950&SearchSource=15&CUI=UN31789874723153333&SSPV=&Lay=1&UM=2\"}");
Zeile gelöscht : user_pref("CT3322950.lastVersion", "10.23.0.822");
Zeile gelöscht : user_pref("CT3322950.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Ffreemiuma.ourtoolbar.com%2FUninstallInstructions%2F\",\"EB_MAIN_FRAME_TITLE\":\"%0A%09How%20[...]
Zeile gelöscht : user_pref("CT3322950.openThankYouPage", "false");
Zeile gelöscht : user_pref("CT3322950.openUninstallPage", "true");
Zeile gelöscht : user_pref("CT3322950.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPA747D92E-E220-44F4-94DA-6D5F45F1797C&SSPV=");
Zeile gelöscht : user_pref("CT3322950.originalSearchAddressUrl", "");
Zeile gelöscht : user_pref("CT3322950.originalSearchEngine", "Web Search");
Zeile gelöscht : user_pref("CT3322950.originalSearchEngineName", "Web Search");
Zeile gelöscht : user_pref("CT3322950.revertSettingsEnabled", "true");
Zeile gelöscht : user_pref("CT3322950.search.searchAppId", "130318455674433900");
Zeile gelöscht : user_pref("CT3322950.search.searchCount", "0");
Zeile gelöscht : user_pref("CT3322950.searchFromAddressBarEnabledByUser", "true");
Zeile gelöscht : user_pref("CT3322950.searchInNewTabEnabledByUser", "true");
Zeile gelöscht : user_pref("CT3322950.searchInNewTabEnabledInHidden", "true");
Zeile gelöscht : user_pref("CT3322950.searchRevert", "true");
Zeile gelöscht : user_pref("CT3322950.searchSuggestEnabledByUser", "true");
Zeile gelöscht : user_pref("CT3322950.searchUninstallUserMode", "2");
Zeile gelöscht : user_pref("CT3322950.searchUserMode", "2");
Zeile gelöscht : user_pref("CT3322950.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3322950\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FreemiumA.OurToolbar.com//xpi\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FreemiumA \"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_Configuration_lastUpdate", "1390688501352");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1390589243107");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_appsMetadata_lastUpdate", "1390688500008");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1390589242742");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_login_10.23.0.722_lastUpdate", "1390688499779");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_login_10.23.0.822_lastUpdate", "1390753711175");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1390589242801");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_searchAPI_lastUpdate", "1390688499981");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_serviceMap_lastUpdate", "1390688499841");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_toolbarContextMenu_lastUpdate", "1390688499881");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_toolbarSettings_lastUpdate", "1390753710749");
Zeile gelöscht : user_pref("CT3322950.serviceLayer_services_translation_lastUpdate", "1390688499920");
Zeile gelöscht : user_pref("CT3322950.settingsINI", true);
Zeile gelöscht : user_pref("CT3322950.shouldFirstTimeDialog", "false");
Zeile gelöscht : user_pref("CT3322950.showToolbarPermission", "false");
Zeile gelöscht : user_pref("CT3322950.smartbar.CTID", "CT3322950");
Zeile gelöscht : user_pref("CT3322950.smartbar.Uninstall", "0");
Zeile gelöscht : user_pref("CT3322950.smartbar.homepage", "true");
Zeile gelöscht : user_pref("CT3322950.smartbar.toolbarName", "FreemiumA ");
Zeile gelöscht : user_pref("CT3322950.startPage", "true");
Zeile gelöscht : user_pref("CT3322950.toolbarBornServerTime", "24-1-2014");
Zeile gelöscht : user_pref("CT3322950.toolbarCurrentServerTime", "26-1-2014");
Zeile gelöscht : user_pref("CT3322950.toolbarDisabled", "true");
Zeile gelöscht : user_pref("CT3322950.toolbarInstallDate", "24-01-2014 19:45:34");
Zeile gelöscht : user_pref("CT3322950.toolbarLoginClientTime", "Fri Jan 24 2014 19:47:22 GMT+0100");
Zeile gelöscht : user_pref("CT3322950.versionFromInstaller", "10.23.0.722");
Zeile gelöscht : user_pref("CT3322950.xpeMode", "0");
Zeile gelöscht : user_pref("CT3322950_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1390756756304,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3322950&octid=CT3322950&SearchSource=61&CUI=UN31789874723153333&UM=2&UP=SP33DC26F0-280F-4C8A-92F8-1E8AE5646D6D");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "FreemiumA Customized Web Search");
Zeile gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3322950&SearchSource=2&CUI=UN31789874723153333&UM=2&q=");
Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT3322950");
Zeile gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "FreemiumA Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3322950&CUI=UN31789874723153333&UM=2&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "SD");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=106b80eb000000000000ec1a59527987&toi=16082");
Zeile gelöscht : user_pref("extensions.Softonic.hpOld0", "hxxps://www.google.de/");
Zeile gelöscht : user_pref("extensions.Softonic.id", "106b80eb000000000000ec1a59527987");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16082");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00009");
Zeile gelöscht : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=106b80eb000000000000ec1a59527987&toi=16082&q=");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00009/tb_v1/?SearchSource=15&cc=&mi=106b80eb000000000000ec1a59527987&toi=16082");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "2013desingbrand");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=1&cc=&mi=106b80eb000000000000ec1a59527987&toi=16082&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.29.3");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.29.32:53:40");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.29.3");
Zeile gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.backgroundjs", "\n\n/*****************************************************************************[...]
Zeile gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.js", "\n\n /************************************************************************************\[...]
Zeile gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return app[...]
Zeile gelöscht : user_pref("extensions.aad80235d5e5a4a1da89151b66a3e70f88f877d806977415fac14b52043838c19com33434.33434.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n appAP[...]
Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.id", "106b80eb000000000000ec1a59527987");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16230");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.28.3");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.28.31:31:54");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.28.3");
-\\ Google Chrome v
[ Datei : C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Homepage] : hxxp://www.firetab.org/?type=ds3hp
*************************
AdwCleaner[R0].txt - [67877 octets] - [21/09/2014 17:16:45]
AdwCleaner[S0].txt - [65141 octets] - [21/09/2014 17:22:44]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [65202 octets] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 21.09.2014 Suchlauf-Zeit: 17:29:21 Logdatei: malwareb.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.09.21.06 Rootkit Datenbank: v2014.09.19.01 Lizenz: Premium Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: BonZZai Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 332442 Verstrichene Zeit: 12 Min, 16 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) |
|
21.09.2014, 16:45
| #7 |
| | Internet langsam seit Änderung durch TuneUp UtilitiesFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014 Ran by BonZZai (administrator) on BONZZAI-PC on 21-09-2014 17:44:06 Running from C:\Users\BonZZai\Downloads Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [Ocs_SM] => C:\Users\BonZZai\AppData\Roaming\OCS\SM\SearchAnonymizer.exe HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HDAudDeck] => c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe [5675184 2013-05-10] (VIA) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated) HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-18] (Google Inc.) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22040168 2014-08-27] (Skype Technologies S.A.) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-437646761-135901211-47947868-1000\...\MountPoints2: {73a36747-4c66-11e2-97f0-806e6f6e6963} - D:\Bin\ASSETUP.exe IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF388E98DB5DFCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {03CDFE7B-8B33-4565-BCCC-3A0FEA895055} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {184A9DD7-741E-11E3-8FF2-3085A9F78590} URL = hxxp://searchinfinitas.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368696E66696E697461732E636F6D2F3F616666696C743D3426713D7B7365617263685465726D737D2669643D7B32324542383538362D433344392D343944312D423934302D3746424432343942364535367D&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0 SearchScopes: HKCU - {37B0EF2A-370F-47EB-8B45-45B5170F4DF5} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {56E47280-68DD-4167-AE5E-61138E294984} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {5F731F12-D4FD-4640-A74E-0C1CC8793B97} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D69653726726C7A3D31493747474E495F64654445353736&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0 SearchScopes: HKCU - {D160EDD2-06B7-424E-84EE-0E3C064E2798} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {EB6ACCE1-F406-4C8B-90B5-B102C657B832} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKLM - Kango - {F051F6BF-82D9-49A7-9E6C-BA63CDB487D2} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\7e359293-3f24-40c5-bebe-ec2c522ee932.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\a22d3231-3f5c-4f15-bd94-a0d288cfd46d.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\df4d687e-f4c7-40ff-ad66-2f9c6eb49005.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{0277BDC7-BD8F-431E-8CBC-5E1F2B951ECF}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{23F6A38A-964D-489E-A743-F3B9A7D78230}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{30295452-738A-4968-A588-92B0BA09898F}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{9B892BC4-140F-4EFF-AD92-22DDA85F6C84}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{B7748BCB-37C7-40FD-8C38-D04FA3FD8B4F}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{FF348E83-EEBB-4A2D-9C1D-0829BE838A01}.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: WEB.DE MailCheck - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\toolbar@web.de [2014-09-18] FF Extension: 4shared Desktop Plugin - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\4sharedCopyLinks.xpi.tmp [2013-03-14] FF Extension: Cliqz Beta - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\cliqz@cliqz.com.xpi [2014-07-22] FF Extension: Facebook Toolbar - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\firefox@facebook.com.xpi [2012-12-21] FF Extension: Mark Ads Sites In Search - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\jid1-LGBwZ7tVjRcfIg@jetpack.xpi [2014-06-28] FF Extension: Smoother Web - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-09-11] FF Extension: FirefoxAdKiller - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi [2014-06-28] FF Extension: Adblock Plus - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-28] FF Extension: Tab Mix Plus - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-04-25] FF Extension: DownThemAll! - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-24] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-11-16] Chrome: ======= CHR Profile: C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\default CHR Extension: (No Name) - C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf [2013-06-26] CHR HKLM-x32\...\Chrome\Extension: [cenfbebdhgbldbkkndbjgjngdnkghemj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2599\ch\MediaWatchV1home2599.crx [] CHR HKLM-x32\...\Chrome\Extension: [egboolelbjcdgnopcmdokdiegcmnfpfn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8960\ch\MediaViewV1alpha8960.crx [] CHR HKLM-x32\...\Chrome\Extension: [fdfmghmenmllgflfnbcdomgbelmjkepl] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha113\ch\MediaViewV1alpha113.crx [] CHR HKLM-x32\...\Chrome\Extension: [peeijnafianehabjhnlkiopmolfloakl] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode9005\ch\MediaBuzzV1mode9005.crx [] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-12] (VIA Technologies, Inc.) S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] () S3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] () S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed] R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-21] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-19] (Synaptics Incorporated) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2087-01-13 02:31 - 2087-01-13 02:31 - 00000000 ____D () C:\ProgramData\eSellerate 2087-01-13 02:31 - 2014-01-29 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2050-01-01 02:17 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2050-01-01 02:17 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2050-01-01 02:17 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2050-01-01 02:17 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2050-01-01 02:17 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2050-01-01 02:17 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2050-01-01 02:17 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2050-01-01 02:17 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2050-01-01 02:17 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2050-01-01 02:17 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2050-01-01 02:17 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2050-01-01 02:17 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2050-01-01 02:04 - 2050-01-01 02:04 - 00003218 _____ () C:\Windows\System32\Tasks\{E5B542E3-C766-40FD-BDEE-1AA277504F6C} 2050-01-01 01:59 - 2050-01-01 02:12 - 00001686 _____ () C:\Users\BonZZai\AppData\Local\Cracklock.settings 2014-09-21 17:43 - 2014-09-21 17:43 - 00001159 _____ () C:\Users\BonZZai\Desktop\malwareb.txt 2014-09-21 17:17 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-21 17:16 - 2014-09-21 17:24 - 00000000 ____D () C:\AdwCleaner 2014-09-21 17:15 - 2014-09-21 17:15 - 01373475 _____ () C:\Users\BonZZai\Downloads\AdwCleaner_3.310.exe 2014-09-21 17:02 - 2014-09-21 17:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\BonZZai\Downloads\revosetup95.exe 2014-09-21 04:06 - 2014-09-21 04:06 - 00021976 _____ () C:\Users\BonZZai\Downloads\Result.txt 2014-09-21 04:05 - 2014-09-21 04:05 - 00401920 _____ (Farbar) C:\Users\BonZZai\Downloads\MiniToolBox.exe 2014-09-21 04:03 - 2014-09-21 17:44 - 00023855 _____ () C:\Users\BonZZai\Downloads\FRST.txt 2014-09-21 04:03 - 2014-09-21 17:44 - 00000000 ____D () C:\FRST 2014-09-21 04:03 - 2014-09-21 04:04 - 00060138 _____ () C:\Users\BonZZai\Downloads\Addition.txt 2014-09-21 04:02 - 2014-09-21 04:03 - 02105856 _____ (Farbar) C:\Users\BonZZai\Downloads\FRST64.exe 2014-09-21 01:14 - 2014-09-21 01:14 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\EurekaLab s.a.s 2014-09-21 01:11 - 2014-09-21 01:11 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\dlg 2014-09-21 01:08 - 2014-09-21 01:08 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox(1).exe 2014-09-21 01:07 - 2014-09-21 01:07 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox.exe 2014-09-21 00:32 - 2014-09-21 00:39 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00803636 _____ () C:\Users\BonZZai\Downloads\RegpairSetup.exe 2014-09-21 00:32 - 2014-09-21 00:32 - 00001027 _____ () C:\Users\BonZZai\Desktop\Free Window Registry Repair.lnk 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-19 23:09 - 2014-09-19 23:09 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2014-09-19 23:09 - 2014-09-19 23:09 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2014-09-19 23:03 - 2014-09-19 23:03 - 00007598 _____ () C:\Users\BonZZai\AppData\Local\Resmon.ResmonCfg 2014-09-19 19:40 - 2014-09-19 19:40 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411148449 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-19 19:09 - 2014-09-21 17:05 - 00001260 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller.lnk 2014-09-19 19:09 - 2014-09-19 19:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-19 19:07 - 2014-09-19 19:07 - 01101648 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller - CHIP-Installer.exe 2014-09-19 15:46 - 2014-09-19 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-17 00:06 - 2014-09-17 00:07 - 02297624 _____ () C:\Users\BonZZai\Desktop\Metin2 Sycorax ,Hurensohn wird im TS Rassiert xTwinBlade.mp3.sfk 2014-09-16 03:38 - 2014-09-16 03:38 - 07566336 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe 2014-09-15 21:30 - 2014-09-15 22:07 - 114649879 _____ () C:\Users\BonZZai\Downloads\m2kmod_3.0.1.zip 2014-09-12 15:50 - 2014-09-21 17:29 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-12 15:50 - 2014-09-12 15:50 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-12 15:50 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-09-12 15:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-09-11 00:45 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-11 00:45 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 00:45 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-11 00:45 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-11 00:45 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-11 00:45 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-11 00:45 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-11 00:45 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-11 00:45 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-11 00:45 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-11 00:45 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-11 00:45 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-11 00:45 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-11 00:45 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-11 00:45 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-11 00:45 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-11 00:45 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 00:45 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-11 00:45 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-11 00:45 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-11 00:45 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 00:45 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-11 00:45 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 00:45 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 00:45 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-11 00:45 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-11 00:45 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-11 00:45 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-11 00:45 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 00:45 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 00:45 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 00:45 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-11 00:45 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-11 00:45 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-11 00:45 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-11 00:45 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 00:45 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-11 00:45 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 00:45 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 00:45 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-11 00:45 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-11 00:45 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-11 00:45 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 00:45 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 00:45 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 00:45 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-11 00:45 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-11 00:45 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-11 00:45 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-11 00:45 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 00:36 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 00:36 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-10 23:33 - 2014-09-10 23:33 - 00001027 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-09-10 23:16 - 2014-09-11 18:08 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-09-10 23:03 - 2014-09-10 23:16 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-09-10 21:08 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-10 21:08 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-10 21:08 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-10 21:08 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-10 21:07 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-10 21:07 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-10 21:07 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 21:07 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 21:07 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-10 21:07 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-10 21:07 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-10 20:25 - 2014-06-16 08:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-09-10 20:25 - 2014-06-16 08:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2014-09-07 23:07 - 2014-09-07 23:07 - 00360448 _____ () C:\Users\BonZZai\Desktop\HWID-Generator(1).exe 2014-09-07 22:07 - 2014-09-10 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2014-09-07 22:05 - 2014-09-10 22:58 - 00000000 ____D () C:\Users\BonZZai\Desktop\bot 2014-09-07 22:04 - 2014-09-07 22:04 - 01101648 _____ () C:\Users\BonZZai\Downloads\Virtual Audio Cable - CHIP-Installer.exe 2014-09-07 22:04 - 2014-09-07 22:04 - 00279379 _____ () C:\Users\BonZZai\Downloads\VirtualAudioCable409.zip 2014-09-07 21:59 - 2014-09-10 23:41 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\foobar2000 2014-09-07 21:59 - 2014-09-10 23:33 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk 2014-09-07 21:59 - 2014-09-10 23:33 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-09-07 21:58 - 2014-09-07 21:58 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer(1).exe 2014-09-07 21:56 - 2014-09-07 21:56 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer.exe 2014-09-02 19:07 - 2014-09-02 19:11 - 07560704 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe 2014-08-27 21:39 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-27 21:39 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-27 21:39 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-26 04:21 - 2014-08-26 04:21 - 00062690 _____ () C:\Users\BonZZai\Downloads\MLB PRESET PACK.rar 2014-08-26 02:00 - 2014-08-26 02:02 - 177148588 _____ () C:\Users\BonZZai\Downloads\Editing pack.zip 2014-08-24 02:03 - 2014-08-24 02:06 - 949016928 _____ () C:\Users\BonZZai\Downloads\JuicyMT2 Client 2014 (PvP-Fun).rar 2014-08-23 20:58 - 2014-08-24 02:07 - 00000000 ____D () C:\Users\BonZZai\Desktop\materia 2014-08-23 20:57 - 2014-08-23 21:09 - 847967621 _____ () C:\Users\BonZZai\Downloads\METERIA2.rar 2014-08-23 20:57 - 2014-08-23 20:57 - 00305895 _____ () C:\Users\BonZZai\Downloads\Meteria2_Patch_04.08.14.rar 2014-08-22 15:57 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-22 15:57 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-22 15:57 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-22 15:57 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-22 15:57 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-22 15:57 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-22 15:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-22 15:57 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-22 15:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2087-01-13 02:31 - 2087-01-13 02:31 - 00000000 ____D () C:\ProgramData\eSellerate 2050-01-01 02:12 - 2050-01-01 01:59 - 00001686 _____ () C:\Users\BonZZai\AppData\Local\Cracklock.settings 2050-01-01 02:04 - 2050-01-01 02:04 - 00003218 _____ () C:\Windows\System32\Tasks\{E5B542E3-C766-40FD-BDEE-1AA277504F6C} 2014-09-21 17:44 - 2014-09-21 04:03 - 00023855 _____ () C:\Users\BonZZai\Downloads\FRST.txt 2014-09-21 17:44 - 2014-09-21 04:03 - 00000000 ____D () C:\FRST 2014-09-21 17:43 - 2014-09-21 17:43 - 00001159 _____ () C:\Users\BonZZai\Desktop\malwareb.txt 2014-09-21 17:34 - 2009-07-14 06:45 - 00047008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-21 17:34 - 2009-07-14 06:45 - 00047008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-21 17:31 - 2012-12-21 20:43 - 01259136 _____ () C:\Windows\WindowsUpdate.log 2014-09-21 17:31 - 2011-04-12 09:43 - 09240936 _____ () C:\Windows\system32\perfh007.dat 2014-09-21 17:31 - 2011-04-12 09:43 - 02817012 _____ () C:\Windows\system32\perfc007.dat 2014-09-21 17:31 - 2009-07-14 07:13 - 00006260 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-21 17:30 - 2013-05-03 16:29 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA.job 2014-09-21 17:29 - 2014-09-12 15:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-21 17:28 - 2014-04-21 22:04 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Skype 2014-09-21 17:25 - 2013-12-07 22:43 - 01753244 _____ () C:\Windows\PFRO.log 2014-09-21 17:25 - 2013-12-07 22:43 - 00041538 _____ () C:\Windows\setupact.log 2014-09-21 17:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-21 17:24 - 2014-09-21 17:16 - 00000000 ____D () C:\AdwCleaner 2014-09-21 17:24 - 2014-03-02 16:51 - 00000000 ____D () C:\Windows\system32\log 2014-09-21 17:24 - 2012-12-21 20:43 - 00000000 ____D () C:\Users\BonZZai 2014-09-21 17:19 - 2012-12-22 03:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-21 17:15 - 2014-09-21 17:15 - 01373475 _____ () C:\Users\BonZZai\Downloads\AdwCleaner_3.310.exe 2014-09-21 17:07 - 2013-07-29 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2014-09-21 17:05 - 2014-09-19 19:09 - 00001260 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller.lnk 2014-09-21 17:02 - 2014-09-21 17:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\BonZZai\Downloads\revosetup95.exe 2014-09-21 16:49 - 2013-03-13 01:07 - 00000000 ____D () C:\Program Files (x86)\Metin2 2014-09-21 16:45 - 2013-03-01 00:01 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\TS3Client 2014-09-21 16:11 - 2012-12-21 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-21 04:16 - 2013-03-16 06:48 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\vlc 2014-09-21 04:06 - 2014-09-21 04:06 - 00021976 _____ () C:\Users\BonZZai\Downloads\Result.txt 2014-09-21 04:05 - 2014-09-21 04:05 - 00401920 _____ (Farbar) C:\Users\BonZZai\Downloads\MiniToolBox.exe 2014-09-21 04:04 - 2014-09-21 04:03 - 00060138 _____ () C:\Users\BonZZai\Downloads\Addition.txt 2014-09-21 04:03 - 2014-09-21 04:02 - 02105856 _____ (Farbar) C:\Users\BonZZai\Downloads\FRST64.exe 2014-09-21 03:50 - 2013-10-30 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-21 01:14 - 2014-09-21 01:14 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\EurekaLab s.a.s 2014-09-21 01:14 - 2009-07-14 04:34 - 00000568 _____ () C:\Windows\win.ini 2014-09-21 01:11 - 2014-09-21 01:11 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\dlg 2014-09-21 01:11 - 2012-12-21 22:30 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-21 01:11 - 2012-12-21 22:30 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-09-21 01:08 - 2014-09-21 01:08 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox(1).exe 2014-09-21 01:07 - 2014-09-21 01:07 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox.exe 2014-09-21 01:04 - 2013-03-07 19:16 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\CrashDumps 2014-09-21 00:39 - 2014-09-21 00:32 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00803636 _____ () C:\Users\BonZZai\Downloads\RegpairSetup.exe 2014-09-21 00:32 - 2014-09-21 00:32 - 00001027 _____ () C:\Users\BonZZai\Desktop\Free Window Registry Repair.lnk 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-20 22:30 - 2013-05-03 16:29 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core.job 2014-09-20 02:13 - 2013-05-02 01:56 - 00000000 ____D () C:\Users\BonZZai\Desktop\YOUTUBE 2014-09-19 23:09 - 2014-09-19 23:09 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2014-09-19 23:09 - 2014-09-19 23:09 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2014-09-19 23:08 - 2013-07-08 03:29 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-19 23:07 - 2012-12-22 03:14 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-09-19 23:04 - 2012-12-22 03:16 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Adobe 2014-09-19 23:03 - 2014-09-19 23:03 - 00007598 _____ () C:\Users\BonZZai\AppData\Local\Resmon.ResmonCfg 2014-09-19 22:53 - 2014-08-01 12:48 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-09-19 20:33 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\ShellNew 2014-09-19 19:40 - 2014-09-19 19:40 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411148449 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-19 19:11 - 2014-04-03 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2014-09-19 19:11 - 2014-04-03 19:42 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-09-19 19:09 - 2014-09-19 19:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-19 19:09 - 2013-04-08 00:30 - 00000000 ____D () C:\Program Files (x86)\Azureus 2014-09-19 19:07 - 2014-09-19 19:07 - 01101648 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller - CHIP-Installer.exe 2014-09-19 18:58 - 2012-12-21 21:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-19 16:16 - 2014-05-21 00:36 - 00000000 ____D () C:\Users\BonZZai\Desktop\Splitter - Kopie - Kopie 2014-09-19 15:46 - 2014-09-19 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-19 15:46 - 2014-04-21 22:04 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-09-19 15:46 - 2014-04-21 22:04 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-09-19 15:46 - 2013-02-24 01:05 - 00000000 ____D () C:\ProgramData\Skype 2014-09-17 00:16 - 2014-03-04 03:31 - 00000000 ____D () C:\Users\BonZZai\Desktop\yttt 2014-09-17 00:07 - 2014-09-17 00:06 - 02297624 _____ () C:\Users\BonZZai\Desktop\Metin2 Sycorax ,Hurensohn wird im TS Rassiert xTwinBlade.mp3.sfk 2014-09-16 20:49 - 2014-07-21 14:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-09-16 03:38 - 2014-09-16 03:38 - 07566336 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe 2014-09-15 22:07 - 2014-09-15 21:30 - 114649879 _____ () C:\Users\BonZZai\Downloads\m2kmod_3.0.1.zip 2014-09-12 15:50 - 2014-09-12 15:50 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-12 03:37 - 2013-03-08 23:53 - 00004608 _____ () C:\Users\BonZZai\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-11 23:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-11 18:08 - 2014-09-10 23:16 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-09-11 00:43 - 2014-04-12 03:00 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2014-09-11 00:43 - 2013-07-12 03:59 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-11 00:43 - 2013-06-27 16:50 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-09-11 00:43 - 2013-06-27 16:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-09-11 00:43 - 2013-06-27 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-09-11 00:36 - 2012-12-21 22:36 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-11 00:35 - 2014-05-07 01:11 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-10 23:41 - 2014-09-07 21:59 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\foobar2000 2014-09-10 23:33 - 2014-09-10 23:33 - 00001027 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-09-10 23:33 - 2014-09-07 21:59 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk 2014-09-10 23:33 - 2014-09-07 21:59 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-09-10 23:16 - 2014-09-10 23:03 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-09-10 23:03 - 2014-09-07 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2014-09-10 22:58 - 2014-09-07 22:05 - 00000000 ____D () C:\Users\BonZZai\Desktop\bot 2014-09-10 13:19 - 2012-12-22 03:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-10 13:19 - 2012-12-22 03:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-10 13:19 - 2012-12-22 03:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-08 22:46 - 2013-10-25 22:03 - 00001715 _____ () C:\Users\BonZZai\Desktop\ACC Daten.txt 2014-09-07 23:07 - 2014-09-07 23:07 - 00360448 _____ () C:\Users\BonZZai\Desktop\HWID-Generator(1).exe 2014-09-07 22:04 - 2014-09-07 22:04 - 01101648 _____ () C:\Users\BonZZai\Downloads\Virtual Audio Cable - CHIP-Installer.exe 2014-09-07 22:04 - 2014-09-07 22:04 - 00279379 _____ () C:\Users\BonZZai\Downloads\VirtualAudioCable409.zip 2014-09-07 21:58 - 2014-09-07 21:58 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer(1).exe 2014-09-07 21:56 - 2014-09-07 21:56 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer.exe 2014-09-05 04:10 - 2014-09-10 21:07 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-05 04:05 - 2014-09-10 21:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-03 21:58 - 2012-12-21 21:52 - 00000000 ____D () C:\Temp 2014-09-03 21:52 - 2013-07-29 17:25 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive 2014-09-02 19:11 - 2014-09-02 19:07 - 07560704 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe 2014-08-28 18:42 - 2013-12-07 22:43 - 04933592 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-26 04:21 - 2014-08-26 04:21 - 00062690 _____ () C:\Users\BonZZai\Downloads\MLB PRESET PACK.rar 2014-08-26 02:08 - 2014-04-25 19:33 - 00000000 ____D () C:\Users\BonZZai\Desktop\^^^^^^^^^^ 2014-08-26 02:02 - 2014-08-26 02:00 - 177148588 _____ () C:\Users\BonZZai\Downloads\Editing pack.zip 2014-08-24 02:07 - 2014-08-23 20:58 - 00000000 ____D () C:\Users\BonZZai\Desktop\materia 2014-08-24 02:06 - 2014-08-24 02:03 - 949016928 _____ () C:\Users\BonZZai\Downloads\JuicyMT2 Client 2014 (PvP-Fun).rar 2014-08-23 21:09 - 2014-08-23 20:57 - 847967621 _____ () C:\Users\BonZZai\Downloads\METERIA2.rar 2014-08-23 20:57 - 2014-08-23 20:57 - 00305895 _____ () C:\Users\BonZZai\Downloads\Meteria2_Patch_04.08.14.rar 2014-08-23 04:07 - 2014-08-27 21:39 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-27 21:39 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-27 21:39 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys Files to move or delete: ==================== C:\Users\BonZZai\dpinst.exe C:\Users\BonZZai\Setup.exe Some content of TEMP: ==================== C:\Users\BonZZai\AppData\Local\Temp\AAMHelper.exe C:\Users\BonZZai\AppData\Local\Temp\AdobeApplicationManager.exe C:\Users\BonZZai\AppData\Local\Temp\CloudBackup6915.exe C:\Users\BonZZai\AppData\Local\Temp\Quarantine.exe C:\Users\BonZZai\AppData\Local\Temp\sfamcc00001.dll C:\Users\BonZZai\AppData\Local\Temp\sfareca00001.dll C:\Users\BonZZai\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-11 23:19 ==================== End Of Log ============================ |
|
21.09.2014, 22:51
| #9 |
| | Internet langsam seit Änderung durch TuneUp UtilitiesFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014 Ran by BonZZai (administrator) on BONZZAI-PC on 21-09-2014 23:41:52 Running from C:\Users\BonZZai\Downloads Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (All) ========================= (Microsoft Corporation) C:\Windows\System32\smss.exe (Microsoft Corporation) C:\Windows\System32\csrss.exe (Microsoft Corporation) C:\Windows\System32\wininit.exe (Microsoft Corporation) C:\Windows\System32\csrss.exe (Microsoft Corporation) C:\Windows\System32\services.exe (Microsoft Corporation) C:\Windows\System32\lsass.exe (Microsoft Corporation) C:\Windows\System32\lsm.exe (Microsoft Corporation) C:\Windows\System32\winlogon.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Windows\System32\taskhost.exe (Microsoft Corporation) C:\Windows\System32\dwm.exe (Microsoft Corporation) C:\Windows\explorer.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Microsoft Corporation) C:\Windows\System32\svchost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe () C:\Program Files (x86)\GameforgeLive\gfl_client.exe (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Microsoft Corporation) C:\Windows\System32\svchost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (Farbar) C:\Users\BonZZai\Downloads\FRST64.exe ==================== Registry (All) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [Ocs_SM] => C:\Users\BonZZai\AppData\Roaming\OCS\SM\SearchAnonymizer.exe HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HDAudDeck] => c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe [5675184 2013-05-10] (VIA) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe, [30720 2010-11-21] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-21] (Microsoft Corporation) HKLM\...\Winlogon: [Shell] explorer.exe [2871808 2011-02-25] (Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] explorer.exe [2616320 2011-02-25] (Microsoft Corporation) HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0 HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-18] (Google Inc.) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22040168 2014-08-27] (Skype Technologies S.A.) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 145 HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-437646761-135901211-47947868-1000\...\MountPoints2: {73a36747-4c66-11e2-97f0-806e6f6e6963} - D:\Bin\ASSETUP.exe IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" Lsa: [Authentication Packages] msv1_0 Lsa: [Notification Packages] scecli SecurityProviders: credssp.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No File ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: Offline Files -> {4E77131D-3629-431c-9818-C5679DC83E81} => C:\Windows\System32\cscui.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: SharingPrivate -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SharingPrivate -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation) BootExecute: autocheck autochk * AlternateShell: cmd.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (All) =========================== HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF388E98DB5DFCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) URLSearchHook: HKCU - Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC SearchScopes: HKLM-x32 - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {03CDFE7B-8B33-4565-BCCC-3A0FEA895055} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC SearchScopes: HKCU - {184A9DD7-741E-11E3-8FF2-3085A9F78590} URL = hxxp://searchinfinitas.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368696E66696E697461732E636F6D2F3F616666696C743D3426713D7B7365617263685465726D737D2669643D7B32324542383538362D433344392D343944312D423934302D3746424432343942364535367D&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0 SearchScopes: HKCU - {37B0EF2A-370F-47EB-8B45-45B5170F4DF5} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {56E47280-68DD-4167-AE5E-61138E294984} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {5F731F12-D4FD-4640-A74E-0C1CC8793B97} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D69653726726C7A3D31493747474E495F64654445353736&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0 SearchScopes: HKCU - {D160EDD2-06B7-424E-84EE-0E3C064E2798} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {EB6ACCE1-F406-4C8B-90B5-B102C657B832} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKLM - Kango - {F051F6BF-82D9-49A7-9E6C-BA63CDB487D2} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation) Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\system32\inetcomm.dll (Microsoft Corporation) Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation) Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\msvidctl.dll (Microsoft Corporation) Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation) Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - No File Handler-x32: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) Handler-x32: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) Handler-x32: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation) Handler-x32: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation) Handler-x32: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation) Handler-x32: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Handler-x32: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\msvidctl.dll (Microsoft Corporation) Handler-x32: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation) Handler-x32: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\system32\mscoree.dll (Microsoft Corporation) Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Winsock: Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation) Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.) Winsock: Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog5-x64 01 %SystemRoot%\system32\NLAapi.dll [70656] (Microsoft Corporation) Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [68096] (Microsoft Corporation) Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation) Winsock: Catalog5-x64 04 %SystemRoot%\system32\pnrpnsp.dll [86016] (Microsoft Corporation) Winsock: Catalog5-x64 05 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog5-x64 06 %SystemRoot%\System32\winrnr.dll [28672] (Microsoft Corporation) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.) Winsock: Catalog9-x64 01 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 02 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 03 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 04 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 05 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation) Winsock: Catalog9-x64 06 %SystemRoot%\system32\mswsock.dll [327168] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\7e359293-3f24-40c5-bebe-ec2c522ee932.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\a22d3231-3f5c-4f15-bd94-a0d288cfd46d.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\df4d687e-f4c7-40ff-ad66-2f9c6eb49005.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\Google.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{0277BDC7-BD8F-431E-8CBC-5E1F2B951ECF}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{23F6A38A-964D-489E-A743-F3B9A7D78230}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{30295452-738A-4968-A588-92B0BA09898F}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{9B892BC4-140F-4EFF-AD92-22DDA85F6C84}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{B7748BCB-37C7-40FD-8C38-D04FA3FD8B4F}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{FF348E83-EEBB-4A2D-9C1D-0829BE838A01}.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bing.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\google.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wikipedia-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: WEB.DE MailCheck - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\toolbar@web.de [2014-09-18] FF Extension: 4shared Desktop Plugin - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\4sharedCopyLinks.xpi.tmp [2013-03-14] FF Extension: Cliqz Beta - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\cliqz@cliqz.com.xpi [2014-07-22] FF Extension: Facebook Toolbar - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\firefox@facebook.com.xpi [2012-12-21] FF Extension: Mark Ads Sites In Search - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\jid1-LGBwZ7tVjRcfIg@jetpack.xpi [2014-06-28] FF Extension: Smoother Web - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-09-11] FF Extension: FirefoxAdKiller - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi [2014-06-28] FF Extension: Adblock Plus - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-28] FF Extension: Tab Mix Plus - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-04-25] FF Extension: DownThemAll! - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-24] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014-09-21] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKLM-x32\...\Mozilla Firefox 32.0.2\Extensions: [Components] - C:\Program Files (x86)\Mozilla Firefox\components FF HKLM-x32\...\Mozilla Firefox 32.0.2\Extensions: [Plugins] - C:\Program Files (x86)\Mozilla Firefox\plugins FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-11-16] FF StartMenuInternet: FIREFOX.EXE - "c:\program files (x86)\mozilla firefox\firefox.exe" Chrome: ======= CHR Profile: C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\default CHR Extension: (No Name) - C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf [2013-06-26] CHR HKLM-x32\...\Chrome\Extension: [cenfbebdhgbldbkkndbjgjngdnkghemj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2599\ch\MediaWatchV1home2599.crx [] CHR HKLM-x32\...\Chrome\Extension: [egboolelbjcdgnopcmdokdiegcmnfpfn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8960\ch\MediaViewV1alpha8960.crx [] CHR HKLM-x32\...\Chrome\Extension: [fdfmghmenmllgflfnbcdomgbelmjkepl] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha113\ch\MediaViewV1alpha113.crx [] CHR HKLM-x32\...\Chrome\Extension: [peeijnafianehabjhnlkiopmolfloakl] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode9005\ch\MediaBuzzV1mode9005.crx [] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (All) ======================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640 2013-05-11] (Adobe Systems Incorporated) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440 2014-09-10] (Adobe Systems Incorporated) R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation) S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2013-08-31] (AMD) S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation) R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation) R3 AppMgmt; C:\Windows\System32\appmgmts.dll [193536 2009-07-14] (Microsoft Corporation) R3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [149504 2009-07-14] (Microsoft Corporation) S3 aspnet_state; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [51808 2013-09-11] (Microsoft Corporation) R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [679424 2010-11-21] (Microsoft Corporation) R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [679424 2010-11-21] (Microsoft Corporation) S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-21] (Microsoft Corporation) S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-21] (Microsoft Corporation) R2 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-21] (Microsoft Corporation) R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-05] (Microsoft Corporation) S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation) S4 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [67224 2014-03-21] (Microsoft Corporation) S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-21] (Microsoft Corporation) S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [105144 2013-09-11] (Microsoft Corporation) S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2013-09-11] (Microsoft Corporation) S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation) S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2013-07-09] (Microsoft Corporation) R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [140288 2013-07-09] (Microsoft Corporation) S4 CscService; C:\Windows\System32\cscsvc.dll [692224 2010-11-21] (Microsoft Corporation) R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation) S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-21] (Microsoft Corporation) R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-21] (Microsoft Corporation) R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation) S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-21] (Microsoft Corporation) R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-21] (Microsoft Corporation) R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) S3 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-21] (Microsoft Corporation) S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-21] (Microsoft Corporation) R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-21] (Microsoft Corporation) R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) R3 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-01-13] (Microsoft Corporation) S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation) R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-21] (Microsoft Corporation) S3 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176 2012-12-21] (Google Inc.) S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176 2012-12-21] (Google Inc.) S3 gusvc; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2014-02-18] (Google) R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-21] (Microsoft Corporation) R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-21] (Microsoft Corporation) R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-21] (Microsoft Corporation) R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-21] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] S3 idsvc; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [859280 2014-07-01] (Microsoft Corporation) S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-08-19] (Microsoft Corporation) S3 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104 2012-04-20] (Intel(R) Corporation) S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-21] (Microsoft Corporation) R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-21] (Microsoft Corporation) S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) S2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616 2013-09-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-21] (Microsoft Corporation) R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) S4 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [114288 2014-09-19] (Mozilla Foundation) R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-21] (Microsoft Corporation) S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-21] (Microsoft Corporation) S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-21] (Microsoft Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-21] (Microsoft Corporation) S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) S4 NetMsmqActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation) S4 NetPipeActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation) R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) S4 NetTcpActivator; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation) S4 NetTcpPortSharing; c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-09-11] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation) R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation) S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [1361920 2009-07-14] (Microsoft Corporation) S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-21] (Microsoft Corporation) S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-21] (Microsoft Corporation) R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation) S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-21] (Microsoft Corporation) R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation) S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-21] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-21] (Microsoft Corporation) R2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-21] (Microsoft Corporation) S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-21] (Microsoft Corporation) R3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-21] (Microsoft Corporation) S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-21] (Microsoft Corporation) R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-21] (Microsoft Corporation) S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-21] (Microsoft Corporation) S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-21] (Microsoft Corporation) R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-21] (Microsoft Corporation) S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) S3 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation) S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-21] (Microsoft Corporation) S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-21] (Microsoft Corporation) S3 StorSvc; C:\Windows\system32\storsvc.dll [17920 2009-07-14] (Microsoft Corporation) S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-21] (Microsoft Corporation) S3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-21] (Microsoft Corporation) S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-21] (Microsoft Corporation) S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-21] (Microsoft Corporation) S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) S3 TermService; C:\Windows\System32\termsrv.dll [680960 2010-11-21] (Microsoft Corporation) R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) S3 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-21] (Microsoft Corporation) S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) S3 UmRdpService; C:\Windows\System32\umrdp.dll [214528 2010-11-21] (Microsoft Corporation) S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [43320 2013-10-30] (TuneUp Software) R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36152 2013-10-30] (TuneUp Software) S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-21] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-12] (VIA Technologies, Inc.) S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-21] (Microsoft Corporation) R3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-21] (Microsoft Corporation) S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-21] (Microsoft Corporation) S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-21] (Microsoft Corporation) S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) S3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation) S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-21] (Microsoft Corporation) R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-21] (Microsoft Corporation) R3 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018304 2010-11-21] (Microsoft Corporation) S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2010-11-21] (Microsoft Corporation) R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corp.) S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) S4 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-21] (Microsoft Corporation) S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-21] (Microsoft Corporation) R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation) S4 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation) S4 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) R2 wuauserv; C:\Windows\system32\wuaueng.dll [2477536 2014-05-14] (Microsoft Corporation) S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation) S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-28] (Microsoft Corporation) S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe" [X] ==================== Drivers (All) ========================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-21] (Microsoft Corporation) R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation) S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-21] (Microsoft Corporation) S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Adaptec, Inc.) S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Adaptec, Inc.) S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Adaptec, Inc.) R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-30] (Microsoft Corporation) S3 agp440; C:\Windows\system32\drivers\agp440.sys [61008 2009-07-14] (Microsoft Corporation) S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Acer Laboratories Inc.) S3 amdide; C:\Windows\system32\drivers\amdide.sys [15440 2009-07-14] (Microsoft Corporation) S3 AmdK8; C:\Windows\system32\drivers\amdk8.sys [64512 2009-07-14] (Microsoft Corporation) R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [12528640 2013-08-31] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [618496 2013-08-31] (Advanced Micro Devices, Inc.) S3 AmdPPM; C:\Windows\system32\drivers\amdppm.sys [60928 2009-07-14] (Microsoft Corporation) S3 amdsata; C:\Windows\system32\drivers\amdsata.sys [107904 2011-03-11] (Advanced Micro Devices) S3 amdsbs; C:\Windows\system32\drivers\amdsbs.sys [194128 2009-07-14] (AMD Technologies Inc.) R0 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices) S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-21] (Microsoft Corporation) S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Adaptec, Inc.) S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Adaptec, Inc.) R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) R0 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation) R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96768 2013-04-24] (Advanced Micro Devices) S3 b06bdrv; C:\Windows\system32\drivers\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) U5 BattC; C:\Windows\System32\Drivers\BattC.sys [28240 2009-07-14] (Microsoft Corporation) R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation) R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation) S3 BrFiltLo; C:\Windows\system32\drivers\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) S3 BrFiltUp; C:\Windows\system32\drivers\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) S3 BTHMODEM; C:\Windows\system32\drivers\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-21] (Microsoft Corporation) S3 circlass; C:\Windows\system32\drivers\circlass.sys [45568 2009-07-14] (Microsoft Corporation) R0 CLFS; C:\Windows\System32\CLFS.sys [367696 2009-07-14] (Microsoft Corporation) S3 CmBatt; C:\Windows\system32\drivers\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (CMD Technology, Inc.) R0 CNG; C:\Windows\System32\Drivers\cng.sys [458712 2013-07-04] (Microsoft Corporation) S3 Compbatt; C:\Windows\system32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation) R3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [38912 2010-11-21] (Microsoft Corporation) S4 crcdisk; C:\Windows\system32\drivers\crcdisk.sys [24144 2009-07-14] (Microsoft Corporation) S4 CSC; C:\Windows\System32\drivers\csc.sys [514560 2010-11-21] (Microsoft Corporation) R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-21] (Microsoft Corporation) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [110336 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr)) R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) R0 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation) S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation) S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [21712 2012-12-24] (Phoenix Technologies) R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [985536 2014-06-16] (Microsoft Corporation) S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Emulex) S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation) S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] () R3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [66728 2014-09-11] (Eugene V. Muzychenko) S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) S3 fdc; C:\Windows\system32\drivers\fdc.sys [29696 2009-07-14] (Microsoft Corporation) R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation) S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) S3 flpydisk; C:\Windows\system32\drivers\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation) S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [55376 2009-07-14] (Microsoft Corporation) U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation) R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation) S3 gagp30kx; C:\Windows\system32\drivers\gagp30kx.sys [65088 2009-07-14] (Microsoft Corporation) S3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] () S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed] S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-21] (Microsoft Corporation) R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2010-11-21] (Microsoft Corporation) S3 HidBatt; C:\Windows\system32\drivers\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) S3 HidBth; C:\Windows\system32\drivers\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) S3 HidIr; C:\Windows\system32\drivers\hidir.sys [46592 2009-07-14] (Microsoft Corporation) R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-21] (Microsoft Corporation) S3 HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys [78720 2010-11-21] (Hewlett-Packard Company) R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-21] (Microsoft Corporation) R0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation) S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) R0 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [568600 2012-02-01] (Intel Corporation) R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [632168 2013-11-21] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation) S3 iaStorV; C:\Windows\system32\drivers\iaStorV.sys [410496 2011-03-11] (Intel Corporation) S3 iirsp; C:\Windows\system32\drivers\iirsp.sys [44112 2009-07-14] (Intel Corp./ICP vortex GmbH) S3 intelide; C:\Windows\system32\drivers\intelide.sys [16960 2009-07-14] (Microsoft Corporation) R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-21] (Microsoft Corporation) S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-21] (Microsoft Corporation) S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) S3 isapnp; C:\Windows\system32\drivers\isapnp.sys [20544 2009-07-14] (Microsoft Corporation) S3 iScsiPrt; C:\Windows\system32\drivers\msiscsi.sys [274880 2014-02-04] (Microsoft Corporation) R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [19264 2012-05-20] (Intel Corporation) R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [357184 2012-05-20] (Intel Corporation) R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [789824 2012-05-20] (Intel Corporation) R3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [50768 2009-07-14] (Microsoft Corporation) R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-21] (Microsoft Corporation) R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2014-04-12] (Microsoft Corporation) R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155072 2014-04-12] (Microsoft Corporation) R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.) R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) S3 LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [114752 2009-07-14] (LSI Corporation) S3 LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [106560 2009-07-14] (LSI Corporation) S3 LSI_SAS2; C:\Windows\system32\drivers\lsi_sas2.sys [65600 2009-07-14] (LSI Corporation) S3 LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [115776 2009-07-14] (LSI Corporation) R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-21] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 megasas; C:\Windows\system32\drivers\megasas.sys [35392 2009-07-14] (LSI Corporation) S3 MegaSR; C:\Windows\system32\drivers\MegaSR.sys [284736 2009-07-14] (LSI Corporation, Inc.) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) R3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [49216 2009-07-14] (Microsoft Corporation) R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Microsoft Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) S3 mpio; C:\Windows\system32\drivers\mpio.sys [155008 2010-11-21] (Microsoft Corporation) R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation) R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] (Microsoft Corporation) R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] (Microsoft Corporation) R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] (Microsoft Corporation) R0 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation) S3 msdsm; C:\Windows\system32\drivers\msdsm.sys [140672 2010-11-21] (Microsoft Corporation) R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation) S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation) S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366976 2010-11-21] (Microsoft Corporation) R1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [32320 2009-07-14] (Microsoft Corporation) S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) S3 MTConfig; C:\Windows\system32\drivers\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) R0 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation) R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) R0 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation) S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-21] (Microsoft Corporation) R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-21] (Microsoft Corporation) R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-21] (Microsoft Corporation) R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-21] (Microsoft Corporation) S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (IBM Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation) R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1684928 2014-01-24] (Microsoft Corporation) R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) S3 nvraid; C:\Windows\system32\drivers\nvraid.sys [148352 2011-03-11] (NVIDIA Corporation) S3 nvstor; C:\Windows\system32\drivers\nvstor.sys [166272 2011-03-11] (NVIDIA Corporation) S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) S3 Parport; C:\Windows\system32\drivers\parport.sys [97280 2009-07-14] (Microsoft Corporation) R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation) R0 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation) S3 pciide; C:\Windows\system32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation) S3 pcmcia; C:\Windows\system32\drivers\pcmcia.sys [220752 2009-07-14] (Microsoft Corporation) R0 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation) R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) R3 Point64; C:\Windows\System32\DRIVERS\point64.sys [50896 2014-03-19] (Microsoft Corporation) R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-21] (Microsoft Corporation) S3 Processor; C:\Windows\system32\drivers\processr.sys [60416 2009-07-14] (Microsoft Corporation) S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (QLogic Corporation) S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (QLogic Corporation) S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-21] (Microsoft Corporation) R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-21] (Microsoft Corporation) R3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [165888 2010-11-21] (Microsoft Corporation) R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation) S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-28] (Microsoft Corporation) R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation) R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) R3 RTL8192su; C:\Windows\System32\DRIVERS\RTL8192su.sys [694376 2011-08-11] (Realtek Semiconductor Corporation ) S3 sbp2port; C:\Windows\system32\drivers\sbp2port.sys [103808 2010-11-21] (Microsoft Corporation) S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-21] (Microsoft Corporation) S3 ScreamBAudioSvc; C:\Windows\System32\drivers\ScreamingBAudio64.sys [38992 2010-07-01] (Screaming Bee LLC) R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation) S3 sermouse; C:\Windows\system32\drivers\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-21] (Microsoft Corporation) S3 sfloppy; C:\Windows\system32\drivers\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) S3 SiSRaid2; C:\Windows\system32\drivers\SiSRaid2.sys [43584 2009-07-14] (Silicon Integrated Systems Corp.) S3 SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [80464 2009-07-14] (Silicon Integrated Systems) S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-19] (Synaptics Incorporated) R0 speedfan; C:\Windows\SysWow64\speedfan.sys [28664 2012-12-29] (Almico Software) R0 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation) R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] (Microsoft Corporation) R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] (Microsoft Corporation) R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] (Microsoft Corporation) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [206080 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 stexstor; C:\Windows\system32\drivers\stexstor.sys [24656 2009-07-14] (Promise Technology) R3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12496 2009-07-14] (Microsoft Corporation) R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation) S3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation) R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation) S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation) R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2010-11-21] (Microsoft Corporation) R1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [63360 2010-11-21] (Microsoft Corporation) S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2013-06-15] (Microsoft Corporation) S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [57856 2012-08-23] (Microsoft Corporation) S3 TsUsbGD; C:\Windows\system32\drivers\TsUsbGD.sys [30208 2012-08-23] (Microsoft Corporation) S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-21] (Microsoft Corporation) S3 uagp35; C:\Windows\system32\drivers\uagp35.sys [64080 2009-07-14] (Microsoft Corporation) S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-21] (Microsoft Corporation) S3 uliagpkx; C:\Windows\system32\drivers\uliagpkx.sys [64592 2009-07-14] (Microsoft Corporation) R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-21] (Microsoft Corporation) S3 UmPass; C:\Windows\system32\drivers\umpass.sys [9728 2009-07-14] (Microsoft Corporation) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation) S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation) R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-27] (Microsoft Corporation) R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation) S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation) S3 usbprint; C:\Windows\system32\drivers\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] (Microsoft Corporation) S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation) R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation) S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [215936 2010-11-21] (Microsoft Corporation) R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [2211528 2013-05-11] (VIA Technologies, Inc.) S3 viaide; C:\Windows\system32\drivers\viaide.sys [17488 2009-07-14] (VIA Technologies, Inc.) R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation) R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation) R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [296320 2011-02-25] (Microsoft Corporation) S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [161872 2009-07-14] (VIA Technologies Inc.,Ltd) R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation) R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [17920 2009-07-14] (Microsoft Corporation) S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation) R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-21] (Microsoft Corporation) S3 Wd; C:\Windows\system32\drivers\wd.sys [21056 2009-07-14] (Microsoft Corporation) R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation) R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [22096 2009-07-14] (Microsoft Corporation) S3 WIMMount; C:\Windows\SysWOW64\drivers\wimmount.sys [19008 2009-07-14] (Microsoft Corporation) U3 Winsock; No ImagePath S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-21] (Microsoft Corporation) R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation) S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) R3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2087-01-13 02:31 - 2087-01-13 02:31 - 00000000 ____D () C:\ProgramData\eSellerate 2087-01-13 02:31 - 2014-01-29 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2050-01-01 02:17 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2050-01-01 02:17 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2050-01-01 02:17 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2050-01-01 02:17 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2050-01-01 02:17 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2050-01-01 02:17 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2050-01-01 02:17 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2050-01-01 02:17 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2050-01-01 02:17 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2050-01-01 02:17 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2050-01-01 02:17 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2050-01-01 02:17 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2050-01-01 02:04 - 2050-01-01 02:04 - 00003218 _____ () C:\Windows\System32\Tasks\{E5B542E3-C766-40FD-BDEE-1AA277504F6C} 2050-01-01 01:59 - 2050-01-01 02:12 - 00001686 _____ () C:\Users\BonZZai\AppData\Local\Cracklock.settings 2014-09-21 17:43 - 2014-09-21 17:43 - 00001159 _____ () C:\Users\BonZZai\Desktop\malwareb.txt 2014-09-21 17:17 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-21 17:16 - 2014-09-21 17:24 - 00000000 ____D () C:\AdwCleaner 2014-09-21 17:15 - 2014-09-21 17:15 - 01373475 _____ () C:\Users\BonZZai\Downloads\AdwCleaner_3.310.exe 2014-09-21 17:02 - 2014-09-21 17:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\BonZZai\Downloads\revosetup95.exe 2014-09-21 04:06 - 2014-09-21 04:06 - 00021976 _____ () C:\Users\BonZZai\Downloads\Result.txt 2014-09-21 04:05 - 2014-09-21 04:05 - 00401920 _____ (Farbar) C:\Users\BonZZai\Downloads\MiniToolBox.exe 2014-09-21 04:03 - 2014-09-21 23:43 - 00082349 _____ () C:\Users\BonZZai\Downloads\FRST.txt 2014-09-21 04:03 - 2014-09-21 23:42 - 00000000 ____D () C:\FRST 2014-09-21 04:03 - 2014-09-21 04:04 - 00060138 _____ () C:\Users\BonZZai\Downloads\Addition.txt 2014-09-21 04:02 - 2014-09-21 04:03 - 02105856 _____ (Farbar) C:\Users\BonZZai\Downloads\FRST64.exe 2014-09-21 01:14 - 2014-09-21 01:14 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\EurekaLab s.a.s 2014-09-21 01:11 - 2014-09-21 01:11 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\dlg 2014-09-21 01:08 - 2014-09-21 01:08 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox(1).exe 2014-09-21 01:07 - 2014-09-21 01:07 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox.exe 2014-09-21 00:32 - 2014-09-21 00:39 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00803636 _____ () C:\Users\BonZZai\Downloads\RegpairSetup.exe 2014-09-21 00:32 - 2014-09-21 00:32 - 00001027 _____ () C:\Users\BonZZai\Desktop\Free Window Registry Repair.lnk 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-19 23:09 - 2014-09-19 23:09 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2014-09-19 23:09 - 2014-09-19 23:09 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2014-09-19 23:03 - 2014-09-19 23:03 - 00007598 _____ () C:\Users\BonZZai\AppData\Local\Resmon.ResmonCfg 2014-09-19 19:40 - 2014-09-19 19:40 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411148449 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-19 19:09 - 2014-09-21 17:05 - 00001260 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller.lnk 2014-09-19 19:09 - 2014-09-19 19:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-19 19:07 - 2014-09-19 19:07 - 01101648 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller - CHIP-Installer.exe 2014-09-19 15:46 - 2014-09-19 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-17 00:06 - 2014-09-17 00:07 - 02297624 _____ () C:\Users\BonZZai\Desktop\Metin2 Sycorax ,Hurensohn wird im TS Rassiert xTwinBlade.mp3.sfk 2014-09-16 03:38 - 2014-09-16 03:38 - 07566336 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe 2014-09-15 21:30 - 2014-09-15 22:07 - 114649879 _____ () C:\Users\BonZZai\Downloads\m2kmod_3.0.1.zip 2014-09-12 15:50 - 2014-09-21 23:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-12 15:50 - 2014-09-12 15:50 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-12 15:50 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-09-12 15:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-09-11 00:45 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-11 00:45 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 00:45 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-11 00:45 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-11 00:45 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-11 00:45 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-11 00:45 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-11 00:45 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-11 00:45 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-11 00:45 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-11 00:45 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-11 00:45 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-11 00:45 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-11 00:45 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-11 00:45 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-11 00:45 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-11 00:45 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 00:45 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-11 00:45 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-11 00:45 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-11 00:45 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 00:45 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-11 00:45 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 00:45 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 00:45 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-11 00:45 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-11 00:45 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-11 00:45 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-11 00:45 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 00:45 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 00:45 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 00:45 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-11 00:45 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-11 00:45 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-11 00:45 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-11 00:45 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 00:45 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-11 00:45 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 00:45 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 00:45 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-11 00:45 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-11 00:45 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-11 00:45 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 00:45 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 00:45 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 00:45 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-11 00:45 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-11 00:45 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-11 00:45 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-11 00:45 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 00:36 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 00:36 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-10 23:33 - 2014-09-10 23:33 - 00001027 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-09-10 23:16 - 2014-09-11 18:08 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-09-10 23:03 - 2014-09-10 23:16 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-09-10 21:08 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-10 21:08 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-10 21:08 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-10 21:08 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-10 21:07 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-10 21:07 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-10 21:07 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 21:07 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 21:07 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-10 21:07 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-10 21:07 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-10 20:25 - 2014-06-16 08:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-09-10 20:25 - 2014-06-16 08:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2014-09-07 23:07 - 2014-09-07 23:07 - 00360448 _____ () C:\Users\BonZZai\Desktop\HWID-Generator(1).exe 2014-09-07 22:07 - 2014-09-10 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2014-09-07 22:05 - 2014-09-10 22:58 - 00000000 ____D () C:\Users\BonZZai\Desktop\bot 2014-09-07 22:04 - 2014-09-07 22:04 - 01101648 _____ () C:\Users\BonZZai\Downloads\Virtual Audio Cable - CHIP-Installer.exe 2014-09-07 22:04 - 2014-09-07 22:04 - 00279379 _____ () C:\Users\BonZZai\Downloads\VirtualAudioCable409.zip 2014-09-07 21:59 - 2014-09-10 23:41 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\foobar2000 2014-09-07 21:59 - 2014-09-10 23:33 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk 2014-09-07 21:59 - 2014-09-10 23:33 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-09-07 21:58 - 2014-09-07 21:58 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer(1).exe 2014-09-07 21:56 - 2014-09-07 21:56 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer.exe 2014-09-02 19:07 - 2014-09-02 19:11 - 07560704 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe 2014-08-27 21:39 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-27 21:39 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-27 21:39 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-26 04:21 - 2014-08-26 04:21 - 00062690 _____ () C:\Users\BonZZai\Downloads\MLB PRESET PACK.rar 2014-08-26 02:00 - 2014-08-26 02:02 - 177148588 _____ () C:\Users\BonZZai\Downloads\Editing pack.zip 2014-08-24 02:03 - 2014-08-24 02:06 - 949016928 _____ () C:\Users\BonZZai\Downloads\JuicyMT2 Client 2014 (PvP-Fun).rar 2014-08-23 20:58 - 2014-08-24 02:07 - 00000000 ____D () C:\Users\BonZZai\Desktop\materia 2014-08-23 20:57 - 2014-08-23 21:09 - 847967621 _____ () C:\Users\BonZZai\Downloads\METERIA2.rar 2014-08-23 20:57 - 2014-08-23 20:57 - 00305895 _____ () C:\Users\BonZZai\Downloads\Meteria2_Patch_04.08.14.rar 2014-08-22 15:57 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-22 15:57 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-22 15:57 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-22 15:57 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-22 15:57 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-22 15:57 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-22 15:57 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-22 15:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-22 15:57 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-22 15:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2087-01-13 02:31 - 2087-01-13 02:31 - 00000000 ____D () C:\ProgramData\eSellerate 2050-01-01 02:12 - 2050-01-01 01:59 - 00001686 _____ () C:\Users\BonZZai\AppData\Local\Cracklock.settings 2050-01-01 02:04 - 2050-01-01 02:04 - 00003218 _____ () C:\Windows\System32\Tasks\{E5B542E3-C766-40FD-BDEE-1AA277504F6C} 2014-09-21 23:43 - 2014-09-21 04:03 - 00082349 _____ () C:\Users\BonZZai\Downloads\FRST.txt 2014-09-21 23:42 - 2014-09-21 04:03 - 00000000 ____D () C:\FRST 2014-09-21 23:39 - 2013-03-01 00:01 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\TS3Client 2014-09-21 23:37 - 2013-03-07 19:16 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\CrashDumps 2014-09-21 23:30 - 2013-05-03 16:29 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA.job 2014-09-21 23:25 - 2014-09-12 15:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-21 23:19 - 2012-12-22 03:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-21 23:09 - 2013-03-13 01:07 - 00000000 ____D () C:\Program Files (x86)\Metin2 2014-09-21 22:30 - 2013-05-03 16:29 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core.job 2014-09-21 22:26 - 2012-12-21 20:43 - 01259231 _____ () C:\Windows\WindowsUpdate.log 2014-09-21 22:10 - 2014-08-01 12:48 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-09-21 22:10 - 2014-04-21 22:04 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Skype 2014-09-21 17:50 - 2014-01-12 17:56 - 00000000 ____D () C:\Users\BonZZai\Downloads\Gameforge Live 2014-09-21 17:43 - 2014-09-21 17:43 - 00001159 _____ () C:\Users\BonZZai\Desktop\malwareb.txt 2014-09-21 17:34 - 2009-07-14 06:45 - 00047008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-21 17:34 - 2009-07-14 06:45 - 00047008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-21 17:31 - 2011-04-12 09:43 - 09240936 _____ () C:\Windows\system32\perfh007.dat 2014-09-21 17:31 - 2011-04-12 09:43 - 02817012 _____ () C:\Windows\system32\perfc007.dat 2014-09-21 17:31 - 2009-07-14 07:13 - 00006260 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-21 17:25 - 2013-12-07 22:43 - 01753244 _____ () C:\Windows\PFRO.log 2014-09-21 17:25 - 2013-12-07 22:43 - 00041538 _____ () C:\Windows\setupact.log 2014-09-21 17:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-21 17:24 - 2014-09-21 17:16 - 00000000 ____D () C:\AdwCleaner 2014-09-21 17:24 - 2014-03-02 16:51 - 00000000 ____D () C:\Windows\system32\log 2014-09-21 17:24 - 2012-12-21 20:43 - 00000000 ____D () C:\Users\BonZZai 2014-09-21 17:15 - 2014-09-21 17:15 - 01373475 _____ () C:\Users\BonZZai\Downloads\AdwCleaner_3.310.exe 2014-09-21 17:07 - 2013-07-29 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2014-09-21 17:05 - 2014-09-19 19:09 - 00001260 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller.lnk 2014-09-21 17:02 - 2014-09-21 17:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\BonZZai\Downloads\revosetup95.exe 2014-09-21 16:11 - 2012-12-21 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-21 04:16 - 2013-03-16 06:48 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\vlc 2014-09-21 04:06 - 2014-09-21 04:06 - 00021976 _____ () C:\Users\BonZZai\Downloads\Result.txt 2014-09-21 04:05 - 2014-09-21 04:05 - 00401920 _____ (Farbar) C:\Users\BonZZai\Downloads\MiniToolBox.exe 2014-09-21 04:04 - 2014-09-21 04:03 - 00060138 _____ () C:\Users\BonZZai\Downloads\Addition.txt 2014-09-21 04:03 - 2014-09-21 04:02 - 02105856 _____ (Farbar) C:\Users\BonZZai\Downloads\FRST64.exe 2014-09-21 03:50 - 2013-10-30 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-21 01:14 - 2014-09-21 01:14 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\EurekaLab s.a.s 2014-09-21 01:14 - 2009-07-14 04:34 - 00000568 _____ () C:\Windows\win.ini 2014-09-21 01:11 - 2014-09-21 01:11 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\dlg 2014-09-21 01:11 - 2012-12-21 22:30 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-21 01:11 - 2012-12-21 22:30 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-09-21 01:08 - 2014-09-21 01:08 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox(1).exe 2014-09-21 01:07 - 2014-09-21 01:07 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox.exe 2014-09-21 00:39 - 2014-09-21 00:32 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00803636 _____ () C:\Users\BonZZai\Downloads\RegpairSetup.exe 2014-09-21 00:32 - 2014-09-21 00:32 - 00001027 _____ () C:\Users\BonZZai\Desktop\Free Window Registry Repair.lnk 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-20 02:13 - 2013-05-02 01:56 - 00000000 ____D () C:\Users\BonZZai\Desktop\YOUTUBE 2014-09-19 23:09 - 2014-09-19 23:09 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2014-09-19 23:09 - 2014-09-19 23:09 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2014-09-19 23:08 - 2013-07-08 03:29 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-19 23:07 - 2012-12-22 03:14 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-09-19 23:04 - 2012-12-22 03:16 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Adobe 2014-09-19 23:03 - 2014-09-19 23:03 - 00007598 _____ () C:\Users\BonZZai\AppData\Local\Resmon.ResmonCfg 2014-09-19 20:33 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\ShellNew 2014-09-19 19:40 - 2014-09-19 19:40 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411148449 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-19 19:11 - 2014-04-03 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2014-09-19 19:11 - 2014-04-03 19:42 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-09-19 19:09 - 2014-09-19 19:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-19 19:09 - 2013-04-08 00:30 - 00000000 ____D () C:\Program Files (x86)\Azureus 2014-09-19 19:07 - 2014-09-19 19:07 - 01101648 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller - CHIP-Installer.exe 2014-09-19 18:58 - 2012-12-21 21:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-19 16:16 - 2014-05-21 00:36 - 00000000 ____D () C:\Users\BonZZai\Desktop\Splitter - Kopie - Kopie 2014-09-19 15:46 - 2014-09-19 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-19 15:46 - 2014-04-21 22:04 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-09-19 15:46 - 2014-04-21 22:04 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-09-19 15:46 - 2013-02-24 01:05 - 00000000 ____D () C:\ProgramData\Skype 2014-09-17 00:16 - 2014-03-04 03:31 - 00000000 ____D () C:\Users\BonZZai\Desktop\yttt 2014-09-17 00:07 - 2014-09-17 00:06 - 02297624 _____ () C:\Users\BonZZai\Desktop\Metin2 Sycorax ,Hurensohn wird im TS Rassiert xTwinBlade.mp3.sfk 2014-09-16 20:49 - 2014-07-21 14:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-09-16 03:38 - 2014-09-16 03:38 - 07566336 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe 2014-09-15 22:07 - 2014-09-15 21:30 - 114649879 _____ () C:\Users\BonZZai\Downloads\m2kmod_3.0.1.zip 2014-09-12 15:50 - 2014-09-12 15:50 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-12 03:37 - 2013-03-08 23:53 - 00004608 _____ () C:\Users\BonZZai\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-11 23:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-11 18:08 - 2014-09-10 23:16 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-09-11 00:43 - 2014-04-12 03:00 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2014-09-11 00:43 - 2013-07-12 03:59 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-11 00:43 - 2013-06-27 16:50 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-09-11 00:43 - 2013-06-27 16:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-09-11 00:43 - 2013-06-27 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-09-11 00:36 - 2012-12-21 22:36 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-11 00:35 - 2014-05-07 01:11 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-10 23:41 - 2014-09-07 21:59 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\foobar2000 2014-09-10 23:33 - 2014-09-10 23:33 - 00001027 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-09-10 23:33 - 2014-09-07 21:59 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk 2014-09-10 23:33 - 2014-09-07 21:59 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-09-10 23:16 - 2014-09-10 23:03 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-09-10 23:03 - 2014-09-07 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2014-09-10 22:58 - 2014-09-07 22:05 - 00000000 ____D () C:\Users\BonZZai\Desktop\bot 2014-09-10 13:19 - 2012-12-22 03:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-10 13:19 - 2012-12-22 03:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-10 13:19 - 2012-12-22 03:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-08 22:46 - 2013-10-25 22:03 - 00001715 _____ () C:\Users\BonZZai\Desktop\ACC Daten.txt 2014-09-07 23:07 - 2014-09-07 23:07 - 00360448 _____ () C:\Users\BonZZai\Desktop\HWID-Generator(1).exe 2014-09-07 22:04 - 2014-09-07 22:04 - 01101648 _____ () C:\Users\BonZZai\Downloads\Virtual Audio Cable - CHIP-Installer.exe 2014-09-07 22:04 - 2014-09-07 22:04 - 00279379 _____ () C:\Users\BonZZai\Downloads\VirtualAudioCable409.zip 2014-09-07 21:58 - 2014-09-07 21:58 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer(1).exe 2014-09-07 21:56 - 2014-09-07 21:56 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer.exe 2014-09-05 04:10 - 2014-09-10 21:07 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-05 04:05 - 2014-09-10 21:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-03 21:58 - 2012-12-21 21:52 - 00000000 ____D () C:\Temp 2014-09-03 21:52 - 2013-07-29 17:25 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive 2014-09-02 19:11 - 2014-09-02 19:07 - 07560704 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe 2014-08-28 18:42 - 2013-12-07 22:43 - 04933592 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-26 04:21 - 2014-08-26 04:21 - 00062690 _____ () C:\Users\BonZZai\Downloads\MLB PRESET PACK.rar 2014-08-26 02:08 - 2014-04-25 19:33 - 00000000 ____D () C:\Users\BonZZai\Desktop\^^^^^^^^^^ 2014-08-26 02:02 - 2014-08-26 02:00 - 177148588 _____ () C:\Users\BonZZai\Downloads\Editing pack.zip 2014-08-24 02:07 - 2014-08-23 20:58 - 00000000 ____D () C:\Users\BonZZai\Desktop\materia 2014-08-24 02:06 - 2014-08-24 02:03 - 949016928 _____ () C:\Users\BonZZai\Downloads\JuicyMT2 Client 2014 (PvP-Fun).rar 2014-08-23 21:09 - 2014-08-23 20:57 - 847967621 _____ () C:\Users\BonZZai\Downloads\METERIA2.rar 2014-08-23 20:57 - 2014-08-23 20:57 - 00305895 _____ () C:\Users\BonZZai\Downloads\Meteria2_Patch_04.08.14.rar 2014-08-23 04:07 - 2014-08-27 21:39 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-27 21:39 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-27 21:39 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys Files to move or delete: ==================== C:\Users\BonZZai\dpinst.exe C:\Users\BonZZai\Setup.exe Some content of TEMP: ==================== C:\Users\BonZZai\AppData\Local\Temp\AAMHelper.exe C:\Users\BonZZai\AppData\Local\Temp\AdobeApplicationManager.exe C:\Users\BonZZai\AppData\Local\Temp\CloudBackup6915.exe C:\Users\BonZZai\AppData\Local\Temp\Quarantine.exe C:\Users\BonZZai\AppData\Local\Temp\sfamcc00001.dll C:\Users\BonZZai\AppData\Local\Temp\sfareca00001.dll C:\Users\BonZZai\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-11 23:19 ==================== End Of Log ============================ |
|
23.09.2014, 23:35
| #10 |
| Ruhe in Frieden † 2019 | Internet langsam seit Änderung durch TuneUp Utilities Hallo, das ist FRST.txt. Ich benötige die addition.txt Mach bitte einen neuen Scan mit FRST und hake addition.txt an Schritt 1 Starte noch einmal FRST.
|
|
25.09.2014, 02:19
| #11 |
| | Internet langsam seit Änderung durch TuneUp Utilities hier nochmal beide sorry das ichs vergessen habe. FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-09-2014 Ran by BonZZai (administrator) on BONZZAI-PC on 25-09-2014 03:17:10 Running from C:\Users\BonZZai\Downloads Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe () C:\Program Files (x86)\GameforgeLive\gfl_client.exe (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [Ocs_SM] => C:\Users\BonZZai\AppData\Roaming\OCS\SM\SearchAnonymizer.exe HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HDAudDeck] => c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe [5675184 2013-05-10] (VIA) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-18] (Google Inc.) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22040168 2014-08-27] (Skype Technologies S.A.) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-437646761-135901211-47947868-1000\...\MountPoints2: {73a36747-4c66-11e2-97f0-806e6f6e6963} - D:\Bin\ASSETUP.exe HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF388E98DB5DFCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {03CDFE7B-8B33-4565-BCCC-3A0FEA895055} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {184A9DD7-741E-11E3-8FF2-3085A9F78590} URL = hxxp://searchinfinitas.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368696E66696E697461732E636F6D2F3F616666696C743D3426713D7B7365617263685465726D737D2669643D7B32324542383538362D433344392D343944312D423934302D3746424432343942364535367D&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0 SearchScopes: HKCU - {37B0EF2A-370F-47EB-8B45-45B5170F4DF5} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {56E47280-68DD-4167-AE5E-61138E294984} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {5F731F12-D4FD-4640-A74E-0C1CC8793B97} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D69653726726C7A3D31493747474E495F64654445353736&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0 SearchScopes: HKCU - {D160EDD2-06B7-424E-84EE-0E3C064E2798} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 SearchScopes: HKCU - {EB6ACCE1-F406-4C8B-90B5-B102C657B832} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKLM - Kango - {F051F6BF-82D9-49A7-9E6C-BA63CDB487D2} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\7e359293-3f24-40c5-bebe-ec2c522ee932.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\a22d3231-3f5c-4f15-bd94-a0d288cfd46d.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\df4d687e-f4c7-40ff-ad66-2f9c6eb49005.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{0277BDC7-BD8F-431E-8CBC-5E1F2B951ECF}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{23F6A38A-964D-489E-A743-F3B9A7D78230}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{30295452-738A-4968-A588-92B0BA09898F}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{9B892BC4-140F-4EFF-AD92-22DDA85F6C84}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{B7748BCB-37C7-40FD-8C38-D04FA3FD8B4F}.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{FF348E83-EEBB-4A2D-9C1D-0829BE838A01}.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: WEB.DE MailCheck - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\toolbar@web.de [2014-09-18] FF Extension: 4shared Desktop Plugin - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\4sharedCopyLinks.xpi.tmp [2013-03-14] FF Extension: Cliqz Beta - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\cliqz@cliqz.com.xpi [2014-07-22] FF Extension: Facebook Toolbar - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\firefox@facebook.com.xpi [2012-12-21] FF Extension: Mark Ads Sites In Search - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\jid1-LGBwZ7tVjRcfIg@jetpack.xpi [2014-06-28] FF Extension: Smoother Web - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-09-11] FF Extension: FirefoxAdKiller - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi [2014-06-28] FF Extension: Adblock Plus - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-28] FF Extension: Tab Mix Plus - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-04-25] FF Extension: DownThemAll! - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-24] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-11-16] Chrome: ======= CHR Profile: C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\default CHR Extension: (No Name) - C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf [2013-06-26] CHR HKLM-x32\...\Chrome\Extension: [cenfbebdhgbldbkkndbjgjngdnkghemj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2599\ch\MediaWatchV1home2599.crx [] CHR HKLM-x32\...\Chrome\Extension: [egboolelbjcdgnopcmdokdiegcmnfpfn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8960\ch\MediaViewV1alpha8960.crx [] CHR HKLM-x32\...\Chrome\Extension: [fdfmghmenmllgflfnbcdomgbelmjkepl] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha113\ch\MediaViewV1alpha113.crx [] CHR HKLM-x32\...\Chrome\Extension: [peeijnafianehabjhnlkiopmolfloakl] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode9005\ch\MediaBuzzV1mode9005.crx [] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-12] (VIA Technologies, Inc.) S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] () S3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] () S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed] R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-25] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-19] (Synaptics Incorporated) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] R3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2087-01-13 02:31 - 2087-01-13 02:31 - 00000000 ____D () C:\ProgramData\eSellerate 2087-01-13 02:31 - 2014-01-29 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2050-01-01 02:17 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2050-01-01 02:17 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2050-01-01 02:17 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2050-01-01 02:17 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2050-01-01 02:17 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2050-01-01 02:17 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2050-01-01 02:17 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2050-01-01 02:17 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2050-01-01 02:17 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2050-01-01 02:17 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2050-01-01 02:17 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2050-01-01 02:17 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2050-01-01 02:04 - 2050-01-01 02:04 - 00003218 _____ () C:\Windows\System32\Tasks\{E5B542E3-C766-40FD-BDEE-1AA277504F6C} 2050-01-01 01:59 - 2050-01-01 02:12 - 00001686 _____ () C:\Users\BonZZai\AppData\Local\Cracklock.settings 2014-09-25 03:17 - 2014-09-25 03:17 - 00000000 ____D () C:\Users\BonZZai\Downloads\FRST-OlderVersion 2014-09-23 21:09 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-23 21:09 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-21 17:43 - 2014-09-21 17:43 - 00001159 _____ () C:\Users\BonZZai\Desktop\malwareb.txt 2014-09-21 17:17 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-21 17:16 - 2014-09-21 17:24 - 00000000 ____D () C:\AdwCleaner 2014-09-21 17:15 - 2014-09-21 17:15 - 01373475 _____ () C:\Users\BonZZai\Downloads\AdwCleaner_3.310.exe 2014-09-21 17:02 - 2014-09-21 17:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\BonZZai\Downloads\revosetup95.exe 2014-09-21 04:06 - 2014-09-21 04:06 - 00021976 _____ () C:\Users\BonZZai\Downloads\Result.txt 2014-09-21 04:05 - 2014-09-21 04:05 - 00401920 _____ (Farbar) C:\Users\BonZZai\Downloads\MiniToolBox.exe 2014-09-21 04:03 - 2014-09-25 03:17 - 00024356 _____ () C:\Users\BonZZai\Downloads\FRST.txt 2014-09-21 04:03 - 2014-09-25 03:17 - 00000000 ____D () C:\FRST 2014-09-21 04:03 - 2014-09-21 23:51 - 00059780 _____ () C:\Users\BonZZai\Downloads\Addition.txt 2014-09-21 04:02 - 2014-09-25 03:17 - 02106880 _____ (Farbar) C:\Users\BonZZai\Downloads\FRST64.exe 2014-09-21 01:14 - 2014-09-21 01:14 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\EurekaLab s.a.s 2014-09-21 01:11 - 2014-09-21 01:11 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\dlg 2014-09-21 01:08 - 2014-09-21 01:08 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox(1).exe 2014-09-21 01:07 - 2014-09-21 01:07 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox.exe 2014-09-21 00:32 - 2014-09-21 00:39 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00803636 _____ () C:\Users\BonZZai\Downloads\RegpairSetup.exe 2014-09-21 00:32 - 2014-09-21 00:32 - 00001027 _____ () C:\Users\BonZZai\Desktop\Free Window Registry Repair.lnk 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-19 23:09 - 2014-09-19 23:09 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2014-09-19 23:09 - 2014-09-19 23:09 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2014-09-19 23:03 - 2014-09-19 23:03 - 00007598 _____ () C:\Users\BonZZai\AppData\Local\Resmon.ResmonCfg 2014-09-19 19:40 - 2014-09-19 19:40 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411148449 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-19 19:09 - 2014-09-21 17:05 - 00001260 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller.lnk 2014-09-19 19:09 - 2014-09-19 19:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-19 19:07 - 2014-09-19 19:07 - 01101648 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller - CHIP-Installer.exe 2014-09-19 15:46 - 2014-09-19 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-17 00:06 - 2014-09-17 00:07 - 02297624 _____ () C:\Users\BonZZai\Desktop\Metin2 Sycorax ,Hurensohn wird im TS Rassiert xTwinBlade.mp3.sfk 2014-09-16 03:38 - 2014-09-16 03:38 - 07566336 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe 2014-09-15 21:30 - 2014-09-15 22:07 - 114649879 _____ () C:\Users\BonZZai\Downloads\m2kmod_3.0.1.zip 2014-09-12 15:50 - 2014-09-25 02:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-12 15:50 - 2014-09-12 15:50 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-12 15:50 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-09-12 15:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-09-11 00:45 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-11 00:45 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 00:45 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-11 00:45 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-11 00:45 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-11 00:45 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-11 00:45 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-11 00:45 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-11 00:45 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-11 00:45 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-11 00:45 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-11 00:45 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-11 00:45 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-11 00:45 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-11 00:45 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-11 00:45 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-11 00:45 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 00:45 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-11 00:45 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-11 00:45 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-11 00:45 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 00:45 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-11 00:45 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 00:45 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 00:45 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-11 00:45 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-11 00:45 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-11 00:45 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-11 00:45 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 00:45 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 00:45 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 00:45 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-11 00:45 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-11 00:45 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-11 00:45 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-11 00:45 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 00:45 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-11 00:45 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 00:45 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 00:45 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-11 00:45 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-11 00:45 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-11 00:45 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 00:45 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 00:45 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 00:45 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-11 00:45 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-11 00:45 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-11 00:45 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-11 00:45 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 00:36 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 00:36 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-10 23:33 - 2014-09-10 23:33 - 00001027 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-09-10 23:16 - 2014-09-11 18:08 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-09-10 23:03 - 2014-09-10 23:16 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-09-10 21:08 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-10 21:08 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-10 21:08 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-10 21:08 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-10 21:07 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-10 21:07 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-10 21:07 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 21:07 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 21:07 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-10 21:07 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-10 21:07 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-10 20:25 - 2014-06-16 08:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-09-10 20:25 - 2014-06-16 08:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2014-09-07 23:07 - 2014-09-07 23:07 - 00360448 _____ () C:\Users\BonZZai\Desktop\HWID-Generator(1).exe 2014-09-07 22:07 - 2014-09-10 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2014-09-07 22:05 - 2014-09-10 22:58 - 00000000 ____D () C:\Users\BonZZai\Desktop\bot 2014-09-07 22:04 - 2014-09-07 22:04 - 01101648 _____ () C:\Users\BonZZai\Downloads\Virtual Audio Cable - CHIP-Installer.exe 2014-09-07 22:04 - 2014-09-07 22:04 - 00279379 _____ () C:\Users\BonZZai\Downloads\VirtualAudioCable409.zip 2014-09-07 21:59 - 2014-09-10 23:41 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\foobar2000 2014-09-07 21:59 - 2014-09-10 23:33 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk 2014-09-07 21:59 - 2014-09-10 23:33 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-09-07 21:58 - 2014-09-07 21:58 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer(1).exe 2014-09-07 21:56 - 2014-09-07 21:56 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer.exe 2014-09-02 19:07 - 2014-09-02 19:11 - 07560704 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe 2014-08-27 21:39 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-27 21:39 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-27 21:39 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-26 04:21 - 2014-08-26 04:21 - 00062690 _____ () C:\Users\BonZZai\Downloads\MLB PRESET PACK.rar 2014-08-26 02:00 - 2014-08-26 02:02 - 177148588 _____ () C:\Users\BonZZai\Downloads\Editing pack.zip ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2087-01-13 02:31 - 2087-01-13 02:31 - 00000000 ____D () C:\ProgramData\eSellerate 2050-01-01 02:12 - 2050-01-01 01:59 - 00001686 _____ () C:\Users\BonZZai\AppData\Local\Cracklock.settings 2050-01-01 02:04 - 2050-01-01 02:04 - 00003218 _____ () C:\Windows\System32\Tasks\{E5B542E3-C766-40FD-BDEE-1AA277504F6C} 2014-09-25 03:17 - 2014-09-25 03:17 - 00000000 ____D () C:\Users\BonZZai\Downloads\FRST-OlderVersion 2014-09-25 03:17 - 2014-09-21 04:03 - 00024356 _____ () C:\Users\BonZZai\Downloads\FRST.txt 2014-09-25 03:17 - 2014-09-21 04:03 - 00000000 ____D () C:\FRST 2014-09-25 03:17 - 2014-09-21 04:02 - 02106880 _____ (Farbar) C:\Users\BonZZai\Downloads\FRST64.exe 2014-09-25 03:15 - 2014-04-21 22:04 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Skype 2014-09-25 03:00 - 2012-12-21 20:43 - 01442478 _____ () C:\Windows\WindowsUpdate.log 2014-09-25 02:35 - 2014-09-12 15:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-25 02:31 - 2013-05-03 16:29 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA.job 2014-09-25 02:19 - 2012-12-22 03:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-25 00:11 - 2013-03-13 01:07 - 00000000 ____D () C:\Program Files (x86)\Metin2 2014-09-24 23:52 - 2013-03-01 00:01 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\TS3Client 2014-09-24 22:30 - 2013-05-03 16:29 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core.job 2014-09-24 21:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-24 21:19 - 2012-12-22 03:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-24 21:19 - 2012-12-22 03:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-24 21:19 - 2012-12-22 03:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-24 21:18 - 2009-07-14 06:45 - 00047008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-24 21:18 - 2009-07-14 06:45 - 00047008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-24 21:14 - 2011-04-12 09:43 - 09285066 _____ () C:\Windows\system32\perfh007.dat 2014-09-24 21:14 - 2011-04-12 09:43 - 02831070 _____ () C:\Windows\system32\perfc007.dat 2014-09-24 21:14 - 2009-07-14 07:13 - 00006260 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-24 21:09 - 2013-12-07 22:43 - 00041706 _____ () C:\Windows\setupact.log 2014-09-24 21:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-24 03:00 - 2014-03-04 03:31 - 00000000 ____D () C:\Users\BonZZai\Desktop\yttt 2014-09-24 02:20 - 2013-03-16 06:48 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\vlc 2014-09-23 21:05 - 2013-03-07 19:16 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\CrashDumps 2014-09-23 21:01 - 2013-12-07 22:43 - 01760332 _____ () C:\Windows\PFRO.log 2014-09-23 01:19 - 2013-11-18 21:49 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Paint.NET 2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-09-21 23:51 - 2014-09-21 04:03 - 00059780 _____ () C:\Users\BonZZai\Downloads\Addition.txt 2014-09-21 22:10 - 2014-08-01 12:48 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-09-21 17:50 - 2014-01-12 17:56 - 00000000 ____D () C:\Users\BonZZai\Downloads\Gameforge Live 2014-09-21 17:43 - 2014-09-21 17:43 - 00001159 _____ () C:\Users\BonZZai\Desktop\malwareb.txt 2014-09-21 17:24 - 2014-09-21 17:16 - 00000000 ____D () C:\AdwCleaner 2014-09-21 17:24 - 2014-03-02 16:51 - 00000000 ____D () C:\Windows\system32\log 2014-09-21 17:24 - 2012-12-21 20:43 - 00000000 ____D () C:\Users\BonZZai 2014-09-21 17:15 - 2014-09-21 17:15 - 01373475 _____ () C:\Users\BonZZai\Downloads\AdwCleaner_3.310.exe 2014-09-21 17:07 - 2013-07-29 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2014-09-21 17:05 - 2014-09-19 19:09 - 00001260 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller.lnk 2014-09-21 17:02 - 2014-09-21 17:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\BonZZai\Downloads\revosetup95.exe 2014-09-21 16:11 - 2012-12-21 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-21 04:06 - 2014-09-21 04:06 - 00021976 _____ () C:\Users\BonZZai\Downloads\Result.txt 2014-09-21 04:05 - 2014-09-21 04:05 - 00401920 _____ (Farbar) C:\Users\BonZZai\Downloads\MiniToolBox.exe 2014-09-21 03:50 - 2013-10-30 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-21 01:14 - 2014-09-21 01:14 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\EurekaLab s.a.s 2014-09-21 01:14 - 2009-07-14 04:34 - 00000568 _____ () C:\Windows\win.ini 2014-09-21 01:11 - 2014-09-21 01:11 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\dlg 2014-09-21 01:11 - 2012-12-21 22:30 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-21 01:11 - 2012-12-21 22:30 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-09-21 01:08 - 2014-09-21 01:08 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox(1).exe 2014-09-21 01:07 - 2014-09-21 01:07 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox.exe 2014-09-21 00:39 - 2014-09-21 00:32 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00803636 _____ () C:\Users\BonZZai\Downloads\RegpairSetup.exe 2014-09-21 00:32 - 2014-09-21 00:32 - 00001027 _____ () C:\Users\BonZZai\Desktop\Free Window Registry Repair.lnk 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-20 02:13 - 2013-05-02 01:56 - 00000000 ____D () C:\Users\BonZZai\Desktop\YOUTUBE 2014-09-19 23:09 - 2014-09-19 23:09 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2014-09-19 23:09 - 2014-09-19 23:09 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2014-09-19 23:08 - 2013-07-08 03:29 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-19 23:07 - 2012-12-22 03:14 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-09-19 23:04 - 2012-12-22 03:16 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Adobe 2014-09-19 23:03 - 2014-09-19 23:03 - 00007598 _____ () C:\Users\BonZZai\AppData\Local\Resmon.ResmonCfg 2014-09-19 20:33 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\ShellNew 2014-09-19 19:40 - 2014-09-19 19:40 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411148449 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-19 19:11 - 2014-04-03 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2014-09-19 19:11 - 2014-04-03 19:42 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-09-19 19:09 - 2014-09-19 19:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-19 19:09 - 2013-04-08 00:30 - 00000000 ____D () C:\Program Files (x86)\Azureus 2014-09-19 19:07 - 2014-09-19 19:07 - 01101648 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller - CHIP-Installer.exe 2014-09-19 18:58 - 2012-12-21 21:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-19 16:16 - 2014-05-21 00:36 - 00000000 ____D () C:\Users\BonZZai\Desktop\Splitter - Kopie - Kopie 2014-09-19 15:46 - 2014-09-19 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-19 15:46 - 2014-04-21 22:04 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-09-19 15:46 - 2014-04-21 22:04 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-09-19 15:46 - 2013-02-24 01:05 - 00000000 ____D () C:\ProgramData\Skype 2014-09-17 00:07 - 2014-09-17 00:06 - 02297624 _____ () C:\Users\BonZZai\Desktop\Metin2 Sycorax ,Hurensohn wird im TS Rassiert xTwinBlade.mp3.sfk 2014-09-16 20:49 - 2014-07-21 14:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-09-16 03:38 - 2014-09-16 03:38 - 07566336 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe 2014-09-15 22:07 - 2014-09-15 21:30 - 114649879 _____ () C:\Users\BonZZai\Downloads\m2kmod_3.0.1.zip 2014-09-12 15:50 - 2014-09-12 15:50 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-12 03:37 - 2013-03-08 23:53 - 00004608 _____ () C:\Users\BonZZai\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-11 18:08 - 2014-09-10 23:16 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-09-11 00:43 - 2014-04-12 03:00 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2014-09-11 00:43 - 2013-07-12 03:59 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-11 00:43 - 2013-06-27 16:50 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-09-11 00:43 - 2013-06-27 16:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-09-11 00:43 - 2013-06-27 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-09-11 00:36 - 2012-12-21 22:36 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-11 00:35 - 2014-05-07 01:11 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-10 23:41 - 2014-09-07 21:59 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\foobar2000 2014-09-10 23:33 - 2014-09-10 23:33 - 00001027 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-09-10 23:33 - 2014-09-07 21:59 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk 2014-09-10 23:33 - 2014-09-07 21:59 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-09-10 23:16 - 2014-09-10 23:03 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-09-10 23:03 - 2014-09-07 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2014-09-10 22:58 - 2014-09-07 22:05 - 00000000 ____D () C:\Users\BonZZai\Desktop\bot 2014-09-10 00:11 - 2014-09-23 21:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-09 23:47 - 2014-09-23 21:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-08 22:46 - 2013-10-25 22:03 - 00001715 _____ () C:\Users\BonZZai\Desktop\ACC Daten.txt 2014-09-07 23:07 - 2014-09-07 23:07 - 00360448 _____ () C:\Users\BonZZai\Desktop\HWID-Generator(1).exe 2014-09-07 22:04 - 2014-09-07 22:04 - 01101648 _____ () C:\Users\BonZZai\Downloads\Virtual Audio Cable - CHIP-Installer.exe 2014-09-07 22:04 - 2014-09-07 22:04 - 00279379 _____ () C:\Users\BonZZai\Downloads\VirtualAudioCable409.zip 2014-09-07 21:58 - 2014-09-07 21:58 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer(1).exe 2014-09-07 21:56 - 2014-09-07 21:56 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer.exe 2014-09-05 04:10 - 2014-09-10 21:07 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-05 04:05 - 2014-09-10 21:07 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-03 21:58 - 2012-12-21 21:52 - 00000000 ____D () C:\Temp 2014-09-03 21:52 - 2013-07-29 17:25 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive 2014-09-02 19:11 - 2014-09-02 19:07 - 07560704 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe 2014-08-28 18:42 - 2013-12-07 22:43 - 04933592 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-26 04:21 - 2014-08-26 04:21 - 00062690 _____ () C:\Users\BonZZai\Downloads\MLB PRESET PACK.rar 2014-08-26 02:08 - 2014-04-25 19:33 - 00000000 ____D () C:\Users\BonZZai\Desktop\^^^^^^^^^^ 2014-08-26 02:02 - 2014-08-26 02:00 - 177148588 _____ () C:\Users\BonZZai\Downloads\Editing pack.zip Files to move or delete: ==================== C:\Users\BonZZai\dpinst.exe C:\Users\BonZZai\Setup.exe Some content of TEMP: ==================== C:\Users\BonZZai\AppData\Local\Temp\AAMHelper.exe C:\Users\BonZZai\AppData\Local\Temp\AdobeApplicationManager.exe C:\Users\BonZZai\AppData\Local\Temp\CloudBackup6915.exe C:\Users\BonZZai\AppData\Local\Temp\Quarantine.exe C:\Users\BonZZai\AppData\Local\Temp\sfamcc00001.dll C:\Users\BonZZai\AppData\Local\Temp\sfareca00001.dll C:\Users\BonZZai\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-24 21:39 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2014
Ran by BonZZai at 2014-09-25 03:17:51
Running from C:\Users\BonZZai\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.12 - Advanced Micro Devices, Inc.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Atheros Communications Inc.)
AVS Image Converter 2.3.1.244 (HKLM-x32\...\AVS Image Converter_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.3.492 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: 11.0 - Driver-Soft Inc.)
Driver Operating Service (HKCU\...\9b8aaf488bf6380a) (Version: 1.0.0.86 - Driver Operating Service)
FLV Media Player version 1.3 (HKLM-x32\...\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1) (Version: 1.3 - FLVMPlayer)
foobar2000 v1.3.4 beta 2 (HKLM-x32\...\foobar2000) (Version: 1.3.4 beta 2 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Driver Scout (HKLM-x32\...\{36e136d1-209a-4733-9b4e-bcfa2797265a}) (Version: 1.0.0.101 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.101 - Covus Freemium) Hidden
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version: - )
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.9.0.1001 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
ISY USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.14 - ISY)
ISY USB Wireless Adapter (x32 Version: 1.0.0.14 - ISY) Hidden
JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team)
K-Lite Mega Codec Pack 10.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Magic Bullet Looks Vegas (HKLM-x32\...\Magic Bullet Looks Vegas) (Version: - )
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{7C419638-A20F-441A-8FE0-9D9724B1A793}) (Version: 11.4.3 - Red Giant Software)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (Version: 11.4.3 - Red Giant Software) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 de)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version: - )
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: - )
NewBlue 3D Transformations for Vegas (HKLM-x32\...\NewBlue 3D Transformations for Vegas) (Version: - )
NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version: - )
NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version: - )
NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version: - )
NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version: - )
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: - )
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version: - )
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: - )
NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version: - )
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: - )
NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version: - )
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: - )
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: - )
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: - )
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 24.0.1558.61 (HKLM-x32\...\Opera 24.0.1558.61) (Version: 24.0.1558.61 - Opera Software ASA)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.8.100.5 - Red Giant, LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
Shutdown7 1.9 (HKLM-x32\...\Shutdown7 1.9) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SmootherWeb (HKCU Version: 1.0 - SmootherWeb LLC) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.143 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.143 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
Virtual Audio Cable 4.9 (HKLM\...\Virtual Audio Cable 4.9) (Version: - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
16-09-2014 18:59:31 Windows Update
19-09-2014 16:57:15 Removed PriceSparrow
19-09-2014 17:00:01 TuneUp Utilities 2014 wird entfernt
19-09-2014 17:03:56 TuneUp Utilities 2014 wird entfernt
19-09-2014 17:06:21 TuneUp Utilities 2014 wird entfernt
19-09-2014 17:09:38 Revo Uninstaller's restore point - Azureus
19-09-2014 17:11:11 Revo Uninstaller's restore point - AVS4YOU Software Navigator 1.4
19-09-2014 21:08:07 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
19-09-2014 21:08:41 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
20-09-2014 23:36:45 Windows Update
21-09-2014 14:26:53 Removed Java 7 Update 45
21-09-2014 14:28:16 Removed Java 7 Update 40 (64-bit)
21-09-2014 15:06:17 Revo Uninstaller's restore point - AION Free-to-Play
21-09-2014 15:07:46 Revo Uninstaller's restore point - Update Manager for SweetPacks 1.1
21-09-2014 15:10:20 Revo Uninstaller's restore point - SweetPacks bundle uninstaller
21-09-2014 15:12:20 Revo Uninstaller's restore point - Snap.Do Engine
21-09-2014 15:13:04 Revo Uninstaller's restore point - Snap.Do
21-09-2014 15:30:13 Removed Java SE Development Kit 7 Update 40 (64-bit)
23-09-2014 23:45:42 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A84BFA0-E537-4691-B649-5C454BCDD6F0} - System32\Tasks\Driver Whiz-RTMScan => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
Task: {0B159648-241A-4EFC-A2EB-F90E964B9326} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {0EC81E02-CA59-4C98-871E-1D4C08E5681F} - System32\Tasks\DriverBoost-RTMRules => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {14ADD527-F516-48DB-86D5-D9D37FF15921} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {23EC4C4D-C257-4728-B5DF-71D20F60321F} - System32\Tasks\Driver Whiz-RTMUpdater => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
Task: {38EDEB92-7804-4FE4-B1BE-B6C8C3CD067F} - System32\Tasks\{FBB67B26-EADD-41C8-B6EF-6B883B96CD45} => C:\Program Files\Sony\Vegas Pro 12.0\vegas120.exe [2014-01-29] (Sony Creative Software Inc.)
Task: {39DF60BE-A0EC-4A1D-97AE-5B56F083DFA5} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {42F64D4E-A233-4C93-A050-B27C9F422903} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-08-29] ()
Task: {44D4F1C2-C584-4347-B248-861265E773EB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {48A09266-F648-49C7-878C-9AAFF04E537C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {4E684193-0DE3-477E-9110-315DB359E44A} - System32\Tasks\DriverBoost-RTMUpdater => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {5F969B3A-0F06-4DFB-8941-AD17E17A67F2} - System32\Tasks\DriverBoost-RTMScan => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {6E7698E5-4776-4038-8679-F8C85B99B09B} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {88FC76A0-F244-482F-919E-BB0983BC13DF} - System32\Tasks\Driver Whiz-RTMRules => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
Task: {99BE8DC6-EB48-43B1-BE5F-41F19E70545E} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {A34E7C70-2BAD-42B7-8BC7-7367725B2171} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {A701A61E-E000-4FA1-BF1F-237A8C75BF5D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {AE4A772A-0C52-42E9-BE44-DD9A57F633C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {BC96EE73-C683-4F1D-AF06-8FBD4144C138} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: {C0FFBCAA-3DCD-4019-9C8C-59C4DB6E9499} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {CA988209-9674-4A49-BBB7-0428DD9C0A5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {D007FAFD-88DD-4190-BC1A-D046EC746F72} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {DCD007F2-0016-4788-B36A-34A0D28561EF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {DE9CAEF2-C2A2-4421-8126-D17150656D87} - System32\Tasks\Opera scheduled Autoupdate 1411148449 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-12] (Opera Software)
Task: {E089DB2A-D720-4E98-A761-C3DFA1DFB0F3} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {E451187D-C1BB-4779-9D4F-9393B23E7414} - System32\Tasks\Google Updater and Installer => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {EDA874AA-0AC2-4BE1-94B7-C6D85DF1398D} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2014-08-13] ()
Task: {EF16BFF5-81F0-4DD6-A3C3-4E486180A791} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core.job => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA.job => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
==================== Loaded Modules (whitelisted) =============
2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-10-29 12:08 - 2014-08-07 22:11 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-10-29 12:08 - 2014-08-07 22:11 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2012-10-29 12:08 - 2014-08-07 22:11 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-10 23:39 - 2014-08-07 22:11 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2013-07-29 17:25 - 2014-08-07 14:02 - 03034496 _____ () C:\Program Files (x86)\GameforgeLive\gfl_client.exe
2013-10-30 19:53 - 2014-09-21 03:50 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-10 13:19 - 2014-09-10 13:19 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
2013-07-29 17:25 - 2014-02-13 14:32 - 00088064 _____ () C:\Program Files (x86)\GameforgeLive\libgcc_s_sjlj-1.dll
2013-07-29 17:25 - 2014-02-13 14:32 - 00863744 _____ () C:\Program Files (x86)\GameforgeLive\libstdc++-6.dll
2013-07-29 17:25 - 2014-02-13 14:33 - 01765301 _____ () C:\Program Files (x86)\GameforgeLive\libgcrypt-11.dll
2013-07-29 17:25 - 2014-02-13 14:33 - 00126959 _____ () C:\Program Files (x86)\GameforgeLive\libgpg-error-0.dll
2013-07-29 17:25 - 2014-02-14 14:55 - 00530432 _____ () C:\Program Files (x86)\GameforgeLive\log4qt.dll
2013-07-29 17:25 - 2014-02-14 14:54 - 00141312 _____ () C:\Program Files (x86)\GameforgeLive\qjson.dll
2014-01-29 17:24 - 2014-02-14 15:19 - 05686669 _____ () C:\Program Files (x86)\GameforgeLive\libtorrent.dll
2014-01-29 17:24 - 2014-02-14 13:32 - 00097659 _____ () C:\Program Files (x86)\GameforgeLive\libboost_system-mgw47-mt-1_53.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/24/2014 09:41:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (09/24/2014 09:13:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (09/24/2014 09:13:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/24/2014 09:13:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/24/2014 09:09:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2014 09:06:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (09/23/2014 09:06:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/23/2014 09:06:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/23/2014 09:05:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.20.73.104, Zeitstempel: 0x53fd9234
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00035dc6
ID des fehlerhaften Prozesses: 0xb78
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Error: (09/23/2014 09:01:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/24/2014 09:13:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/24/2014 09:13:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Management and Security Application Local Management Service erreicht.
Error: (09/24/2014 09:11:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Skype Click to Call PNR Service" wurde nicht richtig gestartet.
Error: (09/24/2014 09:09:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/23/2014 09:05:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/23/2014 09:05:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Management and Security Application Local Management Service erreicht.
Error: (09/23/2014 09:03:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Skype Click to Call PNR Service" wurde nicht richtig gestartet.
Error: (09/23/2014 09:01:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/22/2014 09:01:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/22/2014 09:01:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Management and Security Application Local Management Service erreicht.
Microsoft Office Sessions:
=========================
Error: (09/24/2014 09:41:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
Error: (09/24/2014 09:13:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (09/24/2014 09:13:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/24/2014 09:13:57 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/24/2014 09:09:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2014 09:06:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (09/23/2014 09:06:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/23/2014 09:06:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/23/2014 09:05:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe6.20.73.10453fd9234KERNELBASE.dll6.1.7601.1840953159a86c000000500035dc6b7801cfd7610ddb22abC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Windows\syswow64\KERNELBASE.dll9ba4d435-4354-11e4-b426-3085a9f78590
Error: (09/23/2014 09:01:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-09-10 11:54:05.313
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-10 11:54:05.188
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-09 18:16:12.856
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-09 18:16:12.731
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 20:48:30.472
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 20:48:30.347
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-07 22:08:22.612
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-07 22:08:22.537
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 66%
Total physical RAM: 8144.43 MB
Available physical RAM: 2736.54 MB
Total Pagefile: 16587.05 MB
Available Pagefile: 10538.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:664.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 667C083D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
28.09.2014, 00:36
| #12 |
| Ruhe in Frieden † 2019 | Internet langsam seit Änderung durch TuneUp Utilities Hallo, entschuldige bitte die Verspätung, Wie sieht es denn nach diesen Schritten hier aus? Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM\...\Run: [Ocs_SM] => C:\Users\BonZZai\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
SearchScopes: HKCU - {03CDFE7B-8B33-4565-BCCC-3A0FEA895055} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {184A9DD7-741E-11E3-8FF2-3085A9F78590} URL = hxxp://searchinfinitas.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368696E66696E697461732E636F6D2F3F616666696C743D3426713D7B7365617263685465726D737D2669643D7B32324542383538362D433344392D343944312D423934302D3746424432343942364535367D&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0
SearchScopes: HKCU - {37B0EF2A-370F-47EB-8B45-45B5170F4DF5} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {56E47280-68DD-4167-AE5E-61138E294984} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {5F731F12-D4FD-4640-A74E-0C1CC8793B97} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E676F6F676C652E636F6D2F7365617263683F713D7B7365617263685465726D737D26726C733D636F6D2E6D6963726F736F66743A7B6C616E67756167657D3A7B72656665727265723A736F757263653F7D2669653D7B696E707574456E636F64696E677D266F653D7B6F7574707574456E636F64696E677D26736F7572636569643D69653726726C7A3D31493747474E495F64654445353736&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&k=0
SearchScopes: HKCU - {D160EDD2-06B7-424E-84EE-0E3C064E2798} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0
SearchScopes: HKCU - {EB6ACCE1-F406-4C8B-90B5-B102C657B832} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d89b515c-d18f-4a95-a1e4-bcfaf1e66dfb&pid=dcude&mode=bounce&k=0
Toolbar: HKLM - Kango - {F051F6BF-82D9-49A7-9E6C-BA63CDB487D2} - No File
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\7e359293-3f24-40c5-bebe-ec2c522ee932.xml
FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\a22d3231-3f5c-4f15-bd94-a0d288cfd46d.xml
FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\df4d687e-f4c7-40ff-ad66-2f9c6eb49005.xml
FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{0277BDC7-BD8F-431E-8CBC-5E1F2B951ECF}.xml
FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{23F6A38A-964D-489E-A743-F3B9A7D78230}.xml
FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{30295452-738A-4968-A588-92B0BA09898F}.xml
FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{9B892BC4-140F-4EFF-AD92-22DDA85F6C84}.xml
FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{B7748BCB-37C7-40FD-8C38-D04FA3FD8B4F}.xml
FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\{FF348E83-EEBB-4A2D-9C1D-0829BE838A01}.xml
FF Extension: Smoother Web - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack.xpi [2014-09-11]
FF Extension: FirefoxAdKiller - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi [2014-06-28]
CHR HKLM-x32\...\Chrome\Extension: [cenfbebdhgbldbkkndbjgjngdnkghemj] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home2599\ch\MediaWatchV1home2599.crx []
CHR HKLM-x32\...\Chrome\Extension: [egboolelbjcdgnopcmdokdiegcmnfpfn] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8960\ch\MediaViewV1alpha8960.crx []
CHR HKLM-x32\...\Chrome\Extension: [fdfmghmenmllgflfnbcdomgbelmjkepl] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha113\ch\MediaViewV1alpha113.crx []
CHR HKLM-x32\...\Chrome\Extension: [peeijnafianehabjhnlkiopmolfloakl] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode9005\ch\MediaBuzzV1mode9005.crx []
Task: {6E7698E5-4776-4038-8679-F8C85B99B09B} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {99BE8DC6-EB48-43B1-BE5F-41F19E70545E} - \PC Performer Logon Scan No Task File <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13088 2011-03-02] ()
C:\Program Files\Enigma Software Group
C:\Users\BonZZai\AppData\Roaming\OCS
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern  ESET Online Scanner
Schritt 3 Starte noch einmal FRST.
|
|
28.09.2014, 19:18
| #13 |
| | Internet langsam seit Änderung durch TuneUp UtilitiesCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=baa6c7e527ac0c498740b6e046840bd2
# engine=20337
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-28 06:11:11
# local_time=2014-09-28 08:11:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1538842 53241187 0 0
# scanned=200405
# found=43
# cleaned=0
# scan_time=4849
sh=A65AAC74B4A831BDE92BF2C5970E9229C230D51B ft=1 fh=c71c001123fe01af vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\$Recycle.Bin\S-1-5-21-437646761-135901211-47947868-1000\$R8RN04H.exe"
sh=46334C954BB7944F30C605CB6FF47A011FC55FE6 ft=1 fh=c71c00115459ea93 vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\$Recycle.Bin\S-1-5-21-437646761-135901211-47947868-1000\$RCEN1YQ.exe"
sh=1D35A58C8FB9D1F253EDF4596905D286204BFB36 ft=1 fh=c71c0011cce9e771 vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\$Recycle.Bin\S-1-5-21-437646761-135901211-47947868-1000\$RCO7TX9.exe"
sh=A65AAC74B4A831BDE92BF2C5970E9229C230D51B ft=1 fh=c71c001123fe01af vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\$Recycle.Bin\S-1-5-21-437646761-135901211-47947868-1000\$RDN7C7N.exe"
sh=D338CBCB2BC58B79AD278FFE7E91A04E776C45CF ft=1 fh=c71c00111cfc575b vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\$Recycle.Bin\S-1-5-21-437646761-135901211-47947868-1000\$RHERFZ8.exe"
sh=9AE86316A60621C0A7BDEF451C84B985A9FF0649 ft=1 fh=c71c0011a648ee6c vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\$Recycle.Bin\S-1-5-21-437646761-135901211-47947868-1000\$RP1WZNT.exe"
sh=272C54D881640B6385AFF828957D43FA9B3E13E7 ft=1 fh=ee0b8dcb5319564f vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\escortShld.dll.vir"
sh=9B825CB5C57DF0C16FDBF777993D2F709D988EBA ft=1 fh=c6b55bd17df6dcb7 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\uninstall.exe.vir"
sh=5FB95D21BE8CF2753FD8A42398ADD26E2B21409F ft=1 fh=0f2c5f177050d203 vn="Variante von Win32/Toolbar.Conduit.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Conduit\Multi\CT3322950\UninstallerUI.exe.vir"
sh=7EFC31C349C63F11909481825B9240F7C51E4E09 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\BonZZai\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.9_0\js\app\background.js.vir"
sh=8AC318CCD2B22FA8329CA445726C4CF3239570FA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\BonZZai\AppData\Local\Google\Chrome\User Data\Default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf\1.23.9_0\js\app\extension.js.vir"
sh=95826B332BD1AC0543C2BA4DB637D082A994B1E5 ft=1 fh=f3159d8e366dd55a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\BonZZai\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=749E0C6D85971204E397EAE65ED10A9A4AEF40AB ft=1 fh=ef830199de104882 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\BonZZai\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\BonZZai\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir"
sh=93AD648467F47DC2708810D169F26F4A814778C5 ft=1 fh=e589ccabe231da4b vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\BonZZai\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=108A500E4A188882CBA720723607F417A6501924 ft=1 fh=5c9da47200740b7c vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{afa59d4f-18ec-4866-949b-f406270e15cb}\ctypes\FirefoxCtype.dll.vir"
sh=C015E890715621E6FF97D3BF893BC75E8E27DE77 ft=1 fh=3ad6b33bccff1099 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{afa59d4f-18ec-4866-949b-f406270e15cb}\Plugins\npFirefoxPlugin.dll.vir"
sh=0C53AD8C5815EC193F269B7F4225526331F55560 ft=1 fh=428351b47f1227d5 vn="Win32/SmootherWeb.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\BonZZai\AppData\Roaming\SmootherWeb\SmootherWeb-Installer.exe.vir"
sh=D0369D8234D11EDC3078D2363C696E9669F600C4 ft=1 fh=4a025439f4dc3316 vn="Win32/VOPackage.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\AppData\Local\nsp5088.tmp"
sh=7028F239FAC673EE7DC7772ACC75D759EA73837D ft=1 fh=e769f095fe49f653 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\298PI17O\spstub[1].exe"
sh=EB960C1AD3807545A95C51B2CF89B66D48437EF5 ft=1 fh=377786694c5d452c vn="Variante von Win32/VOPackage.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FNN2PXCW\dl[1].htm"
sh=54BE56B6705EB161677DEE881A9E7B72E5861179 ft=1 fh=f0ed7077fc73dcf1 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H806L3YV\SPSetup[1].exe"
sh=1A62CD6B4480285717FDF0EFAC5DB9DF5C8DC856 ft=1 fh=b69ff78dfae79992 vn="Variante von Win32/VOPackage.V evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OS2WH9PT\dl[1].htm"
sh=1053BD55B081761A72314E07CD33C43DD1A5188B ft=1 fh=e329eb77e237c8a1 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Desktop\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=D338CBCB2BC58B79AD278FFE7E91A04E776C45CF ft=1 fh=c71c00111cfc575b vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\Users\BonZZai\Desktop\Neuer Ordner (7)\Launcher_Premium(7).exe"
sh=D338CBCB2BC58B79AD278FFE7E91A04E776C45CF ft=1 fh=c71c00111cfc575b vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\Users\BonZZai\Desktop\Splitter - Kopie - Kopie\Splitter - Kopie - Kopie - Kopie\Launcher_Premium(7).exe"
sh=23B050563A81A1C57DABA7805B1E3E6B4C874F2B ft=1 fh=b4fe666c57930953 vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\cbsidlm-cbsi183-Yet_Another_Cleaner-BP-75959789.exe"
sh=F51E88794ED4CB4B2268F163C7E2A3CEB5E9AD76 ft=1 fh=310d86b4e12d1319 vn="Variante von Win32/SlowPCfighter evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\CLEANPC365_1.12.0Full.exe"
sh=00370ADF187FB552D580DB7BCC078AA1A1DC85AA ft=1 fh=cd8610a6eb0d3f87 vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\download_firefox(1).exe"
sh=4D33923E2CD6088B0183E3DE4561EDE0BCBEFB5A ft=1 fh=e158f0d8f78c312f vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\download_firefox.exe"
sh=41405384441917A39C8629B673BFE3F2F3CD4E6D ft=1 fh=9c8daf544118ecf2 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\K Lite Mega Codec Pack - CHIP-Downloader.exe"
sh=A65AAC74B4A831BDE92BF2C5970E9229C230D51B ft=1 fh=c71c001123fe01af vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe"
sh=1D35A58C8FB9D1F253EDF4596905D286204BFB36 ft=1 fh=c71c0011cce9e771 vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe"
sh=D338CBCB2BC58B79AD278FFE7E91A04E776C45CF ft=1 fh=c71c00111cfc575b vn="Variante von Win32/Injector.Autoit.DR Trojaner" ac=I fn="C:\Users\BonZZai\Downloads\Launcher_Premium(7).exe"
sh=1EE10CA51E059A7082E104CFEE4C0A98B3EE3DC0 ft=1 fh=12dd0005eb20a3fd vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\Microsoft Maus und Tastatur Center 64 Bit - CHIP-Downloader.exe"
sh=ADA65AB8EC8324DA7626784AF37A398C4D00BC72 ft=1 fh=258a14aa4fe451e5 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\OpenOffice - CHIP-Downloader.exe"
sh=2D5C81A6A4ED2D020D27E400AD85801E39B88A62 ft=1 fh=e889f36b2977e0dd vn="Variante von Win32/DownloadGuide.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\samsung-kies.exe"
sh=B8752608AB6D91B40FBD4BB50253F5350DDB85C3 ft=1 fh=833f3b4699158639 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\Skype - CHIP-Downloader.exe"
sh=30A981CDA0A9B3D1801C5BCBAAB9CAD9E7C9238C ft=1 fh=0db056e1351d494e vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\SpeedFan - CHIP-Installer.exe"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]"
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 01 Ran by BonZZai (administrator) on BONZZAI-PC on 28-09-2014 20:15:45 Running from C:\Users\BonZZai\Desktop\frst Loaded Profile: BonZZai (Available profiles: BonZZai) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Program Files (x86)\GameforgeLive\gfl_client.exe (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin (Ymir Entertainment) C:\Program Files (x86)\Metin2\metin2client.bin ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HDAudDeck] => c:\program files (x86)\via\viaudioi\vdeck\vdeck.exe [5675184 2013-05-10] (VIA) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694040 2014-07-22] (Adobe Systems Incorporated) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-02-18] (Google Inc.) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22040168 2014-08-27] (Skype Technologies S.A.) HKU\S-1-5-21-437646761-135901211-47947868-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-437646761-135901211-47947868-1000\...\MountPoints2: {73a36747-4c66-11e2-97f0-806e6f6e6963} - D:\Bin\ASSETUP.exe IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF388E98DB5DFCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de URLSearchHook: HKLM-x32 - Default Value = {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @talk.google.com/O3DPlugin -> C:\Users\BonZZai\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll () FF Plugin ProgramFiles/Appdata: C:\Users\BonZZai\AppData\Roaming\mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: WEB.DE MailCheck - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\toolbar@web.de [2014-09-18] FF Extension: 4shared Desktop Plugin - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\4sharedCopyLinks.xpi.tmp [2013-03-14] FF Extension: Cliqz Beta - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\cliqz@cliqz.com.xpi [2014-07-22] FF Extension: Facebook Toolbar - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\firefox@facebook.com.xpi [2012-12-21] FF Extension: Mark Ads Sites In Search - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\jid1-LGBwZ7tVjRcfIg@jetpack.xpi [2014-06-28] FF Extension: Adblock Plus - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-28] FF Extension: Tab Mix Plus - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-04-25] FF Extension: DownThemAll! - C:\Users\BonZZai\AppData\Roaming\Mozilla\Firefox\Profiles\bq41gjvj.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-24] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-11-16] Chrome: ======= CHR Profile: C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\default CHR Extension: (No Name) - C:\Users\BonZZai\AppData\Local\Google\Chrome\User Data\default\Extensions\hojmbfiljpkaijkdifoaacbpallpfkkf [2013-06-26] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-12] (VIA Technologies, Inc.) S2 TuneUp.UtilitiesSvc; "C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] () S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed] S1 hjwqcdaa; C:\Windows\system32\drivers\hjwqcdaa.sys [55104 2014-09-28] (Microsoft Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-28] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-19] (Synaptics Incorporated) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] R3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2087-01-13 02:31 - 2087-01-13 02:31 - 00000000 ____D () C:\ProgramData\eSellerate 2087-01-13 02:31 - 2014-01-29 09:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2050-01-01 02:17 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2050-01-01 02:17 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2050-01-01 02:17 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2050-01-01 02:17 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2050-01-01 02:17 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2050-01-01 02:17 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2050-01-01 02:17 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2050-01-01 02:17 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2050-01-01 02:17 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2050-01-01 02:17 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2050-01-01 02:17 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2050-01-01 02:17 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2050-01-01 02:04 - 2050-01-01 02:04 - 00003218 _____ () C:\Windows\System32\Tasks\{E5B542E3-C766-40FD-BDEE-1AA277504F6C} 2050-01-01 01:59 - 2050-01-01 02:12 - 00001686 _____ () C:\Users\BonZZai\AppData\Local\Cracklock.settings 2014-09-28 19:15 - 2014-09-28 19:15 - 00055104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hjwqcdaa.sys 2014-09-28 18:47 - 2014-09-28 18:47 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-09-28 18:36 - 2014-09-28 20:15 - 00000000 ____D () C:\Users\BonZZai\Desktop\frst 2014-09-27 04:04 - 2014-09-27 04:06 - 00086336 _____ () C:\Users\BonZZai\Desktop\metin2 - new class wolfman.mp4.sfk 2014-09-26 17:34 - 2014-09-26 17:36 - 00000000 ____D () C:\Users\BonZZai\Desktop\Neuer Ordner (7) 2014-09-26 17:15 - 2014-09-26 17:16 - 07568896 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(7).exe 2014-09-25 03:17 - 2014-09-28 18:34 - 00000000 ____D () C:\Users\BonZZai\Downloads\FRST-OlderVersion 2014-09-23 21:09 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-23 21:09 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-21 17:43 - 2014-09-21 17:43 - 00001159 _____ () C:\Users\BonZZai\Desktop\malwareb.txt 2014-09-21 17:17 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-09-21 17:16 - 2014-09-21 17:24 - 00000000 ____D () C:\AdwCleaner 2014-09-21 17:15 - 2014-09-21 17:15 - 01373475 _____ () C:\Users\BonZZai\Downloads\AdwCleaner_3.310.exe 2014-09-21 17:02 - 2014-09-21 17:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\BonZZai\Downloads\revosetup95.exe 2014-09-21 04:06 - 2014-09-21 04:06 - 00021976 _____ () C:\Users\BonZZai\Downloads\Result.txt 2014-09-21 04:05 - 2014-09-21 04:05 - 00401920 _____ (Farbar) C:\Users\BonZZai\Downloads\MiniToolBox.exe 2014-09-21 04:03 - 2014-09-28 20:15 - 00000000 ____D () C:\FRST 2014-09-21 04:03 - 2014-09-25 03:18 - 00056184 _____ () C:\Users\BonZZai\Downloads\FRST.txt 2014-09-21 04:03 - 2014-09-25 03:18 - 00047097 _____ () C:\Users\BonZZai\Downloads\Addition.txt 2014-09-21 01:14 - 2014-09-21 01:14 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\EurekaLab s.a.s 2014-09-21 01:11 - 2014-09-21 01:11 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\dlg 2014-09-21 01:08 - 2014-09-21 01:08 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox(1).exe 2014-09-21 01:07 - 2014-09-21 01:07 - 00472072 _____ () C:\Users\BonZZai\Downloads\download_firefox.exe 2014-09-21 00:32 - 2014-09-21 00:39 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00803636 _____ () C:\Users\BonZZai\Downloads\RegpairSetup.exe 2014-09-21 00:32 - 2014-09-21 00:32 - 00001027 _____ () C:\Users\BonZZai\Desktop\Free Window Registry Repair.lnk 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-21 00:32 - 2014-09-21 00:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair 2014-09-19 23:09 - 2014-09-19 23:09 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk 2014-09-19 23:09 - 2014-09-19 23:09 - 00001293 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk 2014-09-19 23:03 - 2014-09-19 23:03 - 00007598 _____ () C:\Users\BonZZai\AppData\Local\Resmon.ResmonCfg 2014-09-19 19:40 - 2014-09-19 19:40 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411148449 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Opera Software 2014-09-19 19:40 - 2014-09-19 19:40 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-09-19 19:09 - 2014-09-21 17:05 - 00001260 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller.lnk 2014-09-19 19:09 - 2014-09-19 19:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-09-19 19:07 - 2014-09-19 19:07 - 01101648 _____ () C:\Users\BonZZai\Desktop\Revo Uninstaller - CHIP-Installer.exe 2014-09-19 15:46 - 2014-09-19 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-17 00:06 - 2014-09-17 00:07 - 02297624 _____ () C:\Users\BonZZai\Desktop\Metin2 Sycorax ,Hurensohn wird im TS Rassiert xTwinBlade.mp3.sfk 2014-09-16 03:38 - 2014-09-16 03:38 - 07566336 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe 2014-09-15 21:30 - 2014-09-15 22:07 - 114649879 _____ () C:\Users\BonZZai\Downloads\m2kmod_3.0.1.zip 2014-09-12 15:50 - 2014-09-28 19:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-12 15:50 - 2014-09-12 15:50 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-12 15:50 - 2014-09-12 15:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-12 15:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-12 15:50 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-09-12 15:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-09-11 00:45 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-11 00:45 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 00:45 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-11 00:45 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-11 00:45 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-11 00:45 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-11 00:45 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-11 00:45 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-11 00:45 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-11 00:45 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-11 00:45 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-11 00:45 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-11 00:45 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-11 00:45 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-11 00:45 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-11 00:45 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-11 00:45 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-11 00:45 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 00:45 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-11 00:45 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-11 00:45 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-11 00:45 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 00:45 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-11 00:45 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 00:45 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 00:45 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-11 00:45 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 00:45 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-11 00:45 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-11 00:45 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-11 00:45 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 00:45 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 00:45 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 00:45 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-11 00:45 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-11 00:45 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-11 00:45 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-11 00:45 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 00:45 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-11 00:45 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 00:45 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 00:45 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-11 00:45 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-11 00:45 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-11 00:45 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 00:45 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 00:45 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 00:45 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-11 00:45 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-11 00:45 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-11 00:45 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-11 00:45 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 00:36 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 00:36 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-10 23:33 - 2014-09-10 23:33 - 00001027 _____ () C:\Users\Public\Desktop\foobar2000.lnk 2014-09-10 23:16 - 2014-09-11 18:08 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys 2014-09-10 23:03 - 2014-09-10 23:16 - 00000000 ____D () C:\Program Files\Virtual Audio Cable 2014-09-10 21:08 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-10 21:08 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-10 21:08 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-10 21:08 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-10 21:07 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-10 21:07 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-10 21:07 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 21:07 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 21:07 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-10 21:07 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-10 21:07 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-10 20:25 - 2014-06-16 08:01 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-09-10 20:25 - 2014-06-16 08:01 - 00110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2014-09-07 23:07 - 2014-09-07 23:07 - 00360448 _____ () C:\Users\BonZZai\Desktop\HWID-Generator(1).exe 2014-09-07 22:07 - 2014-09-10 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable 2014-09-07 22:04 - 2014-09-07 22:04 - 01101648 _____ () C:\Users\BonZZai\Downloads\Virtual Audio Cable - CHIP-Installer.exe 2014-09-07 22:04 - 2014-09-07 22:04 - 00279379 _____ () C:\Users\BonZZai\Downloads\VirtualAudioCable409.zip 2014-09-07 21:59 - 2014-09-10 23:41 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\foobar2000 2014-09-07 21:59 - 2014-09-10 23:33 - 00001109 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\foobar2000.lnk 2014-09-07 21:59 - 2014-09-10 23:33 - 00000000 ____D () C:\Program Files (x86)\foobar2000 2014-09-07 21:58 - 2014-09-07 21:58 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer(1).exe 2014-09-07 21:56 - 2014-09-07 21:56 - 01101648 _____ () C:\Users\BonZZai\Downloads\foobar2000 - CHIP-Installer.exe 2014-09-02 19:07 - 2014-09-02 19:11 - 07560704 _____ () C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-28 20:06 - 2014-04-21 22:04 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\Skype 2014-09-28 19:32 - 2013-05-03 16:29 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA.job 2014-09-28 19:19 - 2012-12-22 03:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-28 19:16 - 2013-03-13 01:07 - 00000000 ____D () C:\Program Files (x86)\Metin2 2014-09-28 18:48 - 2009-07-14 06:45 - 00047008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-28 18:48 - 2009-07-14 06:45 - 00047008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-28 18:45 - 2012-12-21 20:43 - 01601413 _____ () C:\Windows\WindowsUpdate.log 2014-09-28 18:45 - 2011-04-12 09:43 - 09358616 _____ () C:\Windows\system32\perfh007.dat 2014-09-28 18:45 - 2011-04-12 09:43 - 02854500 _____ () C:\Windows\system32\perfc007.dat 2014-09-28 18:45 - 2009-07-14 07:13 - 00006260 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-28 18:43 - 2013-03-01 00:01 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\TS3Client 2014-09-28 18:40 - 2014-03-06 02:51 - 00000008 __RSH () C:\ProgramData\ntuser.pol 2014-09-28 18:40 - 2014-01-12 03:53 - 00000008 __RSH () C:\Users\BonZZai\ntuser.pol 2014-09-28 18:40 - 2013-12-07 22:43 - 01801846 _____ () C:\Windows\PFRO.log 2014-09-28 18:40 - 2013-12-07 22:43 - 00041986 _____ () C:\Windows\setupact.log 2014-09-28 18:40 - 2012-12-21 20:43 - 00000000 ____D () C:\Users\BonZZai 2014-09-28 18:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-28 18:39 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-09-28 18:37 - 2013-03-07 19:16 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\CrashDumps 2014-09-27 22:30 - 2013-05-03 16:29 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core.job 2014-09-27 05:27 - 2013-03-16 06:48 - 00000000 ____D () C:\Users\BonZZai\AppData\Roaming\vlc 2014-09-27 04:56 - 2013-05-02 01:56 - 00000000 ____D () C:\Users\BonZZai\Desktop\YOUTUBE 2014-09-27 04:52 - 2014-03-04 03:31 - 00000000 ____D () C:\Users\BonZZai\Desktop\yttt 2014-09-27 03:44 - 2013-03-08 23:53 - 00003584 _____ () C:\Users\BonZZai\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-26 17:42 - 2014-05-21 00:36 - 00000000 ____D () C:\Users\BonZZai\Desktop\Splitter - Kopie - Kopie 2014-09-25 20:55 - 2012-12-21 22:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-25 03:50 - 2013-10-30 19:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-24 21:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-24 21:19 - 2012-12-22 03:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-24 21:19 - 2012-12-22 03:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-24 21:19 - 2012-12-22 03:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-23 01:19 - 2013-11-18 21:49 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Paint.NET 2014-09-22 08:42 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-09-21 22:10 - 2014-08-01 12:48 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-09-21 17:50 - 2014-01-12 17:56 - 00000000 ____D () C:\Users\BonZZai\Downloads\Gameforge Live 2014-09-21 17:24 - 2014-03-02 16:51 - 00000000 ____D () C:\Windows\system32\log 2014-09-21 17:07 - 2013-07-29 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2014-09-21 01:14 - 2009-07-14 04:34 - 00000568 _____ () C:\Windows\win.ini 2014-09-21 01:11 - 2012-12-21 22:30 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-09-21 01:11 - 2012-12-21 22:30 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-09-19 23:08 - 2013-07-08 03:29 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-19 23:07 - 2012-12-22 03:14 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-09-19 23:04 - 2012-12-22 03:16 - 00000000 ____D () C:\Users\BonZZai\AppData\Local\Adobe 2014-09-19 20:33 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\ShellNew 2014-09-19 19:11 - 2014-04-03 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU 2014-09-19 19:11 - 2014-04-03 19:42 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-09-19 19:09 - 2013-04-08 00:30 - 00000000 ____D () C:\Program Files (x86)\Azureus 2014-09-19 18:58 - 2012-12-21 21:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-19 15:46 - 2014-04-21 22:04 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-09-19 15:46 - 2014-04-21 22:04 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-09-19 15:46 - 2013-02-24 01:05 - 00000000 ____D () C:\ProgramData\Skype 2014-09-16 20:49 - 2014-07-21 14:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys 2014-09-11 00:43 - 2014-04-12 03:00 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2014-09-11 00:43 - 2013-07-12 03:59 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-11 00:43 - 2013-06-27 16:50 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-09-11 00:43 - 2013-06-27 16:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-09-11 00:43 - 2013-06-27 16:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-09-11 00:36 - 2012-12-21 22:36 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-11 00:35 - 2014-05-07 01:11 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-08 22:46 - 2013-10-25 22:03 - 00001715 _____ () C:\Users\BonZZai\Desktop\ACC Daten.txt 2014-09-03 21:58 - 2012-12-21 21:52 - 00000000 ____D () C:\Temp 2014-09-03 21:52 - 2013-07-29 17:25 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive Files to move or delete: ==================== C:\Users\BonZZai\dpinst.exe C:\Users\BonZZai\Setup.exe Some content of TEMP: ==================== C:\Users\BonZZai\AppData\Local\Temp\AAMHelper.exe C:\Users\BonZZai\AppData\Local\Temp\AdobeApplicationManager.exe C:\Users\BonZZai\AppData\Local\Temp\CloudBackup6915.exe C:\Users\BonZZai\AppData\Local\Temp\Quarantine.exe C:\Users\BonZZai\AppData\Local\Temp\sfamcc00001.dll C:\Users\BonZZai\AppData\Local\Temp\sfareca00001.dll C:\Users\BonZZai\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-24 21:39 ==================== End Of Log ============================ --- --- --- --- --- --- habe den additions text mal auch dazu gemacht Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 01
Ran by BonZZai at 2014-09-28 20:17:08
Running from C:\Users\BonZZai\Desktop\frst
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.7.1.418 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{13351E83-6DCD-4E97-2A8C-5D496259A47F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.12 - Advanced Micro Devices, Inc.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Atheros Communications Inc.)
AVS Image Converter 2.3.1.244 (HKLM-x32\...\AVS Image Converter_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.3.492 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Color Suite v11.1.4 (HKLM-x32\...\{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 11.1.4 - Red Giant, LLC)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: 11.0 - Driver-Soft Inc.)
Driver Operating Service (HKCU\...\9b8aaf488bf6380a) (Version: 1.0.0.86 - Driver Operating Service)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FLV Media Player version 1.3 (HKLM-x32\...\{0E08BAC8-845B-4327-8CDB-4B0F8C9857A5}_is1) (Version: 1.3 - FLVMPlayer)
foobar2000 v1.3.4 beta 2 (HKLM-x32\...\foobar2000) (Version: 1.3.4 beta 2 - Peter Pawlowski)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Driver Scout (HKLM-x32\...\{36e136d1-209a-4733-9b4e-bcfa2797265a}) (Version: 1.0.0.101 - Covus Freemium)
Free Driver Scout (Version: 1.0.0.101 - Covus Freemium) Hidden
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version: - )
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.20.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.9.0.1001 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
ISY USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.14 - ISY)
ISY USB Wireless Adapter (x32 Version: 1.0.0.14 - ISY) Hidden
JAP (HKLM-x32\...\JAP) (Version: 00.19.001 - JAP-Team)
K-Lite Mega Codec Pack 10.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Magic Bullet Looks Vegas (HKLM-x32\...\Magic Bullet Looks Vegas) (Version: - )
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{7C419638-A20F-441A-8FE0-9D9724B1A793}) (Version: 11.4.3 - Red Giant Software)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (Version: 11.4.3 - Red Giant Software) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
NewBlue 3D Explosions for Vegas (HKLM-x32\...\NewBlue 3D Explosions for Vegas) (Version: - )
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: - )
NewBlue 3D Transformations for Vegas (HKLM-x32\...\NewBlue 3D Transformations for Vegas) (Version: - )
NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version: - )
NewBlue Art Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Art Blends 2.0 for Vegas) (Version: - )
NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version: - )
NewBlue Art Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Art Effects 2.0 for Vegas) (Version: - )
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: - )
NewBlue Film Effects for Vegas (HKLM-x32\...\NewBlue Film Effects for Vegas) (Version: - )
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: - )
NewBlue Motion Blends 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Blends 2.0 for Vegas) (Version: - )
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: - )
NewBlue Motion Effects 2.0 for Vegas (HKLM-x32\...\NewBlue Motion Effects 2.0 for Vegas) (Version: - )
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: - )
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: - )
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: - )
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 24.0.1558.61 (HKLM-x32\...\Opera 24.0.1558.61) (Version: 24.0.1558.61 - Opera Software ASA)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.8.100.5 - Red Giant, LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.14044_16 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
Shutdown7 1.9 (HKLM-x32\...\Shutdown7 1.9) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SmootherWeb (HKCU Version: 1.0 - SmootherWeb LLC) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.143 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.143 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{BE94768F-5232-11E3-BD78-F04DA23A5C58}) (Version: 12.0.770 - Sony)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version: - )
Virtual Audio Cable 4.9 (HKLM\...\Virtual Audio Cable 4.9) (Version: - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-437646761-135901211-47947868-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\BonZZai\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
20-09-2014 23:36:45 Windows Update
21-09-2014 14:26:53 Removed Java 7 Update 45
21-09-2014 14:28:16 Removed Java 7 Update 40 (64-bit)
21-09-2014 15:06:17 Revo Uninstaller's restore point - AION Free-to-Play
21-09-2014 15:07:46 Revo Uninstaller's restore point - Update Manager for SweetPacks 1.1
21-09-2014 15:10:20 Revo Uninstaller's restore point - SweetPacks bundle uninstaller
21-09-2014 15:12:20 Revo Uninstaller's restore point - Snap.Do Engine
21-09-2014 15:13:04 Revo Uninstaller's restore point - Snap.Do
21-09-2014 15:30:13 Removed Java SE Development Kit 7 Update 40 (64-bit)
23-09-2014 23:45:42 Windows Update
27-09-2014 19:53:48 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A84BFA0-E537-4691-B649-5C454BCDD6F0} - System32\Tasks\Driver Whiz-RTMScan => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
Task: {0B159648-241A-4EFC-A2EB-F90E964B9326} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {0EC81E02-CA59-4C98-871E-1D4C08E5681F} - System32\Tasks\DriverBoost-RTMRules => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {14ADD527-F516-48DB-86D5-D9D37FF15921} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {23EC4C4D-C257-4728-B5DF-71D20F60321F} - System32\Tasks\Driver Whiz-RTMUpdater => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
Task: {38EDEB92-7804-4FE4-B1BE-B6C8C3CD067F} - System32\Tasks\{FBB67B26-EADD-41C8-B6EF-6B883B96CD45} => C:\Program Files\Sony\Vegas Pro 12.0\vegas120.exe [2014-01-29] (Sony Creative Software Inc.)
Task: {39DF60BE-A0EC-4A1D-97AE-5B56F083DFA5} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {42F64D4E-A233-4C93-A050-B27C9F422903} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-08-29] ()
Task: {44D4F1C2-C584-4347-B248-861265E773EB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {48A09266-F648-49C7-878C-9AAFF04E537C} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {4E684193-0DE3-477E-9110-315DB359E44A} - System32\Tasks\DriverBoost-RTMUpdater => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {5F969B3A-0F06-4DFB-8941-AD17E17A67F2} - System32\Tasks\DriverBoost-RTMScan => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe
Task: {88FC76A0-F244-482F-919E-BB0983BC13DF} - System32\Tasks\Driver Whiz-RTMRules => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
Task: {A34E7C70-2BAD-42B7-8BC7-7367725B2171} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe
Task: {A701A61E-E000-4FA1-BF1F-237A8C75BF5D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {AE4A772A-0C52-42E9-BE44-DD9A57F633C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {BC96EE73-C683-4F1D-AF06-8FBD4144C138} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: {C0FFBCAA-3DCD-4019-9C8C-59C4DB6E9499} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {CA988209-9674-4A49-BBB7-0428DD9C0A5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {D007FAFD-88DD-4190-BC1A-D046EC746F72} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {DCD007F2-0016-4788-B36A-34A0D28561EF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {DE9CAEF2-C2A2-4421-8126-D17150656D87} - System32\Tasks\Opera scheduled Autoupdate 1411148449 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-12] (Opera Software)
Task: {E089DB2A-D720-4E98-A761-C3DFA1DFB0F3} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {E451187D-C1BB-4779-9D4F-9393B23E7414} - System32\Tasks\Google Updater and Installer => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: {EDA874AA-0AC2-4BE1-94B7-C6D85DF1398D} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe [2014-08-13] ()
Task: {EF16BFF5-81F0-4DD6-A3C3-4E486180A791} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000Core.job => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-437646761-135901211-47947868-1000UA.job => C:\Users\BonZZai\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
==================== Loaded Modules (whitelisted) =============
2014-07-16 11:06 - 2014-07-16 11:06 - 00672416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-10-29 12:08 - 2014-08-07 22:11 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-10-29 12:08 - 2014-08-07 22:11 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2012-10-29 12:08 - 2014-08-07 22:11 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-10 23:39 - 2014-08-07 22:11 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-15 22:53 - 2014-03-15 22:53 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2013-07-29 17:25 - 2014-08-07 14:02 - 03034496 _____ () C:\Program Files (x86)\GameforgeLive\gfl_client.exe
2013-10-30 19:53 - 2014-09-25 03:50 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-07-29 17:25 - 2014-02-13 14:32 - 00088064 _____ () C:\Program Files (x86)\GameforgeLive\libgcc_s_sjlj-1.dll
2013-07-29 17:25 - 2014-02-13 14:32 - 00863744 _____ () C:\Program Files (x86)\GameforgeLive\libstdc++-6.dll
2013-07-29 17:25 - 2014-02-13 14:33 - 01765301 _____ () C:\Program Files (x86)\GameforgeLive\libgcrypt-11.dll
2013-07-29 17:25 - 2014-02-13 14:33 - 00126959 _____ () C:\Program Files (x86)\GameforgeLive\libgpg-error-0.dll
2013-07-29 17:25 - 2014-02-14 14:55 - 00530432 _____ () C:\Program Files (x86)\GameforgeLive\log4qt.dll
2013-07-29 17:25 - 2014-02-14 14:54 - 00141312 _____ () C:\Program Files (x86)\GameforgeLive\qjson.dll
2014-01-29 17:24 - 2014-02-14 15:19 - 05686669 _____ () C:\Program Files (x86)\GameforgeLive\libtorrent.dll
2014-01-29 17:24 - 2014-02-14 13:32 - 00097659 _____ () C:\Program Files (x86)\GameforgeLive\libboost_system-mgw47-mt-1_53.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows\system32\Drivers\hjwqcdaa.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-437646761-135901211-47947868-500 - Administrator - Disabled)
BonZZai (S-1-5-21-437646761-135901211-47947868-1000 - Administrator - Enabled) => C:\Users\BonZZai
Gast (S-1-5-21-437646761-135901211-47947868-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-437646761-135901211-47947868-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/28/2014 08:13:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/28/2014 07:32:13 PM) (Source: MsiInstaller) (EventID: 11714) (User: BonZZai-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.
Error: (09/28/2014 07:00:10 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Fehler beim Zugreifen auf den freigegebenen Remoteordner durch die Windows-Sicherung. (0x81000039)"
Error: (09/28/2014 06:47:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/28/2014 06:47:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/28/2014 06:47:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/28/2014 06:47:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/28/2014 06:45:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (09/28/2014 06:45:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (09/28/2014 06:45:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
System errors:
=============
Error: (09/28/2014 06:43:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/28/2014 06:43:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Management and Security Application Local Management Service erreicht.
Error: (09/28/2014 06:41:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Skype Click to Call PNR Service" wurde nicht richtig gestartet.
Error: (09/28/2014 06:40:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/28/2014 02:23:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/28/2014 02:23:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Management and Security Application Local Management Service erreicht.
Error: (09/28/2014 02:21:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Skype Click to Call PNR Service" wurde nicht richtig gestartet.
Error: (09/28/2014 02:19:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TuneUp Utilities Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/27/2014 09:41:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/27/2014 09:41:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Management and Security Application Local Management Service erreicht.
Microsoft Office Sessions:
=========================
Error: (09/28/2014 08:13:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (09/28/2014 07:32:13 PM) (Source: MsiInstaller) (EventID: 11714) (User: BonZZai-PC)
Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/28/2014 07:00:10 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Fehler beim Zugreifen auf den freigegebenen Remoteordner durch die Windows-Sicherung. (0x81000039)
Error: (09/28/2014 06:47:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\BonZZai\Desktop\frst\esetsmartinstaller_deu.exe
Error: (09/28/2014 06:47:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\BonZZai\Desktop\frst\esetsmartinstaller_deu.exe
Error: (09/28/2014 06:47:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\BonZZai\Desktop\frst\esetsmartinstaller_deu.exe
Error: (09/28/2014 06:47:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\BonZZai\Desktop\frst\esetsmartinstaller_deu.exe
Error: (09/28/2014 06:45:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (09/28/2014 06:45:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (09/28/2014 06:45:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
CodeIntegrity Errors:
===================================
Date: 2014-09-10 11:54:05.313
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-10 11:54:05.188
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-09 18:16:12.856
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-09 18:16:12.731
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 20:48:30.472
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-08 20:48:30.347
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-07 22:08:22.612
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-07 22:08:22.537
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 63%
Total physical RAM: 8144.43 MB
Available physical RAM: 2961.88 MB
Total Pagefile: 16587.05 MB
Available Pagefile: 10739.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:667.44 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 667C083D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
29.09.2014, 22:05
| #14 | |
| Ruhe in Frieden † 2019 | Internet langsam seit Änderung durch TuneUp Utilities Hallo, Hast du denn nun noch Probleme Bitte lade dir Software nur vom Hersteller oder Seiten wie filepony herunter und nicht bei Chip oder softonic, diese haben sehr oft einen Installer dabei, der dir veruscht noch andere "Programme" aufzuschwaatzen Schritt 1 Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
Schritt 2 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\BonZZai\Desktop\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
C:\Users\BonZZai\Desktop\Neuer Ordner (7)\Launcher_Premium(7).exe
C:\Users\BonZZai\Desktop\Splitter - Kopie - Kopie\Splitter - Kopie - Kopie - Kopie\Launcher_Premium(7).exe
Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\cbsidlm-cbsi183-Yet_Another_Cleaner-BP-75959789.exe
C:\Users\BonZZai\Downloads\CLEANPC365_1.12.0Full.exe
C:\Users\BonZZai\Downloads\download_firefox(1).exe
C:\Users\BonZZai\Downloads\download_firefox.exe
C:\Users\BonZZai\Downloads\K Lite Mega Codec Pack - CHIP-Downloader.exe
C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe
C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe
C:\Users\BonZZai\Downloads\Microsoft Maus und Tastatur Center 64 Bit - CHIP-Downloader.exe
C:\Users\BonZZai\Downloads\OpenOffice - CHIP-Downloader.exe
C:\Users\BonZZai\Downloads\samsung-kies.exe
C:\Users\BonZZai\Downloads\Skype - CHIP-Downloader.exe
C:\Users\BonZZai\Downloads\SpeedFan - CHIP-Installer.exe
C:\Users\BonZZai\Downloads\Launcher_Premium(7).exe
C:\Program Files (x86)\Free Window Registry Repair
C:\Users\BonZZai\Downloads\RegpairSetup.exe
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
|
|
02.10.2014, 02:48
| #15 |
| | Internet langsam seit Änderung durch TuneUp UtilitiesCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-09-2014 01
Ran by BonZZai at 2014-10-01 20:01:15 Run:2
Running from C:\Users\BonZZai\Desktop\frst
Loaded Profile: BonZZai (Available profiles: BonZZai)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\BonZZai\Desktop\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
C:\Users\BonZZai\Desktop\Neuer Ordner (7)\Launcher_Premium(7).exe
C:\Users\BonZZai\Desktop\Splitter - Kopie - Kopie\Splitter - Kopie - Kopie - Kopie\Launcher_Premium(7).exe
Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\cbsidlm-cbsi183-Yet_Another_Cleaner-BP-75959789.exe
C:\Users\BonZZai\Downloads\CLEANPC365_1.12.0Full.exe
C:\Users\BonZZai\Downloads\download_firefox(1).exe
C:\Users\BonZZai\Downloads\download_firefox.exe
C:\Users\BonZZai\Downloads\K Lite Mega Codec Pack - CHIP-Downloader.exe
C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe
C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe
C:\Users\BonZZai\Downloads\Microsoft Maus und Tastatur Center 64 Bit - CHIP-Downloader.exe
C:\Users\BonZZai\Downloads\OpenOffice - CHIP-Downloader.exe
C:\Users\BonZZai\Downloads\samsung-kies.exe
C:\Users\BonZZai\Downloads\Skype - CHIP-Downloader.exe
C:\Users\BonZZai\Downloads\SpeedFan - CHIP-Installer.exe
C:\Users\BonZZai\Downloads\Launcher_Premium(7).exe
C:\Program Files (x86)\Free Window Registry Repair
C:\Users\BonZZai\Downloads\RegpairSetup.exe
emptytemp:
*****************
C:\Users\BonZZai\Desktop\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe => Moved successfully.
C:\Users\BonZZai\Desktop\Neuer Ordner (7)\Launcher_Premium(7).exe => Moved successfully.
C:\Users\BonZZai\Desktop\Splitter - Kopie - Kopie\Splitter - Kopie - Kopie - Kopie\Launcher_Premium(7).exe => Moved successfully.
Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\BonZZai\Downloads\cbsidlm-cbsi183-Yet_Another_Cleaner-BP-75959789.exe => Error: No automatic fix found for this entry.
C:\Users\BonZZai\Downloads\CLEANPC365_1.12.0Full.exe => Moved successfully.
C:\Users\BonZZai\Downloads\download_firefox(1).exe => Moved successfully.
C:\Users\BonZZai\Downloads\download_firefox.exe => Moved successfully.
C:\Users\BonZZai\Downloads\K Lite Mega Codec Pack - CHIP-Downloader.exe => Moved successfully.
C:\Users\BonZZai\Downloads\Launcher_Premium(5).exe => Moved successfully.
C:\Users\BonZZai\Downloads\Launcher_Premium(6).exe => Moved successfully.
C:\Users\BonZZai\Downloads\Microsoft Maus und Tastatur Center 64 Bit - CHIP-Downloader.exe => Moved successfully.
C:\Users\BonZZai\Downloads\OpenOffice - CHIP-Downloader.exe => Moved successfully.
C:\Users\BonZZai\Downloads\samsung-kies.exe => Moved successfully.
C:\Users\BonZZai\Downloads\Skype - CHIP-Downloader.exe => Moved successfully.
C:\Users\BonZZai\Downloads\SpeedFan - CHIP-Installer.exe => Moved successfully.
C:\Users\BonZZai\Downloads\Launcher_Premium(7).exe => Moved successfully.
C:\Program Files (x86)\Free Window Registry Repair => Moved successfully.
C:\Users\BonZZai\Downloads\RegpairSetup.exe => Moved successfully.
EmptyTemp: => Removed 48.4 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
|
|
| Themen zu Internet langsam seit Änderung durch TuneUp Utilities |
| angeblich, brauch, formiert, hilft, hoffe, interne, internet, internet langsam, komplett, laden, lange, langsam, natürlich, programm, registry, schneller, seite, seiten, sofort, vernünftig, videos, vorschlag, wiederherstellungspunkte, youtube, änderung |
Linear-Darstellung
