Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Rechner schaltet sich aus / hängt sich auf

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.11.2014, 12:45   #1
Minako
 
Rechner schaltet sich aus / hängt sich auf - Standard

Rechner schaltet sich aus / hängt sich auf



Hallo ihr Lieben.

So langsam gerate ich an den Rand der Verzweiflung. Denn mein Computer hat seit einiger Zeit die Angewohnheit, sich nach dem Hochfahren direkt wieder auszuschalten.
Es variiert von Tag zu Tag, wie oft er das macht. Vorgestern ging er nach dem ersten Aufhängen wieder. Heute musste ich fast eine Stunde den Powerknopf resetten, bis er überhaupt Windows hochgefahren hat. Er stürzt vorher immer ab (Mein Powerknopf hat ein blaues Symbol aufleuchten, wenn er arbeitet. Dieses Symbol blinkt normalerweise immer, aber wenn er sich aufhängt, ist er aus. Daran erkenne ich es meist).

Ich habe den CCleaner und AVG scannen lassen, doch leider kamen sie zu keinem Ergebnis. Avast kann ich seltsamerweise nicht benutzen, da bei mir die Meldung käme: Dieses Programm wird von einer Gruppenrichtlinie blockiert, wenden Sie sich an den Systemadministrator.
Ich bin der Admin, aber seltsamerweise scheine ich keine Adminrechte zu haben.

Das System neu aufspielen kann ich leider auch nicht, da mir der Rechner ohne Windows CD geliefert wurde.

Ich hoffe, dass ihr mir hier Ratschläge geben könnt. Könnte es ein Hardwarefehler sein? Weil nicht einmal die Windowsstarthilfe bei mir gehen will. Entweder er hängt sich währenddessen immer wieder auf oder er kann sie nicht starten, weil irgend eine Datei beschädigt zu sein scheint.

Meine Rechnerdaten sind wie folgt:



Ich weiß nicht, ob das mit den Abstürzen in Verbindung steht, aber seit geraumer Zeit bekomme ich beim Starten auch folgende Fehlermeldung:



Das merkwürdige an diesen Abstürzen ist, dass der PC nach diesen "Macken" fehlerfrei läuft. Er stürzt nicht ab, hängt sich nicht auf, geht nicht einfach aus. Gar nichts. Er funktioniert, als wäre nie etwas gewesen.
Aber jeden Morgen nach der Nachtruhe fängt das Ganze von vorne an.
Ich bin einfach ratlos.



Alt 15.11.2014, 12:52   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Rechner schaltet sich aus / hängt sich auf - Standard

Rechner schaltet sich aus / hängt sich auf



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 15.11.2014, 16:38   #3
Minako
 
Rechner schaltet sich aus / hängt sich auf - Standard

Rechner schaltet sich aus / hängt sich auf



Dankeschön für die Schnelle Antwort.

Also die Log Files sehen wie folgt aus:
FRST.Txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Minako (administrator) on AKATSUKI on 15-11-2014 12:55:19
Running from C:\Users\Minako\Desktop
Loaded Profiles: Minako & Administrator (Available profiles: Minako & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Akamai Technologies, Inc.) C:\Users\Minako\AppData\Local\Akamai\netsession_win.exe
(DJMASTER.COM) C:\Program Files\ONAIR\ONAIR.exe
(Akamai Technologies, Inc.) C:\Users\Minako\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(FILSH Media GmbH) C:\Program Files (x86)\FILSHtray\FILSHtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Roccat GmbH) C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\Tor\tor.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Local Weather LLC) C:\Users\Minako\AppData\Local\WeatherAlerts\WeatherAlerts.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Uwe Sieber - www.uwe-sieber.de) C:\Users\Minako\Documents\USBDLM\USBDLM.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Uwe Sieber - www.uwe-sieber.de) C:\Users\Minako\Documents\USBDLM\USBDLM_usr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [RoccatKova+] => C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE [536576 2010-06-23] (Roccat GmbH)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-19] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Spyware Terminator <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Spyware Terminator <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKU\S-1-5-19\...\Run: [QyKernel] => D:\IQIYI Video\LStyle\QyKernel.exe
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\Run: [QyKernel] => D:\IQIYI Video\LStyle\QyKernel.exe
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Minako\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [ONAIR] => C:\Program Files\ONAIR\ONAIR.exe [3525120 2013-04-27] (DJMASTER.COM)
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [28201096 2012-01-12] (Electronic Arts)
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [arvsij] => regsvr32.exe "C:\ProgramData\arvsij.dat"
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: N - N:\Autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: {422852ff-8154-11e1-bae1-001986003c65} - M:\Autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: {42285303-8154-11e1-bae1-001986003c65} - O:\Autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: {4228533c-8154-11e1-bae1-001986003c65} - R:\Autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: {a49cde22-5a55-11e2-9f18-001986003c65} - P:\autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MountPoints2: {a49cde24-5a55-11e2-9f18-001986003c65} - S:\Autorun.exe
HKU\S-1-5-21-4201896478-3710373697-1095196273-500\...\Run: [QyKernel] => D:\IQIYI Video\LStyle\QyKernel.exe
HKU\S-1-5-18\...\Run: [Arvo] => C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE [582144 2010-04-01] (ROCCAT)
HKU\S-1-5-18\...\Run: [QyKernel] => D:\IQIYI Video\LStyle\QyKernel.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FILSHtray.lnk
ShortcutTarget: FILSHtray.lnk -> C:\Program Files (x86)\FILSHtray\FILSHtray.exe (FILSH Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
ShortcutTarget: DesktopWeatherAlerts.lnk -> C:\Users\Minako\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe ()
Startup: C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weather Alerts.lnk
ShortcutTarget: Weather Alerts.lnk -> C:\Users\Minako\AppData\Local\WeatherAlerts\WeatherAlerts.exe (Local Weather LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [360UDiskGuard Icon Overlay] -> {CC00F81D-5262-450A-B1FA-D6BEE3406263} => C:\Program Files (x86)\360\360Safe\safemon\360UDiskGuard64.dll (360.cn)
ShellIconOverlayIdentifiers: [FunOverlay] -> {A5662DF9-0C2E-4A56-9FE1-BACFF6966D88} => C:\Users\Public\Fundata\Lucifer.dll (Funshion)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=TJ&userid=f913ac72-94f2-4642-a21c-3817774a1fd2&sp=addr&q={searchTerms}&t=a0919
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.360.cn/?a1004
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=hp&from=wpm0226&uid=ST31500341AS_9VS54Z82XXXX9VS54Z82&ts=1393412043
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=TJ&userid=f913ac72-94f2-4642-a21c-3817774a1fd2&sp=addr&q={searchTerms}&t=a0919
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://isearch.babylon.com/?babsrc=HP_ss_btis&mntrId=C466001986003C65&affID=121564&tsp=4949
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.360.cn/?a1004
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hao.360.cn/?a1004
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&st=home&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163&st=chrome&q=
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyE0E0E0C0EyD0D0AtCtN0D0Tzu0SzztBtBtN1L2XzutBtFtCzztFzztFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0C0BtA0BtDzztGyDyDyCtCtGzzyByEyCtGyE0B0FyDtGyDtAtCzyzy0DyEyC0E0D0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0BtC0A0ByD0FtCtG0Dzy0C0BtG0C0DtD0EtG0DtD0FyBtGtCtA0E0BtDtDtC0FtBtCyE0E2Q&cr=812360986&ir=
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=2e40d927-4f50-4e52-8b5c-4e2de03ac3bb&sp=addr&q={searchTerms}&t=a0902
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyE0E0E0C0EyD0D0AtCtN0D0Tzu0SzztBtBtN1L2XzutBtFtCzztFzztFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0C0BtA0BtDzztGyDyDyCtCtGzzyByEyCtGyE0B0FyDtGyDtAtCzyzy0DyEyC0E0D0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0BtC0A0ByD0FtCtG0Dzy0C0BtG0C0DtD0EtG0DtD0FyBtGtCtA0E0BtDtDtC0FtBtCyE0E2Q&cr=812360986&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1389370130&from=vtt&uid=ST31500341AS_9VS54Z82XXXX9VS54Z82&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=TJ&userid=f913ac72-94f2-4642-a21c-3817774a1fd2&sp=addr&q={searchTerms}&t=a0919
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=TJ&userid=f913ac72-94f2-4642-a21c-3817774a1fd2&sp=addr&q={searchTerms}&t=a0919
SearchScopes: HKLM-x32 - {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=34&r=2013/02/11&hid=2350046167&lg=EN&cc=DE
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST31500341AS_9VS54Z82XXXX9VS54Z82&ts=1393412043&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163&q={searchTerms}
SearchScopes: HKCU - DefaultScope {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&bar=13&tn=58051076_cb
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=TJ&userid=f913ac72-94f2-4642-a21c-3817774a1fd2&sp=addr&q={searchTerms}&t=a0919
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3315521&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPD9A49C16-864F-4A2C-944A-FB333838E805&q={searchTerms}&SSPV=
SearchScopes: HKCU - {01bd49d7-c76b-4310-8beb-14d7e5f322c6} URL = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=34&r=2013/02/11&hid=2350046167&lg=EN&cc=DE
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=C466001986003C65&affID=121564&tsp=4949
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyE0E0E0C0EyD0D0AtCtN0D0Tzu0SzztBtBtN1L2XzutBtFtCzztFzztFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0C0BtA0BtDzztGyDyDyCtCtGzzyByEyCtGyE0B0FyDtGyDtAtCzyzy0DyEyC0E0D0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0BtC0A0ByD0FtCtG0Dzy0C0BtG0C0DtD0EtG0DtD0FyBtGtCtA0E0BtDtDtC0FtBtCyE0E2Q&cr=812360986&ir=
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ver=3.6&ts=1371856923463&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://search.delta-homes.com/web/?utm_source=b&utm_medium=wpm0226&utm_campaign=installer&utm_content=ds&from=wpm0226&uid=ST31500341AS_9VS54Z82XXXX9VS54Z82&ts=1393412043&type=default&q={searchTerms}
SearchScopes: HKCU - {7FD3ED0B-4FAD-4B7B-84F0-856A49DE8960} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=FV&apn_dtid=YYYYYYYYDE&apn_uid=c33e543b-7429-4033-93cb-3298e8b94fd7&apn_sauid=44135D83-2E42-4EE6-ADF7-EBE673F5A039
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={38F96A14-2808-47DE-83EE-ACCCDCE3FFB4}&mid=30021ecc282547d291a0294607f0073d-6ce2d8e30c68c20adee14e42a90cbd8760bb12ba&lang=de&ds=cg011&coid=avgtbdiscg&cmpid=&pr=sa&d=2014-07-07 20:42:14&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ver=5.5&ts=1371856923463.000004&tguid=41460-2938-1371856923463-E908E2F7F85AB6A71F1C889059AB6163&q={searchTerms}
SearchScopes: HKCU - {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = hxxp://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&bar=13&tn=58051076_cb
BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\360Safe\safemon\safemon64.dll (360.cn)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {19a395c9-823b-4700-b817-396fc84ffb16} ->  No File
BHO-x32: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO-x32: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Wajam -> {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} -> C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\360Safe\safemon\safemon.dll (360.cn)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: F1AC60D5-86C6-15D1-8646-CB1A182D2AA4 Class -> {F1AC60D5-86C6-15D1-8646-CB1A182D2AA4} -> C:\Program Files (x86)\BaiduAddr\{F1AC60D5-86C6-15D1-8646-CB1A182D2AA4}\AddressBar.dll ()
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {19a395c9-823b-4700-b817-396fc84ffb16} -  No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKU\S-1-5-21-4201896478-3710373697-1095196273-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-4201896478-3710373697-1095196273-1000 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} -  No File
Toolbar: HKU\S-1-5-21-4201896478-3710373697-1095196273-1000 -> No Name - {B580CF65-E151-49C3-B73F-70B13FCA8E86} -  No File
Toolbar: HKU\S-1-5-21-4201896478-3710373697-1095196273-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchUrl: 
FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=ir_14_14_ch&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtCtCyE0E0E0C0EyD0D0AtCtN0D0Tzu0SzztBtBtN1L2XzutBtFtCzztFzztFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0C0C0BtA0BtDzztGyDyDyCtCtGzzyByEyCtGyE0B0FyDtGyDtAtCzyzy0DyEyC0E0D0AtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0BtC0A0ByD0FtCtG0Dzy0C0BtG0C0DtD0EtG0DtD0FyBtGtCtA0E0BtDtDtC0FtBtCyE0E2Q&cr=812360986&ir=
FF Keyword.URL: 
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @pps.tv/npWebPlayer -> D:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin-x32: @360.cn/npaxlogin -> C:\Program Files (x86)\360\360Safe\Utils\npaxlogin.dll (360.cn)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.10.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @pps.tv/npWebPlayer -> D:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-4201896478-3710373697-1095196273-1000: @360.cn/360MMPlugin -> C:\Program Files (x86)\360\360Safe\MobileMgr\np360MMPlugIn.dll No File
FF Plugin HKU\S-1-5-21-4201896478-3710373697-1095196273-1000: @my.com/Games -> C:\Users\Minako\AppData\Local\MyComGames\NPMyComDetector.dll (My.com, Inc)
FF Plugin HKU\S-1-5-21-4201896478-3710373697-1095196273-1000: @pps.tv/npWebPlayer -> D:\IQIYI Video\LStyle\npWebPlayer.dll No File
FF Plugin HKU\S-1-5-21-4201896478-3710373697-1095196273-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\user.js
FF user.js: detected! => C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\EasyLife.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\holasearch.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\holasearch.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\iminent.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\Messenger Plus Smartbar Search.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\SweetIM Search.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\sweetim.xml
FF SearchPlugin: C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: No Name - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\ffxtlbr@babylon.com [2012-01-23]
FF Extension: Mitter Toolbar - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\tagiritoolbar@tagiri.jp [2011-12-23]
FF Extension: DownloadHelper - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-06-21]
FF Extension: Vuze Remote  - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} [2012-07-17]
FF Extension: Greasemonkey - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-08-03]
FF Extension: DivX Web Player - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\DivXWebPlayer@divx.com.xpi [2012-05-20]
FF Extension: Linky - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\linky@gemal.dk.xpi [2012-06-18]
FF Extension: LinkyLook - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\linkylook@dniflima.about.tc.xpi [2012-06-18]
FF Extension: NicoFox - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\nicofox@littlebtc.xpi [2012-06-19]
FF Extension: PokéFarm Toolbar - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\toolbar-tbplatform@alexa.com.xpi [2012-06-21]
FF Extension: CookieCuller - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi [2012-06-21]
FF Extension: Adblock Plus - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\t573cr00.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-29]
FF Extension: Browser Companion Helper - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\bbrs_002@blabbers.com [2012-09-19]
FF Extension: Fast Start - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\faststartff@gmail.com [2014-07-12]
FF Extension: Messenger Plus! Community Smartbar - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\helperbar@helperbar.com [2014-06-04]
FF Extension: Messenger Plus! Community Smartbar - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{2e40d927-4f50-4e52-8b5c-4e2de03ac3bb} [2013-03-05]
FF Extension: DownloadHelper - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Flash and Video Download - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-10-14]
FF Extension: No Name - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\ffext_basicvideoext@startpage24.xpi [2014-10-31]
FF Extension: No Name - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\firefox@browsesmart.net.xpi [2014-01-10]
FF Extension: Linky - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\linky@gemal.dk.xpi [2012-09-04]
FF Extension: No Name - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2014-07-29]
FF Extension: MySearchDial - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi [2014-04-03]
FF Extension: Adblock Plus - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-18]
FF Extension: Tab Mix Plus - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-08-23]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Minako\AppData\Roaming\Mozilla\Firefox\Profiles\oc2c4cd9.Minako\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-12-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-07-20]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 [2014-08-25]
FF Extension: Wajam - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013-12-09]
FF Extension: No Name - {5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} [Not Found]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-07-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S4 MsgPlusService; C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [128000 2013-05-07] (Yuna Software) [File not signed]
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-10-23] (Nero AG)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4784312 2014-01-21] (INCA Internet Co., Ltd.) [File not signed]
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-11-11] (Overwolf Ltd)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-09-04] () [File not signed]
R2 USBDLM; C:\Users\Minako\Documents\USBDLM\USBDLM.exe [441792 2014-01-12] (Uwe Sieber - www.uwe-sieber.de) [File not signed]
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S4 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2013-11-01] (Wajam) [File not signed] <==== ATTENTION
R2 XTUService; C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [21768 2010-11-24] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArvoFltr; C:\Windows\System32\drivers\ArvoFltr.sys [15872 2009-05-06] (ROCCAT Development, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
R3 KovaPlusFltr; C:\Windows\System32\drivers\KovaPlusFltr.sys [15104 2010-01-25] (ROCCAT Development, Inc.)
S1 360AntiHacker; System32\Drivers\360AntiHacker64.sys [X]
S1 360Box64; system32\DRIVERS\360Box64.sys [X]
S3 360Camera; System32\Drivers\360Camera64.sys [X]
S1 360FsFlt; system32\DRIVERS\360FsFlt.sys [X]
S4 360Hvm; System32\Drivers\360Hvm64.sys [X]
S1 360netmon; system32\DRIVERS\360netmon.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S1 bd0001; system32\DRIVERS\bd0001.sys [X]
S1 bd0004; system32\DRIVERS\bd0004.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
S3 WINIO; \??\C:\Program Files (x86)\IQIYI Video\PStyle\winio.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 12:55 - 2014-11-15 12:56 - 00040297 _____ () C:\Users\Minako\Desktop\FRST.txt
2014-11-15 12:54 - 2014-11-15 12:55 - 00000000 ____D () C:\FRST
2014-11-15 12:54 - 2014-11-15 12:54 - 02116608 _____ (Farbar) C:\Users\Minako\Downloads\FRST64.exe
2014-11-15 12:54 - 2014-11-15 12:54 - 02116608 _____ (Farbar) C:\Users\Minako\Desktop\FRST64.exe
2014-11-14 12:15 - 2014-11-14 12:16 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Zoo
2014-11-14 12:15 - 2014-11-14 12:15 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\CloudMedia
2014-11-13 19:36 - 2014-11-13 19:36 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\TERA
2014-11-13 19:34 - 2014-11-14 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-11-13 19:34 - 2014-11-13 19:36 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-11-13 19:34 - 2014-11-13 19:34 - 00001075 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk
2014-11-13 19:34 - 2014-11-13 19:34 - 00000000 ____D () C:\Users\Minako\Downloads\Gameforge Live
2014-11-13 19:34 - 2014-11-13 19:34 - 00000000 ____D () C:\Users\Minako\AppData\Local\Gameforge4d
2014-11-13 19:31 - 2014-11-13 19:34 - 20201072 _____ (Gameforge ) C:\Users\Minako\Downloads\TERA_GameforgeLiveSetup.exe
2014-11-12 13:29 - 2014-11-12 13:29 - 00291880 _____ () C:\Windows\Minidump\111214-34117-01.dmp
2014-11-12 12:46 - 2014-11-12 12:46 - 00000000 _____ () C:\Windows\Minidump\111214-42291-01.dmp
2014-11-11 00:19 - 2014-11-11 00:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-11 00:00 - 2014-11-11 00:00 - 00002286 _____ () C:\Users\Minako\Documents\cc_20141111_000009.reg
2014-11-10 21:12 - 2014-11-10 21:12 - 00041598 _____ () C:\Users\Minako\Documents\cc_20141110_211236.reg
2014-11-10 21:12 - 2014-11-10 21:12 - 00002318 _____ () C:\Users\Minako\Documents\cc_20141110_211252.reg
2014-11-10 20:57 - 2014-11-10 20:57 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\AVG2014
2014-11-10 20:56 - 2014-11-10 21:05 - 00000985 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-11-10 20:56 - 2014-11-10 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-10 20:55 - 2014-11-10 20:55 - 00000000 ___HD () C:\$AVG
2014-11-10 20:55 - 2014-11-10 20:55 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-11-10 20:54 - 2014-11-10 22:11 - 00000000 ____D () C:\Users\Minako\AppData\Local\Avg2014
2014-11-10 20:33 - 2014-11-10 20:33 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Aeria Games
2014-11-10 20:32 - 2014-11-10 20:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\AVG SafeGuard toolbar
2014-11-10 20:31 - 2014-11-10 20:31 - 00001409 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-11-10 20:28 - 2014-11-10 20:28 - 04578024 _____ (AVG Technologies) C:\Users\Minako\Downloads\avg_avct_stb_all_2015_5315_ppc17.exe
2014-11-10 20:28 - 2014-11-10 20:28 - 00000247 _____ () C:\Windows\system32\2014-11-10-19-28-47.058-aswFe.exe-3964.log
2014-11-10 20:23 - 2014-11-10 20:28 - 00000247 _____ () C:\Windows\system32\2014-11-10-19-23-50.095-aswFe.exe-7872.log
2014-11-10 20:23 - 2014-11-10 20:23 - 00000197 _____ () C:\Windows\system32\2014-11-10-19-23-45.084-AvastVBoxSVC.exe-7564.log
2014-11-10 20:21 - 2014-11-10 20:21 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-10 20:21 - 2014-11-10 20:21 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-10 20:18 - 2014-11-10 20:18 - 00323616 _____ (Dropbox, Inc.) C:\Users\Public\Desktop\DropboxInstallerAvast.exe
2014-11-10 20:08 - 2014-11-10 20:15 - 131078000 _____ (AVAST Software) C:\Users\Minako\Downloads\avast_free_antivirus_setup.exe
2014-11-10 12:06 - 2014-11-10 12:06 - 00007028 _____ () C:\Users\Minako\Documents\cc_20141110_120618.reg
2014-11-10 11:50 - 2014-11-10 11:50 - 00001664 _____ () C:\Users\Minako\Documents\cc_20141110_115051.reg
2014-11-08 13:10 - 2014-11-08 13:10 - 00001664 _____ () C:\Users\Minako\Documents\cc_20141108_131041.reg
2014-11-08 12:22 - 2014-11-08 12:22 - 14571220 _____ () C:\Users\Minako\Documents\Gray Fullbuster.Sims2Pack
2014-11-06 19:39 - 2014-11-06 19:39 - 00000000 ____D () C:\ProgramData\Avg_Update_1114tb
2014-11-06 18:17 - 2014-11-06 18:17 - 00000114 _____ () C:\Users\Minako\Desktop\Allods (DE).url
2014-11-06 18:17 - 2014-11-06 18:17 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allods (DE)
2014-11-06 16:30 - 2014-11-10 12:47 - 00000000 ____D () C:\Users\Minako\AppData\Local\MyComGames
2014-11-06 16:30 - 2014-11-06 16:30 - 00002013 _____ () C:\Users\Minako\Desktop\My.com Games.lnk
2014-11-06 16:30 - 2014-11-06 16:30 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2014-11-06 16:29 - 2014-11-06 16:29 - 04071720 _____ () C:\Users\Minako\Downloads\AllodsdeLoader_de.exe
2014-11-04 22:06 - 2014-11-15 12:31 - 00002072 _____ () C:\Windows\setupact.log
2014-11-04 22:06 - 2014-11-12 13:29 - 674598088 _____ () C:\Windows\MEMORY.DMP
2014-11-04 22:06 - 2014-11-10 20:48 - 00461740 _____ () C:\Windows\PFRO.log
2014-11-04 22:06 - 2014-11-04 22:06 - 00291800 _____ () C:\Windows\Minidump\110414-52650-01.dmp
2014-11-04 22:06 - 2014-11-04 22:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-04 13:36 - 2014-11-04 13:36 - 00010072 _____ () C:\Users\Minako\Documents\cc_20141104_133615.reg
2014-11-04 13:31 - 2014-11-04 13:31 - 00002066 _____ () C:\Users\Minako\Documents\cc_20141104_133106.reg
2014-11-04 13:28 - 2014-11-04 13:28 - 00004902 _____ () C:\Users\Minako\Documents\cc_20141104_132829.reg
2014-11-04 13:27 - 2014-11-04 13:27 - 00052688 _____ () C:\Users\Minako\Documents\cc_20141104_132716.reg
2014-11-04 13:24 - 2014-11-04 13:24 - 00000000 ____D () C:\ProgramData\{plbackup-CFE0-66E8-660553B4C955}
2014-11-04 13:22 - 2014-11-04 13:22 - 00001244 _____ () C:\Users\Public\Desktop\影视大全.lnk
2014-11-04 13:22 - 2014-11-04 13:22 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\ppslog
2014-11-04 13:22 - 2014-06-11 10:43 - 00285120 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2014-11-04 13:21 - 2014-11-04 14:25 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\PPStream
2014-11-04 13:21 - 2014-11-04 13:34 - 00000000 ____D () C:\ProgramData\IQIYI Video
2014-11-04 12:56 - 2014-11-04 12:57 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\360Safe
2014-11-04 12:56 - 2014-11-04 12:56 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\360Login
2014-11-01 12:28 - 2014-11-01 12:28 - 00003144 _____ () C:\Windows\System32\Tasks\{F4B16D26-157B-41F0-99E3-EF4E14A6922C}
2014-11-01 12:19 - 2014-11-01 12:19 - 00000000 ____D () C:\ProgramData\LocalStorage
2014-11-01 12:14 - 2014-11-01 12:14 - 00024576 _____ () C:\cache_index.db
2014-11-01 12:13 - 2014-11-01 12:13 - 00000000 ____D () C:\Qiyi
2014-11-01 02:39 - 2014-11-01 02:39 - 00000000 ____D () C:\Windows\TMP
2014-11-01 00:25 - 2014-11-01 00:25 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\DataRepair
2014-11-01 00:20 - 2014-11-15 00:27 - 00000000 ____D () C:\Users\Public\FunAcce
2014-10-31 22:58 - 2014-10-31 22:58 - 00000000 __SHD () C:\Users\Minako\AppData\Roaming\360Quarant
2014-10-31 22:58 - 2014-10-31 22:58 - 00000000 __SHD () C:\$360Section
2014-10-31 20:08 - 2014-11-01 12:20 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\360se6
2014-10-31 20:08 - 2014-10-31 20:08 - 00000000 ____D () C:\ProgramData\{plbackup-CFE0-66E8-660553B4C954}
2014-10-31 20:07 - 2014-11-01 12:11 - 00000000 ____D () C:\Program Files (x86)\BaiduAddr
2014-10-31 20:03 - 2014-11-04 13:11 - 00000000 ____D () C:\ProgramData\360safe
2014-10-31 20:03 - 2014-10-31 20:03 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\360Login
2014-10-31 20:02 - 2014-10-31 20:02 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Qiyi
2014-10-31 20:02 - 2014-10-31 20:02 - 00000000 ____D () C:\Program Files (x86)\360
2014-10-31 20:02 - 2014-10-31 20:02 - 00000000 ____D () C:\KwDownloadx
2014-10-31 20:00 - 2014-10-31 20:01 - 08448232 _____ (酷我科技) C:\Users\Minako\Downloads\kwmusic2012.exe
2014-10-31 19:58 - 2014-10-31 19:58 - 00049480 _____ (Baidu) C:\Windows\system32\Drivers\BDSafeBrowser.sys
2014-10-31 19:56 - 2014-11-04 13:27 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\IQIYI Video
2014-10-31 19:55 - 2014-11-04 13:25 - 00000000 ____D () C:\ProgramData\KWGameBox
2014-10-31 19:54 - 2014-11-04 13:21 - 00000000 ____D () C:\ProgramData\Baidu
2014-10-31 19:54 - 2013-12-10 08:53 - 00041800 _____ (Baidu) C:\Windows\system32\bd64_x64.dll_26430984
2014-10-31 19:54 - 2013-12-10 08:53 - 00039056 _____ (Baidu) C:\Windows\system32\bd64_x86.dll_26430999
2014-10-31 19:53 - 2014-11-15 12:39 - 00000000 ____D () C:\Users\Public\Fundata
2014-10-31 19:53 - 2014-10-31 20:07 - 00000000 ____D () C:\Program Files (x86)\Baidu
2014-10-31 19:48 - 2014-10-31 20:02 - 00000000 ____D () C:\ProgramData\kuwodata
2014-10-31 19:48 - 2014-10-31 19:48 - 00000000 ____D () C:\KwDownload
2014-10-31 19:47 - 2014-10-31 19:47 - 12801352 _____ (酷我科技) C:\Users\Minako\Downloads\kuwo2014.exe
2014-10-21 20:13 - 2014-10-21 20:13 - 00000000 ____D () C:\Users\Minako\AppData\Local\Skype
2014-10-21 20:12 - 2014-10-21 20:12 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-21 20:12 - 2014-10-21 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-21 20:11 - 2014-10-21 20:11 - 01677920 _____ (Skype Technologies S.A.) C:\Users\Minako\Downloads\SkypeSetup.exe
2014-10-18 10:57 - 2014-10-18 10:57 - 01054912 _____ (Adobe) C:\Users\Minako\Downloads\install_flashplayer15x32au_ltr5x64d_awc_aih.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-15 12:54 - 2013-10-22 11:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-15 12:47 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-15 12:47 - 2009-07-14 05:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-15 12:45 - 2013-01-23 13:01 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Skype
2014-11-15 12:35 - 2014-01-10 17:35 - 00000296 _____ () C:\Windows\Tasks\SaveSense.job
2014-11-15 12:35 - 2012-12-10 11:45 - 01984811 _____ () C:\Windows\WindowsUpdate.log
2014-11-15 12:33 - 2011-08-25 19:20 - 00000000 ____D () C:\ProgramData\clear.fi
2014-11-15 12:31 - 2012-12-09 11:47 - 00000424 _____ () C:\Windows\Tasks\Wise Care 365.job
2014-11-15 12:31 - 2011-08-10 19:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-15 12:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-15 12:24 - 2014-06-17 13:57 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-15 01:55 - 2013-03-21 13:24 - 00000000 ____D () C:\Users\Minako\Documents\Fertige Geschichten
2014-11-15 00:52 - 2014-01-15 21:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-14 20:58 - 2012-12-10 14:33 - 00347136 ___SH () C:\Users\Minako\Thumbs.db
2014-11-14 15:01 - 2014-07-20 22:52 - 00000324 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job
2014-11-14 07:25 - 2011-11-09 21:05 - 00000000 ____D () C:\Users\Minako\AppData\Local\Akamai
2014-11-12 23:52 - 2014-07-20 22:52 - 00000332 _____ () C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job
2014-11-12 22:32 - 2011-12-12 20:23 - 00000000 ____D () C:\Users\Minako\Documents\FILSHtray
2014-11-12 19:17 - 2013-08-07 11:48 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-11-12 13:29 - 2011-08-30 16:52 - 00000000 ____D () C:\Windows\Minidump
2014-11-12 00:55 - 2013-10-22 11:28 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 00:55 - 2012-11-27 11:57 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 00:55 - 2012-11-27 11:57 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-11 15:42 - 2012-06-03 13:42 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\vlc
2014-11-11 12:56 - 2014-02-18 11:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 22:51 - 2014-06-19 18:07 - 00000000 ____D () C:\Users\Minako\Documents\MajesticRO Full Client
2014-11-10 20:56 - 2014-06-17 19:35 - 00000000 ____D () C:\ProgramData\AVG2014
2014-11-10 20:48 - 2014-01-08 14:31 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-10 20:46 - 2014-01-08 14:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-10 20:44 - 2014-01-15 22:05 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-10 20:44 - 2013-04-19 21:12 - 00000000 ____D () C:\Users\Minako\AppData\Local\Google
2014-11-10 20:43 - 2012-02-05 21:16 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-11-10 20:42 - 2014-09-15 10:31 - 00000000 ____D () C:\Program Files (x86)\Mr DJ
2014-11-10 20:33 - 2014-01-08 14:46 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-10 20:31 - 2014-06-16 21:46 - 00001443 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-10 17:07 - 2014-01-10 18:35 - 00000153 _____ () C:\Users\Minako\AppData\Roaming\WB.CFG
2014-11-10 12:06 - 2011-03-23 15:25 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
2014-11-10 12:05 - 2011-03-23 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2014-11-10 12:05 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-10 12:04 - 2014-01-10 17:36 - 00000000 ____D () C:\Users\Minako\AppData\Local\Mobogenie
2014-11-10 12:03 - 2014-01-17 22:10 - 00000000 ___SD () C:\Users\Minako\Documents\Mabinogi
2014-11-10 12:02 - 2014-02-26 11:54 - 00000000 ____D () C:\ProgramData\IePluginService
2014-11-10 12:02 - 2012-02-05 21:15 - 00000000 ____D () C:\AeriaGames
2014-11-06 19:39 - 2014-08-26 18:55 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar
2014-11-06 17:07 - 2012-06-29 21:25 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\Azureus
2014-11-03 12:33 - 2011-08-05 13:14 - 23144550 _____ () C:\Windows\system32\perfh007.dat
2014-11-03 12:33 - 2011-08-05 13:14 - 07244392 _____ () C:\Windows\system32\perfc007.dat
2014-11-03 12:33 - 2009-07-14 06:13 - 00006472 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 00:52 - 2014-08-29 21:34 - 00000000 ____D () C:\Users\Minako\AppData\Local\Adobe
2014-11-01 12:21 - 2014-09-13 19:16 - 00000000 ____D () C:\Users\Minako\AppData\Roaming\baidu
2014-10-31 19:43 - 2013-09-16 23:31 - 00000102 _____ () C:\Users\Minako\AppData\default.pls
2014-10-31 19:41 - 2011-08-27 19:39 - 00000000 ____D () C:\Users\Minako\Documents\FFOutput
2014-10-31 02:36 - 2012-05-24 19:16 - 00000000 ____D () C:\Program Files (x86)\No23 Recorder
2014-10-21 21:58 - 2011-08-28 20:46 - 00000000 ____D () C:\Users\Minako\Documents\Meine empfangenen Dateien
2014-10-21 20:12 - 2011-03-23 15:39 - 00000000 ____D () C:\ProgramData\Skype
2014-10-20 23:00 - 2014-06-16 11:41 - 00000000 ____D () C:\Users\Minako\Documents\data
2014-10-20 08:32 - 2014-01-08 14:32 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 08:32 - 2014-01-08 14:32 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-17 00:40 - 2014-08-01 01:13 - 00001456 _____ () C:\Users\Minako\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-10-16 01:13 - 2014-10-15 21:02 - 00127424 _____ () C:\Users\Minako\Documents\j.SNA
2014-10-16 01:13 - 2011-08-25 18:11 - 00000000 ____D () C:\Users\Minako\Documents\NO$GBA_2.6a

Files to move or delete:
====================
C:\Users\Minako\Dicastia-Patch.exe
C:\Users\Minako\Inazuma Eleven Go Strikers 2013 Trainer.exe


Some content of TEMP:
====================
C:\Users\Minako\AppData\Local\Temp\kwuninsthelper.exe
C:\Users\Minako\AppData\Local\Temp\masflag_runxx.dl.dll
C:\Users\Minako\AppData\Local\Temp\ppstreamsetup_ppsiqiyip04.exe
C:\Users\Minako\AppData\Local\Temp\QYAgent_runxx.dl.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 17:11

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Und die Addition.txt:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014
Ran by Minako at 2014-11-15 12:56:34
Running from C:\Users\Minako\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360安全卫士 (HKLM-x32\...\360安全卫士) (Version: 9.6.0.2002 - 360安全中心)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Aff Packages (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Aff Packages) (Version:  - ) <==== ATTENTION
Akamai NetSession Interface (HKLM-x32\...\Akamai) (Version:  - )
Akamai NetSession Interface (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Allods Online DE (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\Allods Online DE) (Version: 1.38 - My.com B.V.)
Arvo (HKLM-x32\...\{61DF2893-0069-4E50-A02E-3A41A97CB1B4}) (Version: 1.0 - ROCCAT)
Ask Toolbar Updater (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ATTENTION
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Aura Software Manager 1.0.3 (HKLM-x32\...\Aura Software Manager_is1) (Version:  - aura4you.com)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4189 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
Avidemux 2.5 (32-bit) (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.6.7716 - )
BrowseToSave (HKLM\...\{3775CA0B-18F8-4F9B-AD70-50DAEC96E8FD}) (Version: 1.0 - ) <==== ATTENTION
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.15 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.15 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7713 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3009 - Acer Incorporated)
Common RTP 1.0 (HKLM-x32\...\RPGAdvocates_RTP_1.0) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DesktopWeatherAlerts (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\DesktopWeatherAlerts) (Version: 1.0.29.0 - Local Weather LLC) <==== ATTENTION
Die Sims™ 2 Deluxe (HKLM-x32\...\{9C244239-ED8E-40f1-937F-51C706CD2160}) (Version:  - )
Die Sims™ 2 Haustiere (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version:  - )
Die Sims™ 2 Vier Jahreszeiten (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team)
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version:  - ) <==== ATTENTION
FILSHtray (HKLM-x32\...\{5928359F-BF46-4646-BF19-B64E55171EB5}) (Version: 0.12 - FILSH Media GmbH)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
FinalBurner Free v2.24.0.195 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB8A31BED943}) (Version:  - )
FormatFactory 2.70 (HKLM-x32\...\FormatFactory) (Version: 2.70 - Free Time)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter Version 4.0.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.2 - Ellora Assets Corporation)
FrostWire 5.3.6 (HKLM-x32\...\FrostWire 5) (Version: 5.3.6.0 - FrostWire Team)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
Haunted Memories (HKLM-x32\...\Steam App 241640) (Version:  - MadMan Theory Games)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3014 - Acer Incorporated)
HP Deskjet 2510 series - Grundlegende Software für das Gerät (HKLM\...\{288614B1-F070-4B47-A1F5-4790BD8A3176}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Hilfe (HKLM-x32\...\{07B48D2C-E60D-41E6-B546-11D128F633EC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Setup Guide (HKLM-x32\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel Extreme Tuning Utility 2.1.408.41 (HKLM-x32\...\{72B59E5A-CF45-4528-8227-7EDF5EC772BE}) (Version: 2.1.408.41 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
Intel(R) SMBus (HKLM\...\SMBus) (Version:  - )
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
InterActual Player (HKLM-x32\...\InterActual Player) (Version:  - )
Internet Explorer Toolbar 4.8 by SweetPacks (x32 Version: 4.8.0000 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
ips XP 1.11.2600 (HKLM-x32\...\ips XP_is1) (Version: 1.11.2600 - Tenchi wielding the Illumina sword)
Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010FF}) (Version: 7.0.100 - Oracle)
Java 7 Update 10 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217010FF}) (Version: 7.0.100 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Media Engine (HKLM-x32\...\Media Engine) (Version:  - )
Messenger Plus! (HKLM-x32\...\Messenger Plus!) (Version: 6.00.0.776 - Yuna Software)
Messenger Plus! Community Smartbar (HKLM-x32\...\{A603614D-1D5A-4BDC-9046-03330ABC0F03}) (Version: 1.6.1.695 - Messenger Plus!) <==== ATTENTION
Messenger Plus! for Skype (HKLM-x32\...\Messenger Plus! for Skype) (Version: 1.8.0.125 - Yuna Software)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft GIF Animator (HKLM-x32\...\GIF Animator) (Version:  - )
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 33.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 en-US)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My.com Games (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\MyComGames) (Version: 2.23 - BENSTAR LIMITED)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
Nero 8 (HKLM-x32\...\{D3AAAEA9-9A0C-4568-8E9D-073497291031}) (Version: 8.10.132 - Nero AG)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Now Playing Plugin 1.0.0.2 (HKLM-x32\...\np_plugin_is1) (Version:  - )
NVIDIA Grafiktreiber 267.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.33 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.1.13.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.1.13.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6733 - NVIDIA Corporation)
ONAIR 4.0.0.855 (HKLM\...\ONAIR_is1) (Version:  - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Next 20.0.1387.59 (HKLM-x32\...\Opera 20.0.1387.59) (Version: 20.0.1387.59 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{0A337036-B73E-4C85-8D32-3851F84B7CFE}) (Version: 0.46.271 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PhotoFiltre (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\PhotoFiltre) (Version:  - )
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
Ragnarok Online 2 (HKLM-x32\...\Steam App 231060) (Version:  - Gravity, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
ROCCAT Kova[+] Mouse Driver (HKLM-x32\...\{A86DDFE3-F661-461C-9BF2-876AC2CA57DE}) (Version: 1.10 - Roccat GmbH)
RollerCoaster Tycoon 2 (HKLM-x32\...\{BD3BD375-0E7A-48D0-9117-69A5C7DED63E}) (Version:  - )
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
RollerCoaster Tycoon Deluxe (HKLM-x32\...\{924EAD66-F854-4605-8493-696DD59A113B}) (Version: 1.00.000 - )
RTP for RM2K (Png, Wav, Midi, Fonts) (HKLM-x32\...\RTP for RM2K (Png, Wav, Midi, Fonts)) (Version:  - )
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SlimDX Redistributable for .NET 2.0 (September 2011) (HKLM-x32\...\{7C056FA6-E362-467B-8160-062E9474FEE5}) (Version: 2.0.12.43 - SlimDX Group)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Sprill and Ritchie (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117932650}) (Version:  - Oberon Media)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Mario: Blue Twilight DX (v1.04.1) (HKLM-x32\...\Super Mario: Blue Twilight DX (v1.04.1)) (Version:  - )
Super nude patch II 3.0 (HKLM-x32\...\Super_nude_patch_II_1.0) (Version:  - )
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
SweetPacks bundle uninstaller (HKLM-x32\...\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}) (Version: 1.0.0001 - SweetIM Technologies Ltd.) <==== ATTENTION
SWF to AVI (HKLM-x32\...\{3315B802-84C6-47BC-907A-9B77A4646197}_is1) (Version:  - www.swftoavi.com)
TeamSpeak 3 Client (HKU\S-1-5-21-4201896478-3710373697-1095196273-1000\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Sims 2 University (HKLM-x32\...\{8FD3F4BA-A4A6-4380-00A6-CC6853AB2DC2}) (Version:  - )
Tomb Raider II (HKLM-x32\...\Tomb Raider II) (Version:  - )
Tomb Raider III (HKLM-x32\...\Tomb Raider III) (Version:  - )
TS3 Install Helper Monkey (HKLM-x32\...\TS3 Install Helper Monkey) (Version:  - Mad Scientist Productions)
TSR Launcher (HKLM-x32\...\{9082C257-9729-4009-8299-6916CD556EAC}) (Version: 1.0 - The Sims Resource)
TSR Workshop (HKLM-x32\...\{D68A4706-B8C7-4516-BE6C-B738902A1DF3}) (Version: 2.0.36 - The Sims Resource)
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
Vampires Dawn II: Ancient Blood (HKLM-x32\...\{23E49254-B48D-4422-93A1-5F26F02A0A69}_is1) (Version: Vampires Dawn 2 - Version 1.23 - Brianum/Dawnatic)
Vampires Dawn: Reign of Blood (HKLM-x32\...\{CF55095E-07AA-432E-8376-CEF71D70746A}_is1) (Version: Vampires Dawn: Reign of Blood 1.31 - Brianum)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version:  - )
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.1.0.0 - Azureus Software, Inc.)
Wajam (HKLM-x32\...\Wajam) (Version: 2.06 - Wajam) <==== ATTENTION
Watson (HKLM-x32\...\{9B88DD94-1AAE-41C4-BD95-2D8737D5E9E2}) (Version: 1.0.0 - Windows Live Safety Center)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live OneCare safety scanner (HKLM-x32\...\Windows Live OneCare safety scanner) (Version:  - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
winLAME 2010 beta 1 (HKLM-x32\...\{63C16E81-327C-49B6-9643-4F5EFD8A6B2D}) (Version: 1.0.2010.1 - Michael Fink)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-11-2014 18:00:29 Windows-Sicherung
10-11-2014 10:53:01 Removed Aeria Ignite
10-11-2014 19:14:11 Removed AVG 2015
10-11-2014 19:15:26 Removed AVG 2015
10-11-2014 19:18:03 avast! antivirus system restore point
10-11-2014 19:55:06 Installed AVG 2014
10-11-2014 19:55:41 Installed AVG 2014

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {000E756C-2B16-44C0-88EE-BDDC5986EBEC} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: {0032E748-5B5F-43F8-969C-9F50D2643407} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {07518C22-146A-4F8A-B939-5148F9E7B0FC} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4201896478-3710373697-1095196273-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {10FD7300-97EC-47D0-9F67-14A06D987F01} - System32\Tasks\{09838844-998F-455C-8181-CE33AABCD69F} => C:\Program Files\AVAST Software\Avast\AvastUI.exe
Task: {1E025F28-9018-47AD-B52A-6BF55CA4A5B1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {2123F3FD-D33E-4D7D-B4C3-0E957DC3B702} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {22607A00-4259-46F9-B142-8833ADCA6AD8} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)
Task: {2B292801-9F52-46EA-B5BF-28C028F0AE31} - System32\Tasks\SuperEasy Registry Cleaner_DEFAULT => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {2B86EDE6-AF86-4946-BA82-9DC209B7763F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {355B341D-ABAD-4263-9524-0E9DB2FA2226} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4201896478-3710373697-1095196273-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {3891CDB2-89D0-4576-B6C4-A6D0AFC28587} - System32\Tasks\SuperEasy Registry Cleaner => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {389ABE10-5C36-4868-8845-BD96A8E4083D} - \The Bluetooth service discovery No Task File <==== ATTENTION
Task: {38A1682D-50C5-403F-AF2B-215ACD6620A0} - System32\Tasks\RNUpgradeHelperResumePrompt_Minako => C:\Users\Minako\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe [2012-06-14] (RealNetworks, Inc.)
Task: {439B3401-8F95-4ADA-911D-CDCEDC9C9277} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {544BA9D5-F783-476F-8219-5D3F4AF2CAF1} - System32\Tasks\{A76CCB56-FE32-4DA7-9B86-0C467C5E53C2} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsMain
Task: {785D3DF3-412E-457D-9554-9E05F5D6D4F4} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {B3E82EE0-81F2-4D31-93FB-312F3FF1272E} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {B51CA6D5-7A87-499A-8265-105C6789953A} - System32\Tasks\SuperEasy Registry Cleaner_UPDATES => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: {BF7FAFF7-8E37-4255-9759-1D2A92F8896B} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {C26B1C0A-9624-4704-8476-2001F3AF921C} - System32\Tasks\{62EDFB25-F700-422D-80BE-38C9F516F2F5} => C:\Program Files\AVAST Software\Avast\AvastUI.exe
Task: {C8B3BEC0-445A-4C04-8205-BBFF2E48A70F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {D3D2D3B8-17B6-47FB-865B-FCE236F6A32D} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {D72679E8-9CD2-47F4-B25E-142E70D2037E} - \CPU Grid Computing No Task File <==== ATTENTION
Task: {D9256E96-191E-47D8-BFE1-4572C9F048F4} - System32\Tasks\SaveSense => C:\Users\Minako\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {E0710B95-8F6E-4BA4-B0F5-E77A6D9E9848} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [2014-05-20] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\Minako\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\schedule!1818212897.job => C:\ProgramData\BetterSoft\EasyLife Updater\EasyLife Updater.exe
Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_DEFAULT.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\SuperEasy Registry Cleaner_UPDATES.job => C:\Program Files (x86)\SuperEasy Software\Registry Cleaner\SuperEasyRC.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe

==================== Loaded Modules (whitelisted) =============

2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-01-19 02:08 - 2011-01-19 02:08 - 00620136 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2014-07-07 19:41 - 2014-08-25 17:02 - 02640408 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-09-04 09:17 - 2013-09-04 09:17 - 03233806 _____ () C:\Program Files (x86)\Tor\tor.exe
2014-08-11 12:43 - 2014-08-11 12:43 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2011-05-20 10:13 - 2011-05-20 10:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2011-08-10 19:16 - 2010-05-29 13:57 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\hiddriver.dll
2011-01-19 02:08 - 2011-01-19 02:08 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2014-08-11 12:43 - 2014-08-11 12:43 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2014-07-07 19:41 - 2014-07-07 19:41 - 01645592 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
2011-01-17 15:19 - 2011-08-27 20:30 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-11-11 00:20 - 2014-11-11 00:20 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-13 13:35 - 2014-02-13 13:35 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2011-03-23 16:11 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-11-12 00:55 - 2014-11-12 00:55 - 16840880 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll
2010-11-24 11:08 - 2010-11-24 11:08 - 00050952 _____ () C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\IccLibApiWrapperDll.dll
2010-11-24 11:08 - 2010-11-24 11:08 - 00100616 _____ () C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\IccLibDll.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\4.avi:TOC.WMV
AlternateDataStreams: C:\Users\5.avi:TOC.WMV
AlternateDataStreams: C:\Users\6.avi:TOC.WMV
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:5925E400
AlternateDataStreams: C:\ProgramData\Temp:5D458568
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:8173A019
AlternateDataStreams: C:\ProgramData\Temp:96D0C06F
AlternateDataStreams: C:\ProgramData\Temp:9B750A13
AlternateDataStreams: C:\ProgramData\Temp:E79EFDA4

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\16696571.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\16696571.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4201896478-3710373697-1095196273-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-4201896478-3710373697-1095196273-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4201896478-3710373697-1095196273-1002 - Limited - Enabled)
Minako (S-1-5-21-4201896478-3710373697-1095196273-1000 - Administrator - Enabled) => C:\Users\Minako

==================== Faulty Device Manager Devices =============

Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: bd0001
Description: bd0001
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: bd0001
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: bd0004
Description: bd0004
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: bd0004
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 360Safe Anti Hacker Service
Description: 360Safe Anti Hacker Service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: 360AntiHacker
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: 360netmon
Description: 360netmon
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: 360netmon
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/15/2014 00:33:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 00:20:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 00:05:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 09:04:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/14/2014 09:04:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/14/2014 09:04:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/14/2014 02:31:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (11/14/2014 02:29:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/14/2014 02:29:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/14/2014 02:29:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (11/15/2014 00:32:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (11/15/2014 00:32:56 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (11/15/2014 00:32:56 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (11/15/2014 00:32:56 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (11/15/2014 00:32:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (11/15/2014 00:33:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 00:20:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 00:05:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/14/2014 09:04:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (11/14/2014 09:04:09 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (11/14/2014 09:04:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (11/14/2014 02:31:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (11/14/2014 02:29:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (11/14/2014 02:29:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe

Error: (11/14/2014 02:29:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe


CodeIntegrity Errors:
===================================
  Date: 2014-11-12 12:52:17.395
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\luafv.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 33%
Total physical RAM: 8173.98 MB
Available physical RAM: 5440.38 MB
Total Pagefile: 16346.14 MB
Available Pagefile: 13315.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:690.95 GB) (Free:96.02 GB) NTFS
Drive d: (DATA) (Fixed) (Total:691.21 GB) (Free:487.04 GB) NTFS
Drive p: (SPORE) (CDROM) (Total:3.9 GB) (Free:0 GB) UDF
Drive r: (RCT_DELUXE) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS
Drive s: (Sims2_EP5_1) (CDROM) (Total:0.73 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 7487BCAB)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=691 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=691.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Sorry für den Doppelpost, aber er ist gerade schon wieder ausgegangen.
Und zwar, als ich Starbound über Steam starten wollte.
Kann ja sein, dass er irgendwie überlastet ist oder so..?
__________________

Alt 15.11.2014, 21:48   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Rechner schaltet sich aus / hängt sich auf - Standard

Rechner schaltet sich aus / hängt sich auf



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Aff Packages

    Ask Toolbar Updater

    BrowseToSave

    DesktopWeatherAlerts

    FilesFrog Update Checker

    Google Update Helper

    Internet Explorer Toolbar 4.8 by SweetPacks (x32 Version: 4.8.0000 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION

    Messenger Plus! Community Smartbar (HKLM-x32\...\{A603614D-1D5A-4BDC-9046-03330ABC0F03}) (Version: 1.6.1.695 - Messenger Plus!) <==== ATTENTION

    SweetIM for Messenger 3.7

    SweetPacks bundle uninstaller

    Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION

    Wajam


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.11.2014, 00:46   #5
Minako
 
Rechner schaltet sich aus / hängt sich auf - Standard

Rechner schaltet sich aus / hängt sich auf



So, ich habe es jetzt zweimal ausprobiert.

ComboFix macht ab der Stelle nichts mehr, wo er die LogDatei vorbereitet.
Ich habe nachgegoogled (auf dem 3DS versteht sich, ich am Rechner nichts getan) und gelesen, dass das nur einige Momente dauern sollte.
Bei mir jedoch steht diese Anzeige 40 Minuten lang da und auch nach einem Neustart, hängt er an derselben Stelle. Ich kann also keinen LogFile bekommen..
Außerdem habe ich beim Uninstaller einige Dateien nicht gefunden..

BrowseToSave

Google Update Helper

Internet Explorer Toolbar 4.8 by SweetPacks (x32 Version: 4.8.0000 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION

Messenger Plus! Community Smartbar (HKLM-x32\...\{A603614D-1D5A-4BDC-9046-03330ABC0F03}) (Version: 1.6.1.695 - Messenger Plus!) <==== ATTENTION

SweetIM for Messenger 3.7

Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION

Diese Dateien hat er nicht gefunden, ich habe die Liste auch mehrfach gründlich durchsucht (sie war auch fertig geladen), aber die waren einfach nicht dabei.

Was soll ich jetzt machen? :/

Allerdings scheint er jetzt flüssiger zu laufen, als vorher.

Also es geht immernoch nicht weiter, aber kurz nachdem er die "LogDatei" erstellen will, landet im Verzeichnis die Textdatei, die sich seitdem auch nicht mehr erneuert hat. Also aktualisiert.
Daher hoffe ich einfach mal, dass der Log komplett ist..
Weil weiter geht es nicht.
Und vorhin hatte ich einen BlueScreen mit der Meldung, dass ein Problem aufgetreten wäre und Windows aus Sicherheitsgründen heruntergefahren wurde.

Code:
ATTFilter
ComboFix 14-11-15.01 - Minako 16.11.2014   0:17:19.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8174.6102 [GMT 1:00]
ausgeführt von:: C:\Users\Minako\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


(((((((((((((((((((((((   Dateien erstellt von 2014-10-15 bis 2014-11-15  ))))))))))))))))))))))))))))))


2014-11-15 23:25:25 . 2014-11-15 23:25:25	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2014-11-15 23:25:25 . 2014-11-15 23:25:25	--------	d-----w-	C:\Users\Administrator\AppData\Local\temp
2014-11-15 20:50:55 . 2014-11-15 20:50:55	--------	d-----w-	C:\Program Files (x86)\VS Revo Group
2014-11-15 17:59:28 . 2014-11-15 18:56:55	--------	d-----w-	C:\Program Files (x86)\Steam - Kopie
2014-11-15 11:54:49 . 2014-11-15 11:56:57	--------	d-----w-	C:\FRST
2014-11-14 11:15:56 . 2014-11-14 11:16:04	--------	d-----w-	C:\Users\Minako\AppData\Roaming\Zoo
2014-11-14 11:15:39 . 2014-11-14 11:15:39	--------	d-----w-	C:\Users\Minako\AppData\Roaming\CloudMedia
2014-11-13 18:36:45 . 2014-11-13 18:36:45	--------	d-----w-	C:\Users\Minako\AppData\Roaming\TERA
2014-11-13 18:34:30 . 2014-11-13 18:34:30	--------	d-----w-	C:\Users\Minako\AppData\Local\Gameforge4d
2014-11-13 18:34:23 . 2014-11-13 18:36:29	--------	d-----w-	C:\Program Files (x86)\GameforgeLive
2014-11-10 19:57:12 . 2014-11-10 19:57:12	--------	d-----w-	C:\Users\Minako\AppData\Roaming\AVG2014
2014-11-10 19:55:55 . 2014-11-10 19:55:55	--------	d-----w-	C:\$AVG
2014-11-10 19:55:36 . 2014-11-10 19:55:36	--------	d-----w-	C:\Program Files (x86)\AVG
2014-11-10 19:54:44 . 2014-11-10 21:11:07	--------	d-----w-	C:\Users\Minako\AppData\Local\Avg2014
2014-11-10 19:39:44 . 2014-11-10 19:39:44	--------	d-s---w-	C:\Windows\SysWow64\Microsoft
2014-11-10 19:33:22 . 2014-11-10 19:33:22	--------	d-----w-	C:\Users\Administrator\AppData\Local\Aeria Games
2014-11-10 19:32:13 . 2014-11-10 19:32:13	--------	d-----w-	C:\Users\Administrator\AppData\Local\AVG SafeGuard toolbar
2014-11-10 19:21:14 . 2014-11-10 19:21:17	--------	d-----w-	C:\Windows\SysWow64\vbox
2014-11-10 19:21:14 . 2014-11-10 19:21:17	--------	d-----w-	C:\Windows\system32\vbox
2014-11-06 18:39:19 . 2014-11-06 18:39:19	--------	d-----w-	C:\ProgramData\Avg_Update_1114tb
2014-11-06 15:30:28 . 2014-11-10 11:47:23	--------	d-----w-	C:\Users\Minako\AppData\Local\MyComGames
2014-11-04 12:24:11 . 2014-11-04 12:24:11	--------	d-----w-	C:\ProgramData\{plbackup-CFE0-66E8-660553B4C955}
2014-11-04 12:22:10 . 2014-11-04 12:22:14	--------	d-----w-	C:\Users\Minako\AppData\Roaming\ppslog
2014-11-04 12:21:54 . 2014-11-04 13:25:23	--------	d-----w-	C:\Users\Minako\AppData\Roaming\PPStream
2014-11-04 12:21:50 . 2014-11-04 12:34:57	--------	d-----w-	C:\ProgramData\IQIYI Video
2014-11-04 11:56:22 . 2014-11-04 11:56:22	--------	d-----w-	C:\Users\Administrator\AppData\Roaming\360Login
2014-11-04 11:56:10 . 2014-11-04 11:57:28	--------	d-----w-	C:\Users\Administrator\AppData\Roaming\360Safe
2014-11-01 11:19:14 . 2014-11-01 11:19:20	--------	d-----w-	C:\ProgramData\LocalStorage
2014-11-01 11:13:17 . 2014-11-01 11:13:18	--------	d-----w-	C:\Qiyi
2014-10-31 23:25:11 . 2014-10-31 23:25:11	--------	d-----w-	C:\Users\Minako\AppData\Roaming\DataRepair
2014-10-31 23:20:14 . 2014-11-15 19:35:24	--------	d-----w-	C:\Users\Public\FunAcce
2014-10-31 21:58:44 . 2014-10-31 21:58:44	--------	d-sh--w-	C:\Users\Minako\AppData\Roaming\360Quarant
2014-10-31 21:58:44 . 2014-10-31 21:58:44	--------	d-----w-	C:\$360Section
2014-10-31 19:08:18 . 2014-10-31 19:08:18	--------	d-----w-	C:\ProgramData\{plbackup-CFE0-66E8-660553B4C954}
2014-10-31 19:08:16 . 2014-11-01 11:20:59	--------	d-----w-	C:\Users\Minako\AppData\Roaming\360se6
2014-10-31 19:03:29 . 2014-10-31 19:03:29	--------	d-----w-	C:\Users\Minako\AppData\Roaming\360Login
2014-10-31 19:03:28 . 2014-11-04 12:11:52	--------	d-----w-	C:\ProgramData\360safe
2014-10-21 19:13:00 . 2014-10-21 19:13:00	--------	d-----w-	C:\Users\Minako\AppData\Local\Skype
2014-10-21 19:12:56 . 2014-10-21 19:12:56	--------	d-----w-	C:\Program Files (x86)\Common Files\Skype
2014-10-21 19:12:56 . 2014-10-21 19:12:56	--------	d-----r-	C:\Program Files (x86)\Skype
.


((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-11-11 23:55:29 . 2012-11-27 10:57:12	71344	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-11 23:55:29 . 2012-11-27 10:57:12	701104	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-28 09:42:37 . 2012-07-17 13:37:10	23256	----a-w-	C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-02-26 01:09:44 . 2014-02-25 18:55:27	49940480	----a-w-	C:\Program Files (x86)\GUT4692.tmp


((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))


*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-08-25 16:02:38	3627032	----a-w-	C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F1AC60D5-86C6-15D1-8646-CB1A182D2AA4}]
2014-01-24 08:10:12	1189248	----a-w-	C:\Program Files (x86)\BaiduAddr\{F1AC60D5-86C6-15D1-8646-CB1A182D2AA4}\AddressBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll" [2014-08-25 16:02:38 3627032]

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\Minako\AppData\Local\Akamai\netsession_win.exe" [2014-10-29 22:25:46 4673432]
"ONAIR"="C:\Program Files\ONAIR\ONAIR.exe" [2013-04-27 21:37:40 3525120]
"EADM"="C:\Program Files (x86)\Origin\Origin.exe" [2012-01-11 23:29:00 28201096]
"arvsij"="C:\ProgramData\arvsij.dat" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 16:32:30 283160]
"ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-05-13 13:42:54 177448]
"Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2011-01-19 01:08:08 620136]
"VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 13:33:08 89456]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 08:04:54 252848]
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 11:37:14 517096]
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 14:26:58 1073312]
"NBKeyScan"="C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 07:51:46 1836328]
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 11:18:46 49208]
"Aeria Ignite"="C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" [2013-06-06 21:59:45 1925656]
"vProt"="C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" [2014-08-25 16:02:37 2640408]
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe" [2014-08-25 10:37:18 5188112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Arvo"="C:\Program Files (x86)\ROCCAT\Arvo Keyboard\ArvoHID.EXE" [2010-04-01 15:30:56 582144]
"QyKernel"="D:\IQIYI Video\LStyle\QyKernel.exe" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 03:24:28 73216]

C:\Users\Minako\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
FILSHtray.lnk - C:\Program Files (x86)\FILSHtray\FILSHtray.exe [2012-4-18 594432]
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

R1 360AntiHacker;360Safe Anti Hacker Service;C:\Windows\system32\Drivers\360AntiHacker64.sys;C:\Windows\SYSNATIVE\Drivers\360AntiHacker64.sys [x]
R1 360Box64;360Box mini-filter driver;C:\Windows\system32\DRIVERS\360Box64.sys;C:\Windows\SYSNATIVE\DRIVERS\360Box64.sys [x]
R1 360FsFlt;360FsFlt mini-filter driver;C:\Windows\system32\DRIVERS\360FsFlt.sys;C:\Windows\SYSNATIVE\DRIVERS\360FsFlt.sys [x]
R1 360netmon;360netmon;C:\Windows\system32\DRIVERS\360netmon.sys;C:\Windows\SYSNATIVE\DRIVERS\360netmon.sys [x]
R1 BAPIDRV;BAPIDRV;C:\Windows\system32\DRIVERS\BAPIDRV64.sys;C:\Windows\SYSNATIVE\DRIVERS\BAPIDRV64.sys [x]
R1 bd0004;bd0004;C:\Windows\system32\DRIVERS\bd0004.sys;C:\Windows\SYSNATIVE\DRIVERS\bd0004.sys [x]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R2 tor;Tor Win32 Service;C:\Program Files (x86)\Tor\tor.exe;C:\Program Files (x86)\Tor\tor.exe [x]
R3 360Camera;360Safe Camera Filter Service;C:\Windows\system32\Drivers\360Camera64.sys;C:\Windows\SYSNATIVE\Drivers\360Camera64.sys [x]
R3 EagleX64;EagleX64;C:\Windows\system32\drivers\EagleX64.sys;C:\Windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe;C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 NLNdisMP;NLNdisMP;C:\Windows\system32\DRIVERS\nlndis.sys;C:\Windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;C:\Windows\system32\DRIVERS\nlndis.sys;C:\Windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des;C:\Windows\SYSNATIVE\GameMon.des [x]
R3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 360Hvm;360Safe HVM;C:\Windows\system32\Drivers\360Hvm64.sys;C:\Windows\SYSNATIVE\Drivers\360Hvm64.sys [x]
R4 MsgPlusService;Messenger Plus! Service;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe;C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [x]
S0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys;C:\Windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;C:\Windows\system32\DRIVERS\avgloga.sys;C:\Windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys;C:\Windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys;C:\Windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;C:\Windows\system32\DRIVERS\avgdiska.sys;C:\Windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys;C:\Windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys;C:\Windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys;C:\Windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;C:\Windows\system32\drivers\avgtpx64.sys;C:\Windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys;C:\Windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IOCBIOS;IOCBIOS;C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys;C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.sys [x]
S2 Live Updater Service;Live Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [x]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 USBDLM;USBDLM;C:\Users\Minako\Documents\USBDLM\USBDLM.exe;C:\Users\Minako\Documents\USBDLM\USBDLM.exe [x]
S2 vToolbarUpdater18.1.9;vToolbarUpdater18.1.9;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [x]
S2 XTUService;Intel(R) Extreme Tuning Utility;C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe;C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [x]
S3 ArvoFltr;ROCCAT Arvo;C:\Windows\system32\drivers\ArvoFltr.sys;C:\Windows\SYSNATIVE\drivers\ArvoFltr.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\system32\DRIVERS\ICCWDT.sys;C:\Windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 KovaPlusFltr;ROCCAT Kova[+] Mouse;C:\Windows\system32\drivers\KovaPlusFltr.sys;C:\Windows\SYSNATIVE\drivers\KovaPlusFltr.sys [x]
S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{5YUDD443-Q68X-NPXN-1747-Q030I3TGISKP}]
C:\Users\Minako\AppData\Roaming\Microsoft\winlogon.exe [BU]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{DD55B863-7433-451F-9ECF-C207D766E3AB}]
C:\Users\Minako\AppData\Local\lsass.exe [BU]

Inhalt des "geplante Tasks" Ordners

2014-11-15 C:\Windows\Tasks\Adobe Flash Player Updater.job
- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-22 10:28:50 . 2014-11-11 23:55:30]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\360UDiskGuard Icon Overlay]
@="{CC00F81D-5262-450A-B1FA-D6BEE3406263}"
[HKEY_CLASSES_ROOT\CLSID\{CC00F81D-5262-450A-B1FA-D6BEE3406263}]
2014-05-06 02:54:00	221000	------w-	C:\Program Files (x86)\360\360Safe\safemon\360UDiskGuard64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FunOverlay]
@="{A5662DF9-0C2E-4A56-9FE1-BACFF6966D88}"
[HKEY_CLASSES_ROOT\CLSID\{A5662DF9-0C2E-4A56-9FE1-BACFF6966D88}]
2014-11-03 11:33:06	347984	----a-w-	C:\Users\Public\Fundata\Lucifer.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 08:17:38 11464296]
         


Geändert von Minako (15.11.2014 um 23:54 Uhr)

Alt 16.11.2014, 18:07   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Rechner schaltet sich aus / hängt sich auf - Standard

Rechner schaltet sich aus / hängt sich auf



Was Dun in Revo nicht findest über Windows deinstallieren, falls möglich. Auf jeden Fall so weiter:


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Rechner schaltet sich aus / hängt sich auf

Antwort

Themen zu Rechner schaltet sich aus / hängt sich auf
aff packages entfernen, ask toolbar updater entfernen, blockiert, browsetosave entfernen, computer friert ein, computer hängt sich auf, conduit-search, conduit-search entfernen, desktopweatheralerts entfernen, fehlercode 0x0, fehlercode 24, fehlercode windows, fehlermeldung, filesfrog update checker entfernen, funktioniert, gruppenrichtlinie blockiert, hardwarefehler, mobogenie, mobogenie entfernen, nationzoom, nationzoom entfernen, programm, schaltet sich aus, sweetpacks bundle uninstaller entfernen, this device cannot start. (code10), wajam entfernen




Ähnliche Themen: Rechner schaltet sich aus / hängt sich auf


  1. Rechner hängt sich komplett auf
    Netzwerk und Hardware - 28.09.2015 (17)
  2. Windows 7 Laptop: Avira blockiert Registryzugriffe und der Rechner schaltet sich unregelmäßig und plötzlich aus.
    Log-Analyse und Auswertung - 18.04.2015 (15)
  3. HDvid Codec V1 eingefangen, lässt sich nicht deinstallieren, Rechner hängt sich bei Beutzerwechsel auf
    Log-Analyse und Auswertung - 28.09.2013 (15)
  4. Rechner hängt sich auf
    Plagegeister aller Art und deren Bekämpfung - 18.11.2011 (3)
  5. Rechner schaltet sich während Virenscan immer ab!
    Log-Analyse und Auswertung - 18.05.2011 (1)
  6. Rechner schaltet sich ohne Vorwarnung einfach aus
    Log-Analyse und Auswertung - 09.04.2011 (36)
  7. Rechner hängt sich ständig auf.....
    Log-Analyse und Auswertung - 20.08.2010 (6)
  8. Rechner schaltet sich aus
    Log-Analyse und Auswertung - 20.05.2010 (1)
  9. PC hängt sich ständig auf, bzw. Monitor schaltet sich an und aus
    Netzwerk und Hardware - 12.04.2010 (4)
  10. Rechner schaltet sich bei grösseren Programmen aus
    Netzwerk und Hardware - 05.04.2009 (1)
  11. Rechner hängt sich auf
    Plagegeister aller Art und deren Bekämpfung - 18.11.2008 (2)
  12. Rechner schaltet sich ab
    Log-Analyse und Auswertung - 17.04.2008 (1)
  13. Rechner schaltet sich selbstständig aus
    Plagegeister aller Art und deren Bekämpfung - 13.03.2008 (3)
  14. Rechner hängt sich auf
    Mülltonne - 08.03.2008 (0)
  15. Rechner schaltet sich nach einigen Sekunden aus
    Netzwerk und Hardware - 28.05.2007 (2)
  16. Rechner schaltet sich ab
    Netzwerk und Hardware - 01.01.2005 (6)
  17. Rechner hängt sich laufend auf!!!
    Alles rund um Windows - 26.10.2004 (1)

Zum Thema Rechner schaltet sich aus / hängt sich auf - Hallo ihr Lieben. So langsam gerate ich an den Rand der Verzweiflung. Denn mein Computer hat seit einiger Zeit die Angewohnheit, sich nach dem Hochfahren direkt wieder auszuschalten. Es variiert - Rechner schaltet sich aus / hängt sich auf...
Archiv
Du betrachtest: Rechner schaltet sich aus / hängt sich auf auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.