Dankeschön für die Schnelle Antwort.
Also die Log Files sehen wie folgt aus:
FRST.Txt
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Minako (administrator) on AKATSUKI on 15-11-2014 12:55:19
Running from C:\Users\Minako\Desktop
Loaded Profiles: Minako & Administrator (Available profiles: Minako & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Akamai Technologies, Inc.) C:\Users\Minako\AppData\Local\Akamai\netsession_win.exe
(DJMASTER.COM) C:\Program Files\ONAIR\ONAIR.exe
(Akamai Technologies, Inc.) C:\Users\Minako\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(FILSH Media GmbH) C:\Program Files (x86)\FILSHtray\FILSHtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Roccat GmbH) C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\Tor\tor.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Local Weather LLC) C:\Users\Minako\AppData\Local\WeatherAlerts\WeatherAlerts.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Uwe Sieber - www.uwe-sieber.de) C:\Users\Minako\Documents\USBDLM\USBDLM.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Uwe Sieber - www.uwe-sieber.de) C:\Users\Minako\Documents\USBDLM\USBDLM_usr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [RoccatKova+] => C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE [536576 2010-06-23] (Roccat GmbH)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-19] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Spyware Terminator <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Spyware Terminator <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKU\S-1-5-19\...\Run: [QyKernel] => D:\IQIYI Video\LStyle\QyKernel.exe
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\Run: [QyKernel] => D:\IQIYI Video\LStyle\QyKernel.exe
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Minako\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [ONAIR] => C:\Program Files\ONAIR\ONAIR.exe [3525120 2013-04-27] (DJMASTER.COM)
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [28201096 2012-01-12] (Electronic Arts)
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [arvsij] => regsvr32.exe "C:\ProgramData\arvsij.dat"
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: N - N:\Autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: {422852ff-8154-11e1-bae1-001986003c65} - M:\Autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: {42285303-8154-11e1-bae1-001986003c65} - O:\Autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: {4228533c-8154-11e1-bae1-001986003c65} - R:\Autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: {a49cde22-5a55-11e2-9f18-001986003c65} - P:\autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: {a49cde24-5a55-11e2-9f18-001986003c65} - S:\Autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-500\...\Run: [QyKernel] => D:\IQIYI Video\LStyle\QyKernel.exe
HKU\S-1-5-18\...\Run: [Arvo] => C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE [582144 2010-04-01] (ROCCAT)
HKU\S-1-5-18\...\Run: [QyKernel] => D:\IQIYI Video\LStyle\QyKernel.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FILSHtray.lnk
ShortcutTarget: FILSHtray.lnk -> C:\Program Files (x86)\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
ShortcutTarget: DesktopWeatherAlerts.lnk -> C:\Users\Minako\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe ()
Startup: C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weather Alerts.lnk
ShortcutTarget: Weather Alerts.lnk -> C:\Users\Minako\AppData\Local\WeatherAlerts\WeatherAlerts.exe (Local Weather LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [360UDiskGuard Icon Overlay] -> {CC00F81D-5262-450A-B1FA-D6BEE3406263} => C:\Program Files (x86)\360\360Safe\safemon\360UDiskGuard64.dll (360.cn)
ShellIconOverlayIdentifiers: [FunOverlay] -> {A5662DF9-0C2E-4A56-9FE1-BACFF6966D88} => C:\Users\Public\Fundata\Lucifer.dll (Funshion)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=TJ&userid=f913ac72-94f2-4642-a21c-3817774a1fd2&sp=addr&q={searchTerms}&t=a0919
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.360.cn/?a1004
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST31500341AS_9VS54Z82XXXX9VS54Z82&ts=1393412043
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=TJ&userid=f913ac72-94f2-4642-a21c-3817774a1fd2&sp=addr&q={searchTerms}&t=a0919
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://isearch.babylon.com/?babsrc=HP_ss_btis&mntrId=C466001986003C65&affID=121564&tsp=4949
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.360.cn/?a1004
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.360.cn/?a1004
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163&st=chrome&q=
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyE0E0E0C0EyD0D0AtCtN0D0Tzu0SzztBtBtN1L2XzutBtFtCzztFzztFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0C0BtA0BtDzztGyDyDyCtCtGzzyByEyCtGyE0B0FyDtGyDtAtCzyzy0DyEyC0E0D0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0BtC0A0ByD0FtCtG0Dzy0C0BtG0C0DtD0EtG0DtD0FyBtGtCtA0E0BtDtDtC0FtBtCyE0E2Q&cr=812360986&ir=
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=2e40d927-4f50-4e52-8b5c-4e2de03ac3bb&sp=addr&q={searchTerms}&t=a0902
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyE0E0E0C0EyD0D0AtCtN0D0Tzu0SzztBtBtN1L2XzutBtFtCzztFzztFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0C0BtA0BtDzztGyDyDyCtCtGzzyByEyCtGyE0B0FyDtGyDtAtCzyzy0DyEyC0E0D0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0BtC0A0ByD0FtCtG0Dzy0C0BtG0C0DtD0EtG0DtD0FyBtGtCtA0E0BtDtDtC0FtBtCyE0E2Q&cr=812360986&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389370130&from=vtt&uid=ST31500341AS_9VS54Z82XXXX9VS54Z82&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=TJ&userid=f913ac72-94f2-4642-a21c-3817774a1fd2&sp=addr&q={searchTerms}&t=a0919
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=TJ&userid=f913ac72-94f2-4642-a21c-3817774a1fd2&sp=addr&q={searchTerms}&t=a0919
SearchScopes: HKLM-x32 - {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=34&r=2013/02/11&hid=2350046167&lg=EN&cc=DE
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST31500341AS_9VS54Z82XXXX9VS54Z82&ts=1393412043&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163&q={searchTerms}
SearchScopes: HKCU - DefaultScope {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&bar=13&tn=58051076_cb
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=TJ&userid=f913ac72-94f2-4642-a21c-3817774a1fd2&sp=addr&q={searchTerms}&t=a0919
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3315521&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPD9A49C16-864F-4A2C-944A-FB333838E805&q={searchTerms}&SSPV=
SearchScopes: HKCU - {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=34&r=2013/02/11&hid=2350046167&lg=EN&cc=DE
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=C466001986003C65&affID=121564&tsp=4949
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyE0E0E0C0EyD0D0AtCtN0D0Tzu0SzztBtBtN1L2XzutBtFtCzztFzztFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0C0BtA0BtDzztGyDyDyCtCtGzzyByEyCtGyE0B0FyDtGyDtAtCzyzy0DyEyC0E0D0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0BtC0A0ByD0FtCtG0Dzy0C0BtG0C0DtD0EtG0DtD0FyBtGtCtA0E0BtDtDtC0FtBtCyE0E2Q&cr=812360986&ir=
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ver=3.6&ts=1371856923463&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST31500341AS_9VS54Z82XXXX9VS54Z82&ts=1393412043&type=default&q={searchTerms}
SearchScopes: HKCU - {7FD3ED0B-4FAD-4B7B-84F0-856A49DE8960} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=c33e543b-7429-4033-93cb-3298e8b94fd7&apn_sauid=44135D83-2E42-4EE6-ADF7-EBE673F5A039
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={38F96A14-2808-47DE-83EE-ACCCDCE3FFB4}&mid=30021ecc282547d291a0294607f0073d-6ce2d8e30c68c20adee14e42a90cbd8760bb12ba&lang=de&ds=cg011&coid=avgtbdiscg&cmpid=&pr=sa&d=2014-07-07 20:42:14&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163&q={searchTerms}
SearchScopes: HKCU - {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&bar=13&tn=58051076_cb
BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\360Safe\safemon\safemon64.dll (360.cn)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {19a395c9-823b-4700-b817-396fc84ffb16} -> No File
BHO-x32: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> No File
BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Wajam -> {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} -> C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\360Safe\safemon\safemon.dll (360.cn)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: F1AC60D5-86C6-15D1-8646-CB1A182D2AA4 Class -> {F1AC60D5-86C6-15D1-8646-CB1A182D2AA4} -> C:\Program Files (x86)\BaiduAddr\{F1AC60D5-86C6-15D1-8646-CB1A182D2AA4}\AddressBar.dll ()
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {19a395c9-823b-4700-b817-396fc84ffb16} - No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKU\S-1-5-21-4201896478-3710373697-1095196273-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-4201896478-3710373697-1095196273-1000 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
Toolbar: HKU\S-1-5-21-4201896478-3710373697-1095196273-1000 -> No Name - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - No File
Toolbar: HKU\S-1-5-21-4201896478-3710373697-1095196273-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchUrl:
FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyE0E0E0C0EyD0D0AtCtN0D0Tzu0SzztBtBtN1L2XzutBtFtCzztFzztFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0C0BtA0BtDzztGyDyDyCtCtGzzyByEyCtGyE0B0FyDtGyDtAtCzyzy0DyEyC0E0D0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0BtC0A0ByD0FtCtG0Dzy0C0BtG0C0DtD0EtG0DtD0FyBtGtCtA0E0BtDtDtC0FtBtCyE0E2Q&cr=812360986&ir=
FF Keyword.URL:
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @pps.tv/npWebPlayer -> D:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin-x32: @360.cn/npaxlogin -> C:\Program Files (x86)\360\360Safe\Utils\npaxlogin.dll (360.cn)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @pps.tv/npWebPlayer -> D:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-4201896478-3710373697-1095196273-1000: @360.cn/360MMPlugin -> C:\Program Files (x86)\360\360Safe\MobileMgr\np360MMPlugIn.dll No File
FF Plugin HKU\S-1-5-21-4201896478-3710373697-1095196273-1000: @my.com/Games -> C:\Users\Minako\AppData\Local\MyComGames\NPMyComDetector.dll (My.com, Inc)
FF Plugin HKU\S-1-5-21-4201896478-3710373697-1095196273-1000: @pps.tv/npWebPlayer -> D:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin HKU\S-1-5-21-4201896478-3710373697-1095196273-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\user.js
FF user.js: detected! => C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\EasyLife.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\holasearch.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\holasearch.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\iminent.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\Messenger Plus Smartbar Search.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\SweetIM Search.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\sweetim.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: No Name - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\ffxtlbr@babylon.com [2012-01-23]
FF Extension: Mitter Toolbar - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\tagiritoolbar@tagiri.jp [2011-12-23]
FF Extension: DownloadHelper - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-06-21]
FF Extension: Vuze Remote - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2012-07-17]
FF Extension: Greasemonkey - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-08-03]
FF Extension: DivX Web Player - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\DivXWebPlayer@divx.com.xpi [2012-05-20]
FF Extension: Linky - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\linky@gemal.dk.xpi [2012-06-18]
FF Extension: LinkyLook - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\linkylook@dniflima.about.tc.xpi [2012-06-18]
FF Extension: NicoFox - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\nicofox@littlebtc.xpi [2012-06-19]
FF Extension: PokéFarm Toolbar - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\toolbar-tbplatform@alexa.com.xpi [2012-06-21]
FF Extension: CookieCuller - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2012-06-21]
FF Extension: Adblock Plus - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-29]
FF Extension: Browser Companion Helper - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\bbrs_002@blabbers.com [2012-09-19]
FF Extension: Fast Start - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\faststartff@gmail.com [2014-07-12]
FF Extension: Messenger Plus! Community Smartbar - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\helperbar@helperbar.com [2014-06-04]
FF Extension: Messenger Plus! Community Smartbar - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{2e40d927-4f50-4e52-8b5c-4e2de03ac3bb} [2013-03-05]
FF Extension: DownloadHelper - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Flash and Video Download - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-10-14]
FF Extension: No Name - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\ffext_basicvideoext@startpage24.xpi [2014-10-31]
FF Extension: No Name - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\firefox@browsesmart.net.xpi [2014-01-10]
FF Extension: Linky - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\linky@gemal.dk.xpi [2012-09-04]
FF Extension: No Name - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-07-29]
FF Extension: MySearchDial - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2014-04-03]
FF Extension: Adblock Plus - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-18]
FF Extension: Tab Mix Plus - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-08-23]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-12-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-07-20]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 [2014-08-25]
FF Extension: Wajam - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013-12-09]
FF Extension: No Name - {5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} [Not Found]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-07-20]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S4 MsgPlusService; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [128000 2013-05-07] (Yuna Software) [File not signed]
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4784312 2014-01-21] (INCA Internet Co., Ltd.) [File not signed]
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-11-11] (Overwolf Ltd)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-04] () [File not signed]
R2 USBDLM; C:\Users\Minako\Documents\USBDLM\USBDLM.exe [441792 2014-01-12] (Uwe Sieber - www.uwe-sieber.de) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S4 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2013-11-01] (Wajam) [File not signed] <==== ATTENTION
R2 XTUService; C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [21768 2010-11-24] (Intel Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArvoFltr; C:\Windows\System32\drivers\ArvoFltr.sys [15872 2009-05-06] (ROCCAT Development, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R3 KovaPlusFltr; C:\Windows\System32\drivers\KovaPlusFltr.sys [15104 2010-01-25] (ROCCAT Development, Inc.)
S1 360AntiHacker; System32\Drivers\360AntiHacker64.sys [X]
S1 360Box64; system32\DRIVERS\360Box64.sys [X]
S3 360Camera; System32\Drivers\360Camera64.sys [X]
S1 360FsFlt; system32\DRIVERS\360FsFlt.sys [X]
S4 360Hvm; System32\Drivers\360Hvm64.sys [X]
S1 360netmon; system32\DRIVERS\360netmon.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S1 bd0001; system32\DRIVERS\bd0001.sys [X]
S1 bd0004; system32\DRIVERS\bd0004.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S3 WINIO; \??\C:\Program Files (x86)\IQIYI Video\PStyle\winio.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-15 12:55 - 2014-11-15 12:56 - 00040297 _____ () C:\Users\Minako\Desktop\FRST.txt
2014-11-15 12:54 - 2014-11-15 12:55 - 00000000 ____D () C:\FRST
2014-11-15 12:54 - 2014-11-15 12:54 - 02116608 _____ (Farbar) C:\Users\Minako\Downloads\FRST64.exe
2014-11-15 12:54 - 2014-11-15 12:54 - 02116608 _____ (Farbar) C:\Users\Minako\Desktop\FRST64.exe
2014-11-14 12:15 - 2014-11-14 12:16 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Zoo
2014-11-14 12:15 - 2014-11-14 12:15 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\CloudMedia
2014-11-13 19:36 - 2014-11-13 19:36 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\TERA
2014-11-13 19:34 - 2014-11-14 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-11-13 19:34 - 2014-11-13 19:36 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-11-13 19:34 - 2014-11-13 19:34 - 00001075 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk
2014-11-13 19:34 - 2014-11-13 19:34 - 00000000 ____D () C:\Users\Minako\Downloads\Gameforge Live
2014-11-13 19:34 - 2014-11-13 19:34 - 00000000 ____D () C:\Users\Minako\AppData\Local\Gameforge4d
2014-11-13 19:31 - 2014-11-13 19:34 - 20201072 _____ (Gameforge ) C:\Users\Minako\Downloads\TERA_GameforgeLiveSetup.exe
2014-11-12 13:29 - 2014-11-12 13:29 - 00291880 _____ () C:\Windows\Minidump\111214-34117-01.dmp
2014-11-12 12:46 - 2014-11-12 12:46 - 00000000 _____ () C:\Windows\Minidump\111214-42291-01.dmp
2014-11-11 00:19 - 2014-11-11 00:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-11 00:00 - 2014-11-11 00:00 - 00002286 _____ () C:\Users\Minako\Documents\cc_20141111_000009.reg
2014-11-10 21:12 - 2014-11-10 21:12 - 00041598 _____ () C:\Users\Minako\Documents\cc_20141110_211236.reg
2014-11-10 21:12 - 2014-11-10 21:12 - 00002318 _____ () C:\Users\Minako\Documents\cc_20141110_211252.reg
2014-11-10 20:57 - 2014-11-10 20:57 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\AVG2014
2014-11-10 20:56 - 2014-11-10 21:05 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-11-10 20:56 - 2014-11-10 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-10 20:55 - 2014-11-10 20:55 - 00000000 ___HD () C:\$AVG
2014-11-10 20:55 - 2014-11-10 20:55 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-11-10 20:54 - 2014-11-10 22:11 - 00000000 ____D () C:\Users\Minako\AppData\Local\Avg2014
2014-11-10 20:33 - 2014-11-10 20:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Aeria Games
2014-11-10 20:32 - 2014-11-10 20:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AVG SafeGuard toolbar
2014-11-10 20:31 - 2014-11-10 20:31 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-11-10 20:28 - 2014-11-10 20:28 - 04578024 _____ (AVG Technologies) C:\Users\Minako\Downloads\avg_avct_stb_all_2015_5315_ppc17.exe
2014-11-10 20:28 - 2014-11-10 20:28 - 00000247 _____ () C:\Windows\system32\2014-11-10-19-28-47.058-aswFe.exe-3964.log
2014-11-10 20:23 - 2014-11-10 20:28 - 00000247 _____ () C:\Windows\system32\2014-11-10-19-23-50.095-aswFe.exe-7872.log
2014-11-10 20:23 - 2014-11-10 20:23 - 00000197 _____ () C:\Windows\system32\2014-11-10-19-23-45.084-AvastVBoxSVC.exe-7564.log
2014-11-10 20:21 - 2014-11-10 20:21 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-10 20:21 - 2014-11-10 20:21 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-10 20:18 - 2014-11-10 20:18 - 00323616 _____ (Dropbox, Inc.) C:\Users\Public\Desktop\DropboxInstallerAvast.exe
2014-11-10 20:08 - 2014-11-10 20:15 - 131078000 _____ (AVAST Software) C:\Users\Minako\Downloads\avast_free_antivirus_setup.exe
2014-11-10 12:06 - 2014-11-10 12:06 - 00007028 _____ () C:\Users\Minako\Documents\cc_20141110_120618.reg
2014-11-10 11:50 - 2014-11-10 11:50 - 00001664 _____ () C:\Users\Minako\Documents\cc_20141110_115051.reg
2014-11-08 13:10 - 2014-11-08 13:10 - 00001664 _____ () C:\Users\Minako\Documents\cc_20141108_131041.reg
2014-11-08 12:22 - 2014-11-08 12:22 - 14571220 _____ () C:\Users\Minako\Documents\Gray Fullbuster.Sims2Pack
2014-11-06 19:39 - 2014-11-06 19:39 - 00000000 ____D () C:\ProgramData\Avg_Update_1114tb
2014-11-06 18:17 - 2014-11-06 18:17 - 00000114 _____ () C:\Users\Minako\Desktop\Allods (DE).url
2014-11-06 18:17 - 2014-11-06 18:17 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allods (DE)
2014-11-06 16:30 - 2014-11-10 12:47 - 00000000 ____D () C:\Users\Minako\AppData\Local\MyComGames
2014-11-06 16:30 - 2014-11-06 16:30 - 00002013 _____ () C:\Users\Minako\Desktop\My.com Games.lnk
2014-11-06 16:30 - 2014-11-06 16:30 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2014-11-06 16:29 - 2014-11-06 16:29 - 04071720 _____ () C:\Users\Minako\Downloads\AllodsdeLoader_de.exe
2014-11-04 22:06 - 2014-11-15 12:31 - 00002072 _____ () C:\Windows\setupact.log
2014-11-04 22:06 - 2014-11-12 13:29 - 674598088 _____ () C:\Windows\MEMORY.DMP
2014-11-04 22:06 - 2014-11-10 20:48 - 00461740 _____ () C:\Windows\PFRO.log
2014-11-04 22:06 - 2014-11-04 22:06 - 00291800 _____ () C:\Windows\Minidump\110414-52650-01.dmp
2014-11-04 22:06 - 2014-11-04 22:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-04 13:36 - 2014-11-04 13:36 - 00010072 _____ () C:\Users\Minako\Documents\cc_20141104_133615.reg
2014-11-04 13:31 - 2014-11-04 13:31 - 00002066 _____ () C:\Users\Minako\Documents\cc_20141104_133106.reg
2014-11-04 13:28 - 2014-11-04 13:28 - 00004902 _____ () C:\Users\Minako\Documents\cc_20141104_132829.reg
2014-11-04 13:27 - 2014-11-04 13:27 - 00052688 _____ () C:\Users\Minako\Documents\cc_20141104_132716.reg
2014-11-04 13:24 - 2014-11-04 13:24 - 00000000 ____D () C:\ProgramData\{plbackup-CFE0-66E8-660553B4C955}
2014-11-04 13:22 - 2014-11-04 13:22 - 00001244 _____ () C:\Users\Public\Desktop\影视大全.lnk
2014-11-04 13:22 - 2014-11-04 13:22 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\ppslog
2014-11-04 13:22 - 2014-06-11 10:43 - 00285120 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2014-11-04 13:21 - 2014-11-04 14:25 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\PPStream
2014-11-04 13:21 - 2014-11-04 13:34 - 00000000 ____D () C:\ProgramData\IQIYI Video
2014-11-04 12:56 - 2014-11-04 12:57 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\360Safe
2014-11-04 12:56 - 2014-11-04 12:56 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\360Login
2014-11-01 12:28 - 2014-11-01 12:28 - 00003144 _____ () C:\Windows\System32\Tasks\{F4B16D26-157B-41F0-99E3-EF4E14A6922C}
2014-11-01 12:19 - 2014-11-01 12:19 - 00000000 ____D () C:\ProgramData\LocalStorage
2014-11-01 12:14 - 2014-11-01 12:14 - 00024576 _____ () C:\cache_index.db
2014-11-01 12:13 - 2014-11-01 12:13 - 00000000 ____D () C:\Qiyi
2014-11-01 02:39 - 2014-11-01 02:39 - 00000000 ____D () C:\Windows\TMP
2014-11-01 00:25 - 2014-11-01 00:25 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\DataRepair
2014-11-01 00:20 - 2014-11-15 00:27 - 00000000 ____D () C:\Users\Public\FunAcce
2014-10-31 22:58 - 2014-10-31 22:58 - 00000000 __SHD () C:\Users\Minako\AppData\Roaming\360Quarant
2014-10-31 22:58 - 2014-10-31 22:58 - 00000000 __SHD () C:\$360Section
2014-10-31 20:08 - 2014-11-01 12:20 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\360se6
2014-10-31 20:08 - 2014-10-31 20:08 - 00000000 ____D () C:\ProgramData\{plbackup-CFE0-66E8-660553B4C954}
2014-10-31 20:07 - 2014-11-01 12:11 - 00000000 ____D () C:\Program Files (x86)\BaiduAddr
2014-10-31 20:03 - 2014-11-04 13:11 - 00000000 ____D () C:\ProgramData\360safe
2014-10-31 20:03 - 2014-10-31 20:03 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\360Login
2014-10-31 20:02 - 2014-10-31 20:02 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Qiyi
2014-10-31 20:02 - 2014-10-31 20:02 - 00000000 ____D () C:\Program Files (x86)\360
2014-10-31 20:02 - 2014-10-31 20:02 - 00000000 ____D () C:\KwDownloadx
2014-10-31 20:00 - 2014-10-31 20:01 - 08448232 _____ (酷我科技) C:\Users\Minako\Downloads\kwmusic2012.exe
2014-10-31 19:58 - 2014-10-31 19:58 - 00049480 _____ (Baidu) C:\Windows\system32\Drivers\BDSafeBrowser.sys
2014-10-31 19:56 - 2014-11-04 13:27 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\IQIYI Video
2014-10-31 19:55 - 2014-11-04 13:25 - 00000000 ____D () C:\ProgramData\KWGameBox
2014-10-31 19:54 - 2014-11-04 13:21 - 00000000 ____D () C:\ProgramData\Baidu
2014-10-31 19:54 - 2013-12-10 08:53 - 00041800 _____ (Baidu) C:\Windows\system32\bd64_x64.dll_26430984
2014-10-31 19:54 - 2013-12-10 08:53 - 00039056 _____ (Baidu) C:\Windows\system32\bd64_x86.dll_26430999
2014-10-31 19:53 - 2014-11-15 12:39 - 00000000 ____D () C:\Users\Public\Fundata
2014-10-31 19:53 - 2014-10-31 20:07 - 00000000 ____D () C:\Program Files (x86)\Baidu
2014-10-31 19:48 - 2014-10-31 20:02 - 00000000 ____D () C:\ProgramData\kuwodata
2014-10-31 19:48 - 2014-10-31 19:48 - 00000000 ____D () C:\KwDownload
2014-10-31 19:47 - 2014-10-31 19:47 - 12801352 _____ (酷我科技) C:\Users\Minako\Downloads\kuwo2014.exe
2014-10-21 20:13 - 2014-10-21 20:13 - 00000000 ____D () C:\Users\Minako\AppData\Local\Skype
2014-10-21 20:12 - 2014-10-21 20:12 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-21 20:12 - 2014-10-21 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-21 20:11 - 2014-10-21 20:11 - 01677920 _____ (Skype Technologies S.A.) C:\Users\Minako\Downloads\SkypeSetup.exe
2014-10-18 10:57 - 2014-10-18 10:57 - 01054912 _____ (Adobe) C:\Users\Minako\Downloads\install_flashplayer15x32au_ltr5x64d_awc_aih.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-15 12:54 - 2013-10-22 11:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-15 12:47 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-15 12:47 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-15 12:45 - 2013-01-23 13:01 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Skype
2014-11-15 12:35 - 2014-01-10 17:35 - 00000296 _____ () C:\Windows\Tasks\SaveSense.job
2014-11-15 12:35 - 2012-12-10 11:45 - 01984811 _____ () C:\Windows\WindowsUpdate.log
2014-11-15 12:33 - 2011-08-25 19:20 - 00000000 ____D () C:\ProgramData\clear.fi
2014-11-15 12:31 - 2012-12-09 11:47 - 00000424 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-11-15 12:31 - 2011-08-10 19:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-15 12:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-15 12:24 - 2014-06-17 13:57 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-15 01:55 - 2013-03-21 13:24 - 00000000 ____D () C:\Users\Minako\Documents\Fertige Geschichten
2014-11-15 00:52 - 2014-01-15 21:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-14 20:58 - 2012-12-10 14:33 - 00347136 ___SH () C:\Users\Minako\Thumbs.db
2014-11-14 15:01 - 2014-07-20 22:52 - 00000324 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job
2014-11-14 07:25 - 2011-11-09 21:05 - 00000000 ____D () C:\Users\Minako\AppData\Local\Akamai
2014-11-12 23:52 - 2014-07-20 22:52 - 00000332 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job
2014-11-12 22:32 - 2011-12-12 20:23 - 00000000 ____D () C:\Users\Minako\Documents\FILSHtray
2014-11-12 19:17 - 2013-08-07 11:48 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-11-12 13:29 - 2011-08-30 16:52 - 00000000 ____D () C:\Windows\Minidump
2014-11-12 00:55 - 2013-10-22 11:28 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 00:55 - 2012-11-27 11:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 00:55 - 2012-11-27 11:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-11 15:42 - 2012-06-03 13:42 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\vlc
2014-11-11 12:56 - 2014-02-18 11:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 22:51 - 2014-06-19 18:07 - 00000000 ____D () C:\Users\Minako\Documents\MajesticRO Full Client
2014-11-10 20:56 - 2014-06-17 19:35 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-10 20:48 - 2014-01-08 14:31 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-10 20:46 - 2014-01-08 14:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-10 20:44 - 2014-01-15 22:05 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-10 20:44 - 2013-04-19 21:12 - 00000000 ____D () C:\Users\Minako\AppData\Local\Google
2014-11-10 20:43 - 2012-02-05 21:16 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-11-10 20:42 - 2014-09-15 10:31 - 00000000 ____D () C:\Program Files (x86)\Mr DJ
2014-11-10 20:33 - 2014-01-08 14:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-10 20:31 - 2014-06-16 21:46 - 00001443 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-10 17:07 - 2014-01-10 18:35 - 00000153 _____ () C:\Users\Minako\AppData\Roaming\WB.CFG
2014-11-10 12:06 - 2011-03-23 15:25 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
2014-11-10 12:05 - 2011-03-23 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2014-11-10 12:05 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-10 12:04 - 2014-01-10 17:36 - 00000000 ____D () C:\Users\Minako\AppData\Local\Mobogenie
2014-11-10 12:03 - 2014-01-17 22:10 - 00000000 ___SD () C:\Users\Minako\Documents\Mabinogi
2014-11-10 12:02 - 2014-02-26 11:54 - 00000000 ____D () C:\ProgramData\IePluginService
2014-11-10 12:02 - 2012-02-05 21:15 - 00000000 ____D () C:\AeriaGames
2014-11-06 19:39 - 2014-08-26 18:55 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar
2014-11-06 17:07 - 2012-06-29 21:25 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Azureus
2014-11-03 12:33 - 2011-08-05 13:14 - 23144550 _____ () C:\Windows\system32\perfh007.dat
2014-11-03 12:33 - 2011-08-05 13:14 - 07244392 _____ () C:\Windows\system32\perfc007.dat
2014-11-03 12:33 - 2009-07-14 06:13 - 00006472 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 00:52 - 2014-08-29 21:34 - 00000000 ____D () C:\Users\Minako\AppData\Local\Adobe
2014-11-01 12:21 - 2014-09-13 19:16 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\baidu
2014-10-31 19:43 - 2013-09-16 23:31 - 00000102 _____ () C:\Users\Minako\AppData\default.pls
2014-10-31 19:41 - 2011-08-27 19:39 - 00000000 ____D () C:\Users\Minako\Documents\FFOutput
2014-10-31 02:36 - 2012-05-24 19:16 - 00000000 ____D () C:\Program Files (x86)\No23 Recorder
2014-10-21 21:58 - 2011-08-28 20:46 - 00000000 ____D () C:\Users\Minako\Documents\Meine empfangenen Dateien
2014-10-21 20:12 - 2011-03-23 15:39 - 00000000 ____D () C:\ProgramData\Skype
2014-10-20 23:00 - 2014-06-16 11:41 - 00000000 ____D () C:\Users\Minako\Documents\data
2014-10-20 08:32 - 2014-01-08 14:32 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 08:32 - 2014-01-08 14:32 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 00:40 - 2014-08-01 01:13 - 00001456 _____ () C:\Users\Minako\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-10-16 01:13 - 2014-10-15 21:02 - 00127424 _____ () C:\Users\Minako\Documents\j.SNA
2014-10-16 01:13 - 2011-08-25 18:11 - 00000000 ____D () C:\Users\Minako\Documents\NO$GBA_2.6a
Files to move or delete:
====================
C:\Users\Minako\Dicastia-Patch.exe
C:\Users\Minako\Inazuma Eleven Go Strikers 2013 Trainer.exe
Some content of TEMP:
====================
C:\Users\Minako\AppData\Local\Temp\kwuninsthelper.exe
C:\Users\Minako\AppData\Local\Temp\masflag_runxx.dl.dll
C:\Users\Minako\AppData\Local\Temp\ppstreamsetup_ppsiqiyip04.exe
C:\Users\Minako\AppData\Local\Temp\QYAgent_runxx.dl.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-05 17:11
==================== End Of Log ============================
--- --- ---
--- --- ---
Und die Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by Minako at 2014-11-15 12:56:34
Running from C:\Users\Minako\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
360安全卫士 (HKLM-x32\...\360安全卫士) (Version: 9.6.0.2002 - 360安全中心)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Aff Packages (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Aff Packages) (Version: - ) <==== ATTENTION
Akamai NetSession Interface (HKLM-x32\...\Akamai) (Version: - )
Akamai NetSession Interface (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Allods Online DE (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Allods Online DE) (Version: 1.38 - My.com B.V.)
Arvo (HKLM-x32\...\{61DF2893-0069-4E50-A02E-3A41A97CB1B4}) (Version: 1.0 - ROCCAT)
Ask Toolbar Updater (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ATTENTION
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Aura Software Manager 1.0.3 (HKLM-x32\...\Aura Software Manager_is1) (Version: - aura4you.com)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4189 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
Avidemux 2.5 (32-bit) (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.6.7716 - )
BrowseToSave (HKLM\...\{3775CA0B-18F8-4F9B-AD70-50DAEC96E8FD}) (Version: 1.0 - ) <==== ATTENTION
CamStudio (HKLM-x32\...\CamStudio) (Version: - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.15 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.15 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7713 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3009 - Acer Incorporated)
Common RTP 1.0 (HKLM-x32\...\RPGAdvocates_RTP_1.0) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DesktopWeatherAlerts (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\DesktopWeatherAlerts) (Version: 1.0.29.0 - Local Weather LLC) <==== ATTENTION
Die Sims™ 2 Deluxe (HKLM-x32\...\{9C244239-ED8E-40f1-937F-51C706CD2160}) (Version: - )
Die Sims™ 2 Haustiere (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
Die Sims™ 2 Vier Jahreszeiten (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version: - )
Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team)
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION
FILSHtray (HKLM-x32\...\{5928359F-BF46-4646-BF19-B64E55171EB5}) (Version: 0.12 - FILSH Media GmbH)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
FinalBurner Free v2.24.0.195 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB8A31BED943}) (Version: - )
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Freemake Video Converter Version 4.0.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.2 - Ellora Assets Corporation)
FrostWire 5.3.6 (HKLM-x32\...\FrostWire 5) (Version: 5.3.6.0 - FrostWire Team)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
Haunted Memories (HKLM-x32\...\Steam App 241640) (Version: - MadMan Theory Games)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3014 - Acer Incorporated)
HP Deskjet 2510 series - Grundlegende Software für das Gerät (HKLM\...\{288614B1-F070-4B47-A1F5-4790BD8A3176}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Hilfe (HKLM-x32\...\{07B48D2C-E60D-41E6-B546-11D128F633EC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel Extreme Tuning Utility 2.1.408.41 (HKLM-x32\...\{72B59E5A-CF45-4528-8227-7EDF5EC772BE}) (Version: 2.1.408.41 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) SMBus (HKLM\...\SMBus) (Version: - )
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
InterActual Player (HKLM-x32\...\InterActual Player) (Version: - )
Internet Explorer Toolbar 4.8 by SweetPacks (x32 Version: 4.8.0000 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
ips XP 1.11.2600 (HKLM-x32\...\ips XP_is1) (Version: 1.11.2600 - Tenchi wielding the Illumina sword)
Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle)
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217010FF}) (Version: 7.0.100 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Media Engine (HKLM-x32\...\Media Engine) (Version: - )
Messenger Plus! (HKLM-x32\...\Messenger Plus!) (Version: 6.00.0.776 - Yuna Software)
Messenger Plus! Community Smartbar (HKLM-x32\...\{A603614D-1D5A-4BDC-9046-03330ABC0F03}) (Version: 1.6.1.695 - Messenger Plus!) <==== ATTENTION
Messenger Plus! for Skype (HKLM-x32\...\Messenger Plus! for Skype) (Version: 1.8.0.125 - Yuna Software)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft GIF Animator (HKLM-x32\...\GIF Animator) (Version: - )
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 33.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 en-US)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My.com Games (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MyComGames) (Version: 2.23 - BENSTAR LIMITED)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
Nero 8 (HKLM-x32\...\{D3AAAEA9-9A0C-4568-8E9D-073497291031}) (Version: 8.10.132 - Nero AG)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Now Playing Plugin 1.0.0.2 (HKLM-x32\...\np_plugin_is1) (Version: - )
NVIDIA Grafiktreiber 267.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6733 - NVIDIA Corporation)
ONAIR 4.0.0.855 (HKLM\...\ONAIR_is1) (Version: - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Next 20.0.1387.59 (HKLM-x32\...\Opera 20.0.1387.59) (Version: 20.0.1387.59 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{0A337036-B73E-4C85-8D32-3851F84B7CFE}) (Version: 0.46.271 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PhotoFiltre (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\PhotoFiltre) (Version: - )
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
Ragnarok Online 2 (HKLM-x32\...\Steam App 231060) (Version: - Gravity, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
ROCCAT Kova[+] Mouse Driver (HKLM-x32\...\{A86DDFE3-F661-461C-9BF2-876AC2CA57DE}) (Version: 1.10 - Roccat GmbH)
RollerCoaster Tycoon 2 (HKLM-x32\...\{BD3BD375-0E7A-48D0-9117-69A5C7DED63E}) (Version: - )
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
RollerCoaster Tycoon Deluxe (HKLM-x32\...\{924EAD66-F854-4605-8493-696DD59A113B}) (Version: 1.00.000 - )
RTP for RM2K (Png, Wav, Midi, Fonts) (HKLM-x32\...\RTP for RM2K (Png, Wav, Midi, Fonts)) (Version: - )
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SlimDX Redistributable for .NET 2.0 (September 2011) (HKLM-x32\...\{7C056FA6-E362-467B-8160-062E9474FEE5}) (Version: 2.0.12.43 - SlimDX Group)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Sprill and Ritchie (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117932650}) (Version: - Oberon Media)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Super Mario: Blue Twilight DX (v1.04.1) (HKLM-x32\...\Super Mario: Blue Twilight DX (v1.04.1)) (Version: - )
Super nude patch II 3.0 (HKLM-x32\...\Super_nude_patch_II_1.0) (Version: - )
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
SweetPacks bundle uninstaller (HKLM-x32\...\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}) (Version: 1.0.0001 - SweetIM Technologies Ltd.) <==== ATTENTION
SWF to AVI (HKLM-x32\...\{3315B802-84C6-47BC-907A-9B77A4646197}_is1) (Version: - www.swftoavi.com)
TeamSpeak 3 Client (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Sims 2 University (HKLM-x32\...\{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}) (Version: - )
Tomb Raider II (HKLM-x32\...\Tomb Raider II) (Version: - )
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version: - )
TS3 Install Helper Monkey (HKLM-x32\...\TS3 Install Helper Monkey) (Version: - Mad Scientist Productions)
TSR Launcher (HKLM-x32\...\{9082C257-9729-4009-8299-6916CD556EAC}) (Version: 1.0 - The Sims Resource)
TSR Workshop (HKLM-x32\...\{D68A4706-B8C7-4516-BE6C-B738902A1DF3}) (Version: 2.0.36 - The Sims Resource)
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
Vampires Dawn II: Ancient Blood (HKLM-x32\...\{23E49254-B48D-4422-93A1-5F26F02A0A69}_is1) (Version: Vampires Dawn 2 - Version 1.23 - Brianum/Dawnatic)
Vampires Dawn: Reign of Blood (HKLM-x32\...\{CF55095E-07AA-432E-8376-CEF71D70746A}_is1) (Version: Vampires Dawn: Reign of Blood 1.31 - Brianum)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version: - )
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.1.0.0 - Azureus Software, Inc.)
Wajam (HKLM-x32\...\Wajam) (Version: 2.06 - Wajam) <==== ATTENTION
Watson (HKLM-x32\...\{9B88DD94-1AAE-41C4-BD95-2D8737D5E9E2}) (Version: 1.0.0 - Windows Live Safety Center)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM-x32\...\Windows Live OneCare safety scanner) (Version: - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
winLAME 2010 beta 1 (HKLM-x32\...\{63C16E81-327C-49B6-9643-4F5EFD8A6B2D}) (Version: 1.0.2010.1 - Michael Fink)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
09-11-2014 18:00:29 Windows-Sicherung
10-11-2014 10:53:01 Removed Aeria Ignite
10-11-2014 19:14:11 Removed AVG 2015
10-11-2014 19:15:26 Removed AVG 2015
10-11-2014 19:18:03 avast! antivirus system restore point
10-11-2014 19:55:06 Installed AVG 2014
10-11-2014 19:55:41 Installed AVG 2014
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {000E756C-2B16-44C0-88EE-BDDC5986EBEC} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: {0032E748-5B5F-43F8-969C-9F50D2643407} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {07518C22-146A-4F8A-B939-5148F9E7B0FC} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4201896478-3710373697-1095196273-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {10FD7300-97EC-47D0-9F67-14A06D987F01} - System32\Tasks\{09838844-998F-455C-8181-CE33AABCD69F} => C:\Program Files\AVAST Software\Avast\AvastUI.exe
Task: {1E025F28-9018-47AD-B52A-6BF55CA4A5B1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {2123F3FD-D33E-4D7D-B4C3-0E957DC3B702} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {22607A00-4259-46F9-B142-8833ADCA6AD8} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)
Task: {2B292801-9F52-46EA-B5BF-28C028F0AE31} - System32\Tasks\SuperEasy Registry Cleaner_DEFAULT => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {2B86EDE6-AF86-4946-BA82-9DC209B7763F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {355B341D-ABAD-4263-9524-0E9DB2FA2226} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4201896478-3710373697-1095196273-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {3891CDB2-89D0-4576-B6C4-A6D0AFC28587} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {389ABE10-5C36-4868-8845-BD96A8E4083D} - \The Bluetooth service discovery No Task File <==== ATTENTION
Task: {38A1682D-50C5-403F-AF2B-215ACD6620A0} - System32\Tasks\RNUpgradeHelperResumePrompt_Minako => C:\Users\Minako\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe [2012-06-14] (RealNetworks, Inc.)
Task: {439B3401-8F95-4ADA-911D-CDCEDC9C9277} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {544BA9D5-F783-476F-8219-5D3F4AF2CAF1} - System32\Tasks\{A76CCB56-FE32-4DA7-9B86-0C467C5E53C2} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?source=lightinstaller&page=tsMain
Task: {785D3DF3-412E-457D-9554-9E05F5D6D4F4} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {B3E82EE0-81F2-4D31-93FB-312F3FF1272E} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {B51CA6D5-7A87-499A-8265-105C6789953A} - System32\Tasks\SuperEasy Registry Cleaner_UPDATES => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {BF7FAFF7-8E37-4255-9759-1D2A92F8896B} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {C26B1C0A-9624-4704-8476-2001F3AF921C} - System32\Tasks\{62EDFB25-F700-422D-80BE-38C9F516F2F5} => C:\Program Files\AVAST Software\Avast\AvastUI.exe
Task: {C8B3BEC0-445A-4C04-8205-BBFF2E48A70F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {D3D2D3B8-17B6-47FB-865B-FCE236F6A32D} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {D72679E8-9CD2-47F4-B25E-142E70D2037E} - \CPU Grid Computing No Task File <==== ATTENTION
Task: {D9256E96-191E-47D8-BFE1-4572C9F048F4} - System32\Tasks\SaveSense => C:\Users\Minako\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E0710B95-8F6E-4BA4-B0F5-E77A6D9E9848} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [2014-05-20] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Minako\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\schedule!1818212897.job => C:\ProgramData\BetterSoft\EasyLife Updater\EasyLife Updater.exe
Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
==================== Loaded Modules (whitelisted) =============
2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-01-19 02:08 - 2011-01-19 02:08 - 00620136 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2014-07-07 19:41 - 2014-08-25 17:02 - 02640408 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-09-04 09:17 - 2013-09-04 09:17 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2014-08-11 12:43 - 2014-08-11 12:43 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2011-05-20 10:13 - 2011-05-20 10:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2011-08-10 19:16 - 2010-05-29 13:57 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\hiddriver.dll
2011-01-19 02:08 - 2011-01-19 02:08 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2014-08-11 12:43 - 2014-08-11 12:43 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-07-07 19:41 - 2014-07-07 19:41 - 01645592 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
2011-01-17 15:19 - 2011-08-27 20:30 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-11-11 00:20 - 2014-11-11 00:20 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-13 13:35 - 2014-02-13 13:35 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2011-03-23 16:11 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-12 00:55 - 2014-11-12 00:55 - 16840880 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll
2010-11-24 11:08 - 2010-11-24 11:08 - 00050952 _____ () C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\IccLibApiWrapperDll.dll
2010-11-24 11:08 - 2010-11-24 11:08 - 00100616 _____ () C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\IccLibDll.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\4.avi:TOC.WMV
AlternateDataStreams: C:\Users\5.avi:TOC.WMV
AlternateDataStreams: C:\Users\6.avi:TOC.WMV
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:5925E400
AlternateDataStreams: C:\ProgramData\Temp:5D458568
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:8173A019
AlternateDataStreams: C:\ProgramData\Temp:96D0C06F
AlternateDataStreams: C:\ProgramData\Temp:9B750A13
AlternateDataStreams: C:\ProgramData\Temp:E79EFDA4
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\16696571.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\16696571.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-4201896478-3710373697-1095196273-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-4201896478-3710373697-1095196273-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4201896478-3710373697-1095196273-1002 - Limited - Enabled)
Minako (S-1-5-21-4201896478-3710373697-1095196273-1000 - Administrator - Enabled) => C:\Users\Minako
==================== Faulty Device Manager Devices =============
Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: bd0001
Description: bd0001
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: bd0001
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: bd0004
Description: bd0004
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: bd0004
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: 360Safe Anti Hacker Service
Description: 360Safe Anti Hacker Service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: 360AntiHacker
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: 360netmon
Description: 360netmon
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: 360netmon
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/15/2014 00:33:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/15/2014 00:20:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/15/2014 00:05:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/14/2014 09:04:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (11/14/2014 09:04:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (11/14/2014 09:04:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (11/14/2014 02:31:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (11/14/2014 02:29:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (11/14/2014 02:29:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (11/14/2014 02:29:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (11/15/2014 00:32:56 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (11/15/2014 00:32:56 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (11/15/2014 00:32:56 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (11/15/2014 00:32:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Microsoft Office Sessions:
=========================
Error: (11/15/2014 00:33:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/15/2014 00:20:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/15/2014 00:05:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/14/2014 09:04:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe
Error: (11/14/2014 09:04:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe
Error: (11/14/2014 09:04:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe
Error: (11/14/2014 02:31:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3
Error: (11/14/2014 02:29:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe
Error: (11/14/2014 02:29:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe
Error: (11/14/2014 02:29:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe
CodeIntegrity Errors:
===================================
Date: 2014-11-12 12:52:17.395
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\luafv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 33%
Total physical RAM: 8173.98 MB
Available physical RAM: 5440.38 MB
Total Pagefile: 16346.14 MB
Available Pagefile: 13315.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:690.95 GB) (Free:96.02 GB) NTFS
Drive d: (DATA) (Fixed) (Total:691.21 GB) (Free:487.04 GB) NTFS
Drive p: (SPORE) (CDROM) (Total:3.9 GB) (Free:0 GB) UDF
Drive r: (RCT_DELUXE) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS
Drive s: (Sims2_EP5_1) (CDROM) (Total:0.73 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 7487BCAB)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=691 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=691.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Sorry für den Doppelpost, aber er ist gerade schon wieder ausgegangen.
Und zwar, als ich Starbound über Steam starten wollte.
Kann ja sein, dass er irgendwie überlastet ist oder so..? |
FRST 32-Bit | FRST 64-Bit
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 