| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: C:\windows\scorl.trojan.general.exeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
05.10.2014, 16:25
| #1 |
| /// the machine /// TB-Ausbilder    |  C:\windows\scorl.trojan.general.exe hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.10.2014, 15:41
| #2 | |
 | C:\windows\scorl.trojan.general.exeZitat:
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014
Ran by Pascal at 2014-10-06 13:48:21
Running from C:\Users\Pascal\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Computer Schutz (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Schutz (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
aartemis Browser Protecter (HKLM-x32\...\aartemis Browser Protecter) (Version: - aartemis) <==== ATTENTION
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.5) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version: - )
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version: - )
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo DE Toolbar (HKLM-x32\...\Ashampoo_DE Toolbar) (Version: 6.9.0.16 - Ashampoo DE) <==== ATTENTION
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BetterAds (HKLM-x32\...\BetterAds) (Version: 2.1 - BetterAds.org)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Bridge! (HKLM-x32\...\{22EDD164-65D5-41DD-961E-08C7CDA4D471}) (Version: 1.16 - aerosoft)
BrowseToSave (HKLM\...\{6AC05D09-0A51-4D64-AF8F-4273B1237FFF}) (Version: 1.0 - ) <==== ATTENTION
Bus Driver Gold 1.1 (HKLM-x32\...\Bus Driver Gold) (Version: 1.1 - Halycon Media)
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version: - astragon)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Codec Pack Packages (HKCU\...\Codec Pack Packages) (Version: - ) <==== ATTENTION
CodeTwo QR Code Desktop Reader (HKLM-x32\...\{8E03824D-0FCC-4AAE-BBE3-3B544BE3876F}) (Version: 1.0.0 - CodeTwo)
Computer Security 12.83.104.0 (release) (x32 Version: 12.83.104.0 - F-Secure Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1817_38674 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.2408 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.2408 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink PowerRecover (x32 Version: 5.5.4125 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dachser Global Player (HKLM-x32\...\Dachser Global Player) (Version: - )
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft)
Delta toolbar (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta) <==== ATTENTION
DesktopWeatherAlerts (HKCU\...\DesktopWeatherAlerts) (Version: 1.0.29.0 - Local Weather LLC) <==== ATTENTION
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Dieselpreisupdater Version 5.0.3.0 (HKLM-x32\...\{51AC56BF-FBA6-4F8F-A111-B43370F736DD}_is1) (Version: 5.0.3.0 - Life! Software)
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DiskAid 5.46 (HKLM-x32\...\DiskAid_is1) (Version: 5.46 - DigiDNA)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION
Driver Genius (HKLM-x32\...\Driver Genius_is1) (Version: 14.0 - Driver-Soft Inc.)
English G 21 e-Workbook A2 (HKLM-x32\...\{22FB3F97-8FEA-4383-B5EF-D707EEE97FFC}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
f.lux (HKCU\...\Flux) (Version: - )
F1 2011 (x32 Version: 1.0.0002.129 - Codemasters) Hidden
FBDownloader (HKCU\...\fbDownloader) (Version: 1.0 - HTTO Group Ltd)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Flash Chess 3 (HKLM-x32\...\{70983EE0-5FA9-47A3-8BAB-FD8686E10469}_is1) (Version: - ePlaybus.com)
FLV Player (HKCU\...\FLV Player) (Version: 1.0 - Somoto Ltd.) <==== ATTENTION
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Ride Games Player (HKLM-x32\...\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}) (Version: - Exent Technologies Ltd) <==== ATTENTION
Free Screen To Video V 2.0 (HKLM-x32\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)
Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2013 FreeSoundRecorder Technologies, Inc.)
Free Studio version 5.9.0.1212 (HKLM-x32\...\Free Studio_is1) (Version: 5.9.0.1212 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.0.0 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.0 - Ellora Assets Corporation)
F-Secure CCF Reputation (x32 Version: 1.0.25.1877 - F-Secure) Hidden
F-Secure CCF Scanning 1.43.102.193 (release) (x32 Version: 1.43.102.193 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.128 (x32 Version: 1.02.128.1 - F-Secure Corporation) Hidden
FSX_Screensaver (HKLM-x32\...\FSX_Screensaver) (Version: - )
FTDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - FTDownloader.com) <==== ATTENTION
FVPN Connect (HKLM-x32\...\FVPN Connect) (Version: 1.8.0.0 - FVPN)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Gameforge Live 2.0.3 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.3 - Gameforge)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GoforFiles (HKCU\...\GoforFiles) (Version: 1.8.1 - hxxp://www.goforfiles.com/) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HD-Quality-v3V30.09 (HKLM-x32\...\HD-Quality-v3V30.09) (Version: 1.35.9.29 - HD-Quality-v3V30.09)
holasearch toolbar (HKLM-x32\...\holasearch) (Version: 1.8.16.16 - holasearch) <==== ATTENTION
HQCinema1.9V01.10 (HKLM-x32\...\HQCinema1.9V01.10) (Version: 1.35.9.29 - HQCinemaV01.10)
iMesh (x32 Version: 11.0.0.129514 - iMesh Inc.) Hidden <==== ATTENTION
Incredibar Toolbar on IE (HKLM-x32\...\incredibar) (Version: - ) <==== ATTENTION
InetStat (HKCU\...\InetStat) (Version: 0.5b - InetStat)
Installer (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
InterVideo DeviceService (HKLM-x32\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kabel BW Programme (HKLM-x32\...\F-Secure ServiceEnabler 47731) (Version: 1.83.311.0 - F-Secure Corporation)
Kabel BW Programme (x32 Version: 1.83.311.0 - F-Secure Corporation) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
LEGO Insel 2 (HKLM-x32\...\{85967580-EBC2-11D4-AEA3-0050046A88ED}) (Version: - )
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
maxdome - Online Videothek (HKLM\...\maxdome - Online Videothek) (Version: 1.0 - maxdome GmbH und Co. KG)
Media Buzz (HKLM-x32\...\MediaBuzzV1mode6846) (Version: 1.1 - Media Buzz) <==== ATTENTION
Media Player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}) (Version: 1.0.0004.129 - Microsoft Studios)
Microsoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000058100}) (Version: 1.0.0005.129 - Microsoft Studios)
Microsoft Flight (x32 Version: 1.0.0004.129 - Microsoft Studios) Hidden
Microsoft Flight (x32 Version: 1.0.0005.129 - Microsoft Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0406-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0408-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040C-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040E-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0410-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0415-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041F-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0424-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{9B3F0A88-790D-3AD9-9F96-B19CF2746452}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Moorhuhn Remake (HKLM-x32\...\{52210D57-0B1F-4681-90DD-8659DF4BCC40}) (Version: 1.00.0000 - )
Moorhuhn Total 4 (HKLM-x32\...\{227B798F-4300-4727-A3F1-2B8F2727BE06}) (Version: 1.00.0000 - )
MouseServer Version 1.2.0 (HKLM-x32\...\{E13018F5-FFC7-4729-9C1B-1A85807D03E6}_is1) (Version: 1.2.0 - Necta Co.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 de)) (Version: 17.0.8 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyBestOffersToday 014.111 (HKLM-x32\...\mbot_de_111_is1) (Version: - MYBESTOFFERSTODAY) <==== ATTENTION
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
MySafeProxy for Internet Explorer (HKLM-x32\...\{2535ED3F-5ADD-4A65-B07F-82F04C7358E7}) (Version: 1.0.6 - XTRM Group Ltd.)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.2 - Notepad++ Team)
n-tv plus (HKLM-x32\...\{FC1B9FBC-5550-433F-AFEC-2EC930C14EBB}) (Version: 7.4.3.0 - n-tv Nachrichtenfernsehen GmbH)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OffersWizard Network System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - ) <==== ATTENTION
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Online Safety 2.83.1346.10 (x32 Version: 2.83.1346.10 - F-Secure Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
OpenTTD 1.4.2 (HKLM-x32\...\OpenTTD) (Version: 1.4.2 - OpenTTD)
Opera Stable 24.0.1558.64 (HKLM-x32\...\Opera 24.0.1558.64) (Version: 24.0.1558.64 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.208.0 - Tracker Software Products Ltd)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Effects Studio 3.15 (HKLM-x32\...\{A97C9A80-DD35-48DF-8D57-308B2DE116E2}_is1) (Version: - AMS Software)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plus-HD-2.6 (HKLM-x32\...\Plus-HD-2.6) (Version: 1.28.153.1 - Plus HD) <==== ATTENTION
Poczta usługi Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Prince of Persia The Sands of Time (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Rapture3D 2.4.9 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
RegistryBooster (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E997}_is1) (Version: 6.1.2.1 - Uniblue Systems Limited)
Roll (HKLM-x32\...\RollerCoaster Tycoon Setup) (Version: - )
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
Schatzjäger 3 (HKLM-x32\...\{CDABABCC-3341-444A-A0A9-9F0F9890C75F}) (Version: 1.00.0000 - )
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Search Assistant WebSearch 1.74 (HKLM-x32\...\SP_4e24eecb) (Version: - ) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.16.20.149 - Client Connect LTD) <==== ATTENTION
SearchCore for Browsers (HKLM-x32\...\SearchCore for Browsers) (Version: 3.0.0.115676 - Bandoo Media Inc) <==== ATTENTION
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version: - )
SimCity 3000 (HKLM-x32\...\SimCity 3000) (Version: - )
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Softonic toolbar on IE and Chrome (HKLM-x32\...\Softonic) (Version: 1.8.16.10 - Softonic) <==== ATTENTION
SoftwareUpdater (HKLM-x32\...\SoftwareUpdater) (Version: - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spelunky HD 1.0 (HKLM-x32\...\Spelunky HD 1.0) (Version: 1.0 - Cat-A-Cat)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 1.FFD.2009 - Thrustmaster)
Tivola Maus 3 (HKLM-x32\...\Tivola Maus 3) (Version: - )
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version: - Ubisoft)
Tropix Deluxe (remove only) (HKLM-x32\...\Tropix Deluxe) (Version: - )
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132 - TuneUp Software) Hidden
TV Wizard (HKLM-x32\...\TVWizard) (Version: 2.7.39 - Small Island Development) <==== ATTENTION
Ulead VideoStudio 11 (HKLM-x32\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)
Uncompressor Packages (HKCU\...\Uncompressor Packages) (Version: - ) <==== ATTENTION
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Codec Pack (HKCU\...\DigitalSite) (Version: - ) <==== ATTENTION
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VideoPlayer v2.0.6 (HKLM-x32\...\VideoPlayer) (Version: v2.0.6 - TUGUU SL) <==== ATTENTION
VideoStudio (x32 Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden
Virtual Router v0.9 Beta (HKLM-x32\...\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}) (Version: 0.9.0 - Chris Pietschmann)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WAS IST WAS - Das Wissens-Quiz (HKLM-x32\...\WAS IST WAS - Das Wissens-Quiz) (Version: - )
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WATCH_DOGS Hotfix (HKLM-x32\...\V0FUQ0hfRE9HUw==_is1) (Version: 1 - )
Web Assistant 2.0.0.604 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.604 - IncrediBar) <==== ATTENTION
Web Protect for Windows (HKLM-x32\...\wp-dcollect-tgu) (Version: 10.0.0 - PC Publishing) <==== ATTENTION
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.1.4.1420 - 1&1 Mail & Media GmbH)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Product Key Finder Pro® 2.3 (HKLM-x32\...\Windows Product Key Finder Pro®_is1) (Version: - )
Windows Searchqu Toolbar (HKLM-x32\...\Searchqu 417 MediaBar) (Version: 3.0.0.115676 - Bandoo Media Inc) <==== ATTENTION
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wondershare MobileGo for Android ( Version 4.4.0 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1) (Version: 4.4.0 - Wondershare)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yontoo 1.10.03 (HKLM-x32\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.03 - Yontoo LLC) <==== ATTENTION
ZDFmediathek Version 2.1.6 (HKLM\...\ZDFmediathek_is1) (Version: - ZDF)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
24-09-2014 18:16:02 Windows Update
30-09-2014 12:44:23 Windows Update
01-10-2014 19:15:25 Windows Update
02-10-2014 17:51:49 DirectX wurde installiert
04-10-2014 04:54:03 DirectX wurde installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0404C01A-11DE-4222-8F3B-2763CD869A63} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {05786AC0-114D-44F0-8E2C-62F31090FDD2} - System32\Tasks\Software Updater => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Bootstrapper.exe
Task: {1342FA41-A9F0-40E0-93EC-C39A906CBCC4} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-11 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-11.exe
Task: {2C2A736D-44FE-4715-BABF-F8AFDD84F2CA} - System32\Tasks\Plus-HD-2.6-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-chromeinstaller.exe
Task: {2EBDB300-9426-4366-8158-CDF989D41923} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-03] (Google Inc.)
Task: {31984779-AAE2-499E-ADF1-61CC2C5DDB3F} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe [2014-10-01] (HQCinemaV01.10)
Task: {3AC3580C-B73B-4968-AB31-F17B84D1A5B9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {3E7402E9-EE80-4B26-A9A1-585817228AD4} - System32\Tasks\{78820E6C-3A90-41A3-A2BE-50AE404C44A4} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {41374B15-E0FE-4410-B550-F34E7F170322} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-23] (Microsoft Corporation)
Task: {417285EF-F22E-4514-9A50-DC45D1D23EBD} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-09-10] (MyPCBackup.com) <==== ATTENTION
Task: {43CF7539-AD05-4BB5-9FA8-DCD3F52B7F09} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-09-10] (MyPC Backup) <==== ATTENTION
Task: {43DCE29F-4DEC-4759-B40B-3C46355679D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-23] (Microsoft Corporation)
Task: {4B110536-0164-41A2-B705-F552EA88B8B5} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1 => C:\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-codedownloader.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {5502C6AD-7B71-443A-B898-491AB7581E5F} - System32\Tasks\RegistryBooster Maintenance => C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe [2013-11-11] (Uniblue Systems Limited)
Task: {589524FE-8CB9-408E-83E0-7C5C3961EE5E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-01] (globalUpdate) <==== ATTENTION
Task: {5F0A8EFA-4B49-4EBB-B69C-BCF3357C0855} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {69FBF8DE-7E14-4E49-A7A5-D35AA363428A} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {7693F95F-CA03-45DD-9861-0AF83B80D458} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-2.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {76FD3B02-58C4-43E6-81D9-F64678074602} - System32\Tasks\Plus-HD-2.6-firefoxinstaller => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe
Task: {7DD1EE1A-5832-47ED-912C-40A0EBDB616C} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-7.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {87428237-7453-4673-AC20-9575E76BC132} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5_user => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe [2014-10-01] (HQCinemaV01.10)
Task: {87C30292-5223-4AF9-8406-57DBCF0A6243} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {88D300BA-5CC7-4F8B-95C2-C4661AF5C9BD} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.exe [2014-10-01] (HQCinemaV01.10)
Task: {94DA8EDD-67C4-457E-A9F1-0CC29BDD9DD8} - System32\Tasks\Digital Sites => C:\Users\Pascal\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {962F376C-0C9F-4070-880B-CE56C2E02DBC} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-01] (globalUpdate) <==== ATTENTION
Task: {97E7FCF4-E158-4591-A738-DCCD9C33ED59} - System32\Tasks\Plus-HD-2.6-codedownloader => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe
Task: {9BAEE684-837B-4429-AD18-FAD1972757F6} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Ui.exe
Task: {A1F715B3-43C0-4565-A823-6E2565F6EF7A} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe [2014-10-01] (HQCinemaV01.10)
Task: {A2E221B2-A913-43AE-BAE8-200AFC57BD66} - System32\Tasks\Opera scheduled Autoupdate 1389385127 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)
Task: {A3B4B872-4216-4912-A1D4-E6E03B8F3286} - System32\Tasks\DigitalSite => C:\Users\Pascal\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {A94D95F8-F16C-4D21-BEDA-D1E7AE38C161} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {AD0E039C-AEBF-497B-9438-5F432CFA6274} - System32\Tasks\Plus-HD-2.6-enabler => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe
Task: {ADD32BCA-85B6-4FFD-B4F3-1EDB629AFCC5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-03] (Google Inc.)
Task: {B1ECC03B-359D-451B-B6E2-0BC374B67181} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {BFBC6E98-AFD7-4B4F-AF7E-76278BF8504A} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-3 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-3.exe
Task: {BFFD6786-9C3E-4833-A179-6BEDB7433276} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {C4496CAE-63F0-447C-B3F7-861465191B80} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {C700E5A5-2379-4A6E-B8B8-65F116341A18} - System32\Tasks\EPUpdater => C:\Users\Pascal\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] () <==== ATTENTION
Task: {C9DDF911-A07A-444E-9F0C-861CD54BC1D9} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe [2013-04-19] (hxxp://www.goforfiles.com/) <==== ATTENTION
Task: {D046C31F-A232-442A-B5D6-B63FF3F224F2} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsav.exe [2013-08-14] (F-Secure Corporation)
Task: {D1A89B92-A5AB-4362-845F-92A4E0469735} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {D55979DC-62C8-4519-9B73-A2F0E551BBEA} - System32\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a => C:\Program Files (x86)\HQCinema1.9V01.10\1242f82e-6c0d-47d3-a2c9-9feb3999108a.exe [2014-10-01] (HQCinemaV01.10)
Task: {D5D5BBDE-5701-43E1-BDC8-9126524D8334} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-3 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-3.exe
Task: {D786D54F-71D1-4639-B2FA-DD700043E4CF} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {DB22AB67-10C2-439C-A978-72E1D4678E6F} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.exe [2014-10-01] (HQCinemaV01.10)
Task: {E35AF2E9-1DBB-4BC5-858F-B603852AE2E2} - System32\Tasks\Funmoods => C:\Users\Pascal\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: {E9915F7A-21B4-4CBB-8C6B-92DCDDFE07C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {ED4B16E7-A5F7-4100-8F5F-729B6156C3F6} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1 => C:\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-codedownloader.exe [2014-10-01] (HQCinemaV01.10)
Task: {EDDA7E8E-146D-4A08-97A1-0C444A89EB2D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {EE1AF0CA-E770-4B64-A7E4-D65B84DE28E0} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-4 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-4.exe
Task: {F17B35A7-386A-4B14-BBAD-FDB0F134DDA1} - System32\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716 => C:\Program Files (x86)\HD-Quality-v3V30.09\c6ac72ed-56b8-40ca-9074-9efe04ef1716.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {F1F485A8-D28B-43EA-9917-536630CCBA01} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-11 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-11.exe
Task: {F49FBE32-7014-40F0-9556-141FD559D261} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {F4DCFBA9-B4AB-407D-9B56-FF7265A34598} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: C:\Windows\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a.job => C:\Program Files (x86)\HQCinema1.9V01.10\1242f82e-6c0d-47d3-a2c9-9feb3999108a.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1.job => C:\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-codedownloader.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-11.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-11.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-2.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-3.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-3.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5_user.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-7.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1.job => C:\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-codedownloader.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-11.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-11.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-3.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-3.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-4.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-4.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5_user.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716.job => C:\Program Files (x86)\HD-Quality-v3V30.09\c6ac72ed-56b8-40ca-9074-9efe04ef1716.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Pascal\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Pascal\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.6-enabler.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegistryBooster Maintenance.job => C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~2\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsav.exe
Task: C:\Windows\Tasks\SUU.job => C:\Users\Pascal\AppData\Roaming\SUU.exe
==================== Loaded Modules (whitelisted) =============
2012-01-24 01:22 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-11 04:21 - 2014-02-11 04:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-03-19 14:38 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-15 14:58 - 2014-09-17 14:31 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 _____ () C:\monitor.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: bonanzadealslivem => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: SafetyNutManager => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SrvUpdater => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: WajamUpdater => 2
MSCONFIG\Services: Web Assistant Updater => 2
MSCONFIG\Services: WebClient => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MobileGo Service.lnk => C:\Windows\pss\MobileGo Service.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk => C:\Windows\pss\Virtual Router Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Pascal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopWeatherAlerts.lnk => C:\Windows\pss\DesktopWeatherAlerts.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pascal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pascal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pascal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ubisoft register.lnk => C:\Windows\pss\Ubisoft register.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pascal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Weather Alerts.lnk => C:\Windows\pss\Weather Alerts.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BloatFish => C:\Program Files (x86)\Freetec\BloatFish\BloatFish.Ui.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Pascal\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: DataMgr => "C:\Users\Pascal\AppData\Roaming\DataMgr\DataMgr.exe"
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
MSCONFIG\startupreg: DriverTurbo => C:\Program Files (x86)\DriverTurbo\DriverTurbo.exe
MSCONFIG\startupreg: FLV Player => C:\Users\Pascal\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_1BB0B968DB2E1DD5640AAF2B69FD58ED => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: InetStat => C:\Users\Pascal\AppData\Roaming\InetStat\inetstat.exe
MSCONFIG\startupreg: Intermediate => "C:\Users\Pascal\AppData\Roaming\Intermediate\Intermediate.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: mbot_de_111 => "C:\Program Files (x86)\mbot_de_111\mbot_de_111.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: NTRedirect => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Pascal\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: OMESupervisor => C:\Users\Pascal\AppData\Local\omesuperv.exe
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: PrivitizeVPN => C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SCheck => "C:\Users\Pascal\AppData\Roaming\SCheck\SCheck.exe" check
MSCONFIG\startupreg: SDP => C:\Users\Pascal\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
MSCONFIG\startupreg: SearchEngineProtection => C:\Program Files (x86)\GamesBar\update\SearchEngineProtection.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SiteRanker => "C:\Program Files (x86)\SiteRanker\SiteRankTray.exe"
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: Snoozer => "C:\Users\Pascal\AppData\Roaming\Snz\Snz.exe"
MSCONFIG\startupreg: SSync => "C:\Users\Pascal\AppData\Roaming\SSync\SSync.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Wondershare Helper Compact => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-3934173735-3769707255-3857861622-500 - Administrator - Disabled)
Gast (S-1-5-21-3934173735-3769707255-3857861622-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3934173735-3769707255-3857861622-1007 - Limited - Enabled)
Pascal (S-1-5-21-3934173735-3769707255-3857861622-1001 - Administrator - Enabled) => C:\Users\Pascal
Susu (S-1-5-21-3934173735-3769707255-3857861622-1010 - Limited - Enabled) => C:\Users\Susu
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: nethfdrv
Description: nethfdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nethfdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/06/2014 01:48:31 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 3 2014-10-06 13:48:31+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\windows\mod_frst.exe
File hash: 4bb423ae4bf7b46ba1cd43c521cf9314c03cf8c4
Error: (10/06/2014 01:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 2 2014-10-06 13:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe
File hash: ecc329d37f6197b2aa59a824c35b4dc2140fdc02
Error: (10/06/2014 01:43:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MySafeProxyMonitor.exe, Version: 1.0.10.0, Zeitstempel: 0x54296dcc
Name des fehlerhaften Moduls: MySafeProxyMonitor.exe, Version: 1.0.10.0, Zeitstempel: 0x54296dcc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00050c50
ID des fehlerhaften Prozesses: 0xfe0
Startzeit der fehlerhaften Anwendung: 0xMySafeProxyMonitor.exe0
Pfad der fehlerhaften Anwendung: MySafeProxyMonitor.exe1
Pfad des fehlerhaften Moduls: MySafeProxyMonitor.exe2
Berichtskennung: MySafeProxyMonitor.exe3
Error: (10/06/2014 01:40:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 1 2014-10-06 13:40:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hqcinema1.9v01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe
File hash: a18c0c54cdd97a25d85c53ef1f55a7b039587779
Error: (10/06/2014 01:33:26 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (10/05/2014 07:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 32 2014-10-05 19:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe
File hash: ecc329d37f6197b2aa59a824c35b4dc2140fdc02
Error: (10/05/2014 07:40:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 31 2014-10-05 19:40:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hqcinema1.9v01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe
File hash: a18c0c54cdd97a25d85c53ef1f55a7b039587779
Error: (10/05/2014 06:45:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 30 2014-10-05 18:45:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe
File hash: 064fc06a2eefdc56bead8407259c52ef7081e72d
Error: (10/05/2014 06:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 29 2014-10-05 18:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\hd-quality-v3v30.09-codedownloader.exe
File hash: 9e52c47fc494aff0440088e483b18d7011fb946c
Error: (10/05/2014 06:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 28 2014-10-05 18:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe
File hash: 93a8eaa8b380efdb76dcf80f24da42f8efaf94b4
System errors:
=============
Error: (10/06/2014 01:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "MySafeProxy Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 900000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/06/2014 01:38:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
Error: (10/06/2014 01:38:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
Error: (10/06/2014 01:38:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
Error: (10/06/2014 01:38:35 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
Error: (10/06/2014 01:33:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
nethfdrv
Error: (10/06/2014 01:33:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Protect Monitor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/06/2014 01:33:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Protect Monitor erreicht.
Error: (10/06/2014 01:32:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/06/2014 01:32:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Microsoft Office Sessions:
=========================
Error: (10/06/2014 01:48:31 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 3 2014-10-06 13:48:31+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\windows\mod_frst.exe
File hash: 4bb423ae4bf7b46ba1cd43c521cf9314c03cf8c4
Error: (10/06/2014 01:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 2 2014-10-06 13:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe
File hash: ecc329d37f6197b2aa59a824c35b4dc2140fdc02
Error: (10/06/2014 01:43:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MySafeProxyMonitor.exe1.0.10.054296dccMySafeProxyMonitor.exe1.0.10.054296dccc000000500050c50fe001cfe1595562fdd2C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxyMonitor.exeC:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxyMonitor.exe03b8ea43-4d4e-11e4-a3ab-8c89a5a480ca
Error: (10/06/2014 01:40:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 1 2014-10-06 13:40:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hqcinema1.9v01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe
File hash: a18c0c54cdd97a25d85c53ef1f55a7b039587779
Error: (10/06/2014 01:33:26 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (10/05/2014 07:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 32 2014-10-05 19:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe
File hash: ecc329d37f6197b2aa59a824c35b4dc2140fdc02
Error: (10/05/2014 07:40:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 31 2014-10-05 19:40:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hqcinema1.9v01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe
File hash: a18c0c54cdd97a25d85c53ef1f55a7b039587779
Error: (10/05/2014 06:45:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 30 2014-10-05 18:45:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe
File hash: 064fc06a2eefdc56bead8407259c52ef7081e72d
Error: (10/05/2014 06:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 29 2014-10-05 18:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\hd-quality-v3v30.09-codedownloader.exe
File hash: 9e52c47fc494aff0440088e483b18d7011fb946c
Error: (10/05/2014 06:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 28 2014-10-05 18:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe
File hash: 93a8eaa8b380efdb76dcf80f24da42f8efaf94b4
CodeIntegrity Errors:
===================================
Date: 2014-01-24 18:15:38.748
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Pascal\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-24 18:15:38.694
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Pascal\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-24 18:15:38.189
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-24 18:15:38.134
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-25 09:57:59.870
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-25 09:57:59.824
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 16:18:50.356
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 16:18:50.309
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 06:30:21.449
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 06:30:21.402
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 46%
Total physical RAM: 4077.64 MB
Available physical RAM: 2194.8 MB
Total Pagefile: 8153.46 MB
Available Pagefile: 5385.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:537.12 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:27.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 58F6BA5B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
Das was ich vorhin gesendet habe ist die Addition |
|
14.10.2014, 15:44
| #3 |
| | So jetzt die frstFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014
Ran by Pascal (administrator) on PASCAL-PC on 06-10-2014 13:46:29
Running from C:\Users\Pascal\Desktop
Loaded Profile: Pascal (Available profiles: Pascal & Susu & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(HQCinemaV01.10) C:\Program Files (x86)\HQCinema1.9V01.10\1242f82e-6c0d-47d3-a2c9-9feb3999108a.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(hxxp://www.goforfiles.com/) C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Flux Software LLC) C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe
(wifimouse@necta.us) C:\Program Files (x86)\MouseServer\MouseServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\monitor.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Small Island Development) C:\ProgramData\HAunCmYKI\tCJlXj.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
(MyOSCompany) C:\Program Files (x86)\PCTRunner\MyOSProtect.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Hoster (47731)] => C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [f.lux] => C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [] => [X]
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [MouseServer] => C:\Program Files (x86)\MouseServer\MouseServer.exe [122880 2012-03-21] (wifimouse@necta.us)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-18\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4862384 2012-03-21] (Exent Technologies Ltd.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&ISID=MF70BB4B3-B174-4BAF-A6B9-7309BCFE9943&SearchSource=55&CUI=&UM=5&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&SSPV=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - Ashampoo DE Toolbar - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://aartemis.com/?type=sc&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtByEzztN1L2XzutBtFtCtFtCtFtAtCtB&cr=1824825983
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=20&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0193640988514575&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
SearchScopes: HKLM - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtAyDyEtN1L2XzutBtFtBtFtCtFyEtDyB&cr=208974077
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
SearchScopes: HKLM-x32 - {3D5C0BD6-7735-62F6-6F8F-521BDAFB66B2} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtByEzztN1L2XzutBtFtCtFtCtFtAtCtB&cr=1824825983
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=20&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0193640988514575&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtAyDyEtN1L2XzutBtFtBtFtCtFyEtDyB&cr=208974077
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=58&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=58&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&q={searchTerms}&SSPV=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Plus-HD-2.6 -> {11111111-1111-1111-1111-110311341140} -> C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho64.dll (Plus HD)
BHO: HD-Quality-v3V30.09 -> {11111111-1111-1111-1111-110611171162} -> C:\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho64.dll (HD-Quality-v3V30.09)
BHO: HQCinema1.9V01.10 -> {11111111-1111-1111-1111-110611381131} -> C:\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho64.dll (HQCinemaV01.10)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll ()
BHO: MySafeProxy -> {51420F88-4D4A-4042-9509-8D4E1307910E} -> C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxy64.dll (XTRM Group Ltd.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: I Want This -> {11111111-1111-1111-1111-110011221158} -> No File
BHO-x32: Plus-HD-2.6 -> {11111111-1111-1111-1111-110311341140} -> No File
BHO-x32: HD-Quality-v3V30.09 -> {11111111-1111-1111-1111-110611171162} -> C:\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho.dll (HD-Quality-v3V30.09)
BHO-x32: HQCinema1.9V01.10 -> {11111111-1111-1111-1111-110611381131} -> C:\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho.dll (HQCinemaV01.10)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: MySafeProxy -> {51420F88-4D4A-4042-9509-8D4E1307910E} -> C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxy32.dll (XTRM Group Ltd.)
BHO-x32: Ashampoo DE Toolbar -> {5786d022-540e-4699-b350-b4be0ae94b79} -> C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
BHO-x32: PlayBryte BHO -> {61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Incredibar.com Helper Object -> {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} -> C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO-x32: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: BetterAds -> {BA56787C-729F-4715-8F11-EB2A16908B91} -> C:\Program Files (x86)\BetterAds\ScriptHost.dll ()
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: FreeWorkz Games -> {D1ECD019-8423-43de-98D1-7892AF2DA309} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Webexp Enhanced -> {dc26eb86-ac6f-4093-918d-3e36cd607f01} -> No File
BHO-x32: holasearch Helper Object -> {DFF9B2DA-EF99-4B26-83CB-7058299999D8} -> C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\bh\holasearch.dll (holasearch.com)
BHO-x32: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\bh\Softonic.dll (Softonic.com)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No File
Toolbar: HKLM-x32 - Ashampoo DE Toolbar - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No File
Toolbar: HKLM-x32 - No Name - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM-x32 - No Name - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM-x32 - Holasearch Toolbar - {C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll (holasearch.com)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} - No File
Toolbar: HKCU - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 02 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 03 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 04 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 15 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9-x64 01 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 02 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 03 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 04 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 15 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default
FF SearchEngineOrder.1: Delta Search
FF Homepage: hxxp://search.fbdownloader.com/?channel=sfde203fbdgy21
FF SelectedSearchEngine: FBDownloader Search
FF DefaultSearchEngine: FBDownloader Search
FF Keyword.URL: hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\user.js
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\fbdownloader_search.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\fileconverter-13-customized-web-search.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\freemake.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\google-chile.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\holasearch.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\search.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Yahooober4451956.xml
FF Extension: HD-Quality-v3V30.09 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [2014-10-01]
FF Extension: HQCinema1.9V01.10 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [2014-10-01]
FF Extension: Feven 1.5 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com [2013-11-21]
FF Extension: Plus-HD-2.6 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com [2013-10-11]
FF Extension: Amazon-Icon - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\amazon-icon@giga.de [2014-01-20]
FF Extension: DoNotTrackMe - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\donottrackplus@abine.com [2013-07-14]
FF Extension: Delta Toolbar - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbr@delta.com [2013-03-26]
FF Extension: HolaSearch - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbr@holasearch.com [2013-08-30]
FF Extension: softonic.com - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbra@softonic.com [2013-03-28]
FF Extension: YouTube Unblocker - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\youtubeunblocker@unblocker.yt [2013-10-11]
FF Extension: FileConverter 1.3 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee} [2013-10-23]
FF Extension: Searchqu Toolbar - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2013-06-06]
FF Extension: WOT - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-10-19]
FF Extension: uTorrentBar_DE - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [2013-09-16]
FF Extension: BetterAds - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\betterads@BetterAds.org.xpi [2013-06-08]
FF Extension: GoPhotoIt - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\gophoto@gophoto.it.xpi [2012-07-31]
FF Extension: Javascript View - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi [2013-09-24]
FF Extension: JS Deminifier - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeminifier@murphy.ben.name.xpi [2013-09-24]
FF Extension: JavaScript Deobfuscator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2013-09-24]
FF Extension: Movie2kDownloader - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF Extension: OfferMosquito - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\om@offermosquito.com.xpi [2013-10-04]
FF Extension: Personas Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\personas@christopher.beard.xpi [2013-02-19]
FF Extension: Cool Smiley Bar for Facebook - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\pluswinks@PlusWinks.xpi [2013-06-08]
FF Extension: ScrewAds Plus for YouTube - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\screwads@airtint.com.xpi [2013-02-19]
FF Extension: Feedback - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-03-30]
FF Extension: YesScript - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\yesscript@userstyles.org.xpi [2013-09-26]
FF Extension: Quick Translator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-02-19]
FF Extension: Adblock Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-08]
FF Extension: JavaScript Debugger - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2013-09-24]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-10-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@holasearch.com [2013-10-27]
FF Extension: Iminent WebBooster - C:\Program Files (x86)\Mozilla Firefox\extensions\webbooster@iminent.com [2013-10-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2013-10-27]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-09-04]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-01-13]
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\Pascal\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: SpeedAnalysis.com - C:\Users\Pascal\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013-03-26]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-04-02]
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha691.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha418.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6846.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff
FF HKCU\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\Pascal\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\SeeSimilar@SeeSimilar.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-03]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-03]
CHR Extension: (TV) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]
CHR Extension: (Short It!) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl [2014-03-03]
CHR Extension: (Battlefield Play4Free) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-03-03]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pascal\AppData\Local\funmoods.crx [2012-09-04]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pascal\AppData\Local\funmoods-speeddial_sf.crx [2012-12-19]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-04]
CHR HKCU\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pascal\AppData\Local\funmoods.crx [2012-09-04]
CHR HKCU\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pascal\AppData\Local\funmoods-speeddial_sf.crx [2012-12-19]
CHR HKCU\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Pascal\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2012-09-20]
CHR HKCU\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Pascal\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-07-22]
CHR HKCU\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [2012-10-21]
CHR HKCU\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Pascal\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-12-26]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-01-13]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2013-07-18]
CHR HKLM-x32\...\Chrome\Extension: [aocimlpakaebbmfhjgajelcdbejhgehe] - C:\Users\Pascal\AppData\LocalLow\Playbryte\Chrome.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pascal\AppData\Local\funmoods.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2012-12-13]
CHR HKLM-x32\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\Pascal\AppData\Roaming\SpeedanAlysis\speedanalysis.crx [2013-02-14]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pascal\AppData\Local\funmoods-speeddial_sf.crx [2012-12-19]
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx [2012-12-19]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\Softonic.crx [2013-03-03]
CHR HKLM-x32\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Pascal\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Pascal\AppData\Roaming\BabSolution\CR\delta1.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Pascal\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-07-22]
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [2012-10-21]
CHR HKLM-x32\...\Chrome\Extension: [gkipfehgopcajnafpdjajagbjllcobjj] - C:\ProgramData\Browse2save\gkipfehgopcajnafpdjajagbjllcobjj.crx [2012-10-21]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2012-10-21]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-04-02]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Pascal\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-12-26]
CHR HKLM-x32\...\Chrome\Extension: [lemilgpbnfoecfjhpfchannnnkeefjmj] - C:\Users\Pascal\AppData\Local\CRE\lemilgpbnfoecfjhpfchannnnkeefjmj.crx [2012-12-26]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Pascal\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-01-20]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2014-01-20]
CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\Pascal\AppData\Roaming\PlusWinks\pluswinks.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [mpihchkdinijmdhepcmpbgelkaaoiaek] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ch\MediaBuzzV1mode6846.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [ohpbokjkbkmdoidlodcdhdhhienlenkl] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ch\WebexpEnhancedV1alpha691.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-10] (Just Develop It) <==== ATTENTION
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2983896 2014-07-29] (Client Connect LTD)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-03-27] (Freemake) [File not signed]
R2 fshoster; C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe [61176 2012-08-06] (F-Secure Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-01] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-01] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R3 MyOSProtect; C:\Program Files (x86)\PCTRunner\MyOSProtect.exe [1317096 2014-09-01] (MyOSCompany) [File not signed]
S2 MySafeProxyMonitor; C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxyMonitor.exe [1311736 2014-10-01] (XTRM Group Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-17] ()
S2 ProtectMonitor; C:\monitorsvc.exe [34244 2014-09-02] () [File not signed] <==== ATTENTION
S4 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-04-12] () [File not signed]
R2 tCJlXj; C:\ProgramData\HAunCmYKI\tCJlXj.exe [2319728 2014-10-01] (Small Island Development)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2009-11-18] (Chris Pietschmann (hxxp://pietschsoft.com)) [File not signed]
S4 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-06-30] () [File not signed]
S3 SystemExplorerHelpService; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALSysIO; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-13] (Disc Soft Ltd)
S3 esgiguard; No ImagePath
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-09] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-11-25] ()
R3 fsni; C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys [86056 2014-06-19] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
S3 IntcAzAudAddService; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WinRing0_1_2_0; No ImagePath
R2 X5XSEx; C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [55400 2010-11-22] (Exent Technologies Ltd.)
S3 xhunter1; No ImagePath
S1 nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-06 13:46 - 2014-10-06 13:47 - 00050543 _____ () C:\Users\Pascal\Desktop\FRST.txt
2014-10-06 13:39 - 2014-10-06 13:46 - 00000000 ____D () C:\FRST
2014-10-06 13:39 - 2014-10-06 13:31 - 02109952 _____ (Farbar) C:\Users\Pascal\Desktop\FRST64.exe
2014-10-04 11:58 - 2014-10-04 11:58 - 00000000 ___SD () C:\32788R22FWJFW
2014-10-04 11:58 - 2014-10-04 11:58 - 00000000 ____D () C:\Windows\erdnt
2014-10-04 11:58 - 2014-10-04 11:58 - 00000000 ____D () C:\Qoobox
2014-10-04 07:03 - 2014-10-04 07:03 - 00000000 ____D () C:\Users\Pascal\Documents\Criterion Games
2014-10-04 06:55 - 2014-10-04 06:55 - 00001331 _____ () C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2014-10-04 06:55 - 2014-10-04 06:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2014-10-02 20:01 - 2014-10-02 20:01 - 00000000 ____D () C:\Users\Pascal\AppData\Local\PopCap Games
2014-10-01 21:15 - 2014-10-01 21:15 - 00000000 ____D () C:\NVIDIA Corporation
2014-10-01 19:54 - 2014-10-01 19:54 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-01 19:54 - 2014-10-01 19:54 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\InetStat
2014-10-01 19:54 - 2014-10-01 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-01 18:49 - 2014-10-01 18:49 - 00000000 ____D () C:\ProgramData\374311380
2014-10-01 18:45 - 2014-10-06 13:32 - 00002444 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5.job
2014-10-01 18:45 - 2014-10-01 18:45 - 00005474 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5
2014-10-01 18:45 - 2014-10-01 18:45 - 00002444 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5_user.job
2014-10-01 18:44 - 2014-10-06 13:44 - 00003468 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00003812 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00003132 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00002780 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00002108 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00001440 _____ () C:\Windows\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716.job
2014-10-01 18:44 - 2014-10-01 18:45 - 00004470 _____ () C:\Windows\System32\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716
2014-10-01 18:44 - 2014-10-01 18:44 - 01522584 _____ (HD-Quality-v3V30.09) C:\Users\Pascal\AppData\Roaming\SUU.exe
2014-10-01 18:44 - 2014-10-01 18:44 - 00006842 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4
2014-10-01 18:44 - 2014-10-01 18:44 - 00006496 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6
2014-10-01 18:44 - 2014-10-01 18:44 - 00006162 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7
2014-10-01 18:44 - 2014-10-01 18:44 - 00005810 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1
2014-10-01 18:44 - 2014-10-01 18:44 - 00005138 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2
2014-10-01 18:44 - 2014-10-01 18:44 - 00001336 _____ () C:\Windows\Tasks\SUU.job
2014-10-01 18:43 - 2014-10-06 13:32 - 00004494 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-11.job
2014-10-01 18:43 - 2014-10-06 13:32 - 00003812 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-3.job
2014-10-01 18:43 - 2014-10-01 18:45 - 00000000 ____D () C:\Program Files (x86)\HD-Quality-v3V30.09
2014-10-01 18:43 - 2014-10-01 18:44 - 00007524 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-11
2014-10-01 18:43 - 2014-10-01 18:43 - 00006842 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-3
2014-10-01 16:45 - 2014-10-01 16:45 - 00004400 _____ () C:\Windows\SysWOW64\MyOSProtect.ini
2014-10-01 16:45 - 2014-10-01 16:45 - 00002344 _____ () C:\Windows\SysWOW64\MyOSProtectOff.ini
2014-10-01 16:45 - 2014-10-01 16:45 - 00002344 _____ () C:\Windows\system32\MyOSProtectOff.ini
2014-10-01 16:44 - 2014-10-01 16:44 - 00000000 ____D () C:\Users\Pascal\AppData\Local\com
2014-10-01 16:44 - 2014-09-01 20:28 - 00350768 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect64.dll
2014-10-01 16:44 - 2014-09-01 20:28 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyOSProtect.dll
2014-10-01 16:43 - 2014-10-06 13:32 - 00002440 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5_user.job
2014-10-01 16:43 - 2014-10-06 13:32 - 00002440 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.job
2014-10-01 16:43 - 2014-10-01 16:44 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (2).jar
2014-10-01 16:43 - 2014-10-01 16:43 - 00005470 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5
2014-10-01 16:43 - 2014-10-01 16:43 - 00004462 _____ () C:\Windows\System32\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a
2014-10-01 16:43 - 2014-10-01 16:43 - 00000000 ____D () C:\Windows\Sun
2014-10-01 16:42 - 2014-10-06 13:32 - 00003452 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1.job
2014-10-01 16:42 - 2014-10-06 13:32 - 00002104 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.job
2014-10-01 16:42 - 2014-10-06 13:32 - 00001432 _____ () C:\Windows\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a.job
2014-10-01 16:42 - 2014-10-01 16:42 - 00006482 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1
2014-10-01 16:42 - 2014-10-01 16:42 - 00005134 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2
2014-10-01 16:41 - 2014-10-06 13:32 - 00004488 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-4.job
2014-10-01 16:41 - 2014-10-01 16:41 - 00007518 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-4
2014-10-01 16:40 - 2014-10-06 13:40 - 00004152 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.job
2014-10-01 16:40 - 2014-10-06 13:32 - 00003808 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.job
2014-10-01 16:40 - 2014-10-01 16:40 - 00007180 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6
2014-10-01 16:40 - 2014-10-01 16:40 - 00006838 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7
2014-10-01 16:39 - 2014-10-01 18:43 - 00003986 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-10-01 16:39 - 2014-10-01 16:41 - 00000000 ____D () C:\Users\Pascal\AppData\Local\TVWizard
2014-10-01 16:39 - 2014-10-01 16:39 - 00004030 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-10-01 16:38 - 2014-10-06 13:32 - 00005178 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-11.job
2014-10-01 16:38 - 2014-10-06 13:32 - 00000984 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-01 16:38 - 2014-10-05 18:48 - 00000988 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-01 16:38 - 2014-10-01 19:54 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-01 16:38 - 2014-10-01 18:43 - 00003732 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-10-01 16:38 - 2014-10-01 16:39 - 00008208 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-11
2014-10-01 16:38 - 2014-10-01 16:38 - 00006838 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-3
2014-10-01 16:38 - 2014-10-01 16:38 - 00000000 ____D () C:\ProgramData\HAunCmYKI
2014-10-01 16:37 - 2014-10-06 13:32 - 00003808 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-3.job
2014-10-01 16:37 - 2014-10-01 16:43 - 00000000 ____D () C:\Program Files (x86)\HQCinema1.9V01.10
2014-10-01 16:37 - 2014-10-01 16:37 - 00000000 ____D () C:\Users\Pascal\AppData\Local\globalUpdate
2014-10-01 16:37 - 2014-10-01 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2014-10-01 16:37 - 2014-10-01 16:37 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-01 16:36 - 2014-10-03 15:11 - 00000000 ____D () C:\Users\Pascal\AppData\Local\mbot_de_111
2014-10-01 16:36 - 2014-10-01 16:46 - 00000000 ____D () C:\Program Files (x86)\PepperZip
2014-10-01 16:36 - 2014-10-01 16:38 - 00000000 ____D () C:\ProgramData\TVWizard
2014-10-01 16:36 - 2014-10-01 16:37 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-10-01 16:36 - 2014-10-01 16:37 - 00000000 ____D () C:\Program Files (x86)\mbot_de_111
2014-10-01 16:36 - 2014-10-01 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-10-01 16:36 - 2014-10-01 16:36 - 00000000 ____D () C:\Program Files (x86)\XTRM Group
2014-10-01 16:35 - 2014-10-04 15:08 - 00000000 ____D () C:\Program Files (x86)\ver4NewPlayer
2014-10-01 16:35 - 2014-10-01 16:45 - 00000000 ____D () C:\Program Files (x86)\PCTRunner
2014-10-01 16:33 - 2014-10-01 16:33 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (1).jar
2014-10-01 16:23 - 2014-10-01 16:23 - 14338316 _____ () C:\Users\Pascal\Downloads\BetterDungeons1-6-4_2091.zip
2014-10-01 13:37 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 13:37 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-27 19:26 - 2014-09-27 19:26 - 00367440 _____ () C:\Users\Pascal\Downloads\SoftonicDownloader_for_open-hexagon.exe
2014-09-27 19:25 - 2014-09-27 19:25 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (2).7z
2014-09-27 19:23 - 2014-09-27 19:24 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (1).7z
2014-09-27 19:21 - 2014-09-27 19:22 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win.7z
2014-09-24 15:47 - 2014-09-24 15:47 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Cornelsen
2014-09-24 15:36 - 2014-09-24 15:36 - 00002344 _____ () C:\Users\Public\Desktop\English G 21 e-Workbook A2.lnk
2014-09-24 15:36 - 2014-09-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cornelsen
2014-09-24 13:26 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 13:26 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-20 17:34 - 2014-09-20 17:39 - 00000000 ____D () C:\ProgramData\DriverGenius
2014-09-20 17:32 - 2014-09-20 17:32 - 00001225 _____ () C:\Users\Pascal\Desktop\Driver Genius.lnk
2014-09-20 17:32 - 2014-09-20 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
2014-09-20 17:31 - 2014-09-20 17:31 - 00000000 ____D () C:\Program Files (x86)\Driver-Soft
2014-09-20 17:30 - 2014-09-20 17:31 - 08719056 _____ (Driver-Soft Inc. ) C:\Users\Pascal\Downloads\Driver_Genius_14de.exe
2014-09-20 17:30 - 2014-09-20 17:31 - 08719056 _____ (Driver-Soft Inc. ) C:\Users\Pascal\Downloads\Driver_Genius_14de (1).exe
2014-09-17 18:45 - 2014-09-17 18:45 - 00000000 ____D () C:\Users\Pascal\Documents\Scratch Projects
2014-09-17 14:23 - 2014-09-17 14:23 - 01402920 _____ () C:\Users\Pascal\Downloads\battlelog-web-plugins_2.5.1_149.exe
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Susu\Desktop\Scratch.lnk
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Pascal\Desktop\Scratch.lnk
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Gast\Desktop\Scratch.lnk
2014-09-16 21:11 - 2014-09-16 21:11 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scratch
2014-09-16 21:11 - 2014-09-16 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch
2014-09-16 21:10 - 2014-09-16 21:11 - 00000000 ____D () C:\Program Files (x86)\Scratch
2014-09-16 21:06 - 2014-09-16 21:09 - 34637975 _____ (MIT Media Lab Lifelong Kindergarten Group) C:\Users\Pascal\Downloads\ScratchInstaller1.4.exe
2014-09-16 21:06 - 2014-09-16 21:09 - 34485667 _____ () C:\Users\Pascal\Downloads\Scratch1.4.msi.installer.zip
2014-09-16 21:05 - 2014-09-16 21:05 - 01101648 _____ () C:\Users\Pascal\Downloads\Sketch - CHIP-Installer.exe
2014-09-11 22:29 - 2014-09-14 12:13 - 00000000 ____D () C:\Users\Pascal\Documents\OpenTTD
2014-09-11 22:28 - 2014-09-11 22:28 - 00000800 _____ () C:\Users\Public\Desktop\OpenTTD.lnk
2014-09-11 22:28 - 2014-09-11 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD
2014-09-11 22:28 - 2014-09-11 22:28 - 00000000 ____D () C:\Program Files\OpenTTD
2014-09-11 22:27 - 2014-09-11 22:28 - 07780242 _____ (OpenTTD Developers) C:\Users\Pascal\Downloads\openttd-1.4.2-windows-win64 (1).exe
2014-09-11 22:26 - 2014-09-11 22:26 - 07780242 _____ (OpenTTD Developers) C:\Users\Pascal\Downloads\openttd-1.4.2-windows-win64.exe
2014-09-11 21:03 - 2014-09-11 21:12 - 00250880 _____ () C:\Users\Pascal\Mamas Geburtstagskarte (47).pub
2014-09-11 03:53 - 2014-08-17 06:00 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:53 - 2014-08-17 06:00 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:53 - 2014-08-17 05:59 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:53 - 2014-08-17 05:58 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:53 - 2014-08-17 05:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:53 - 2014-08-16 09:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:53 - 2014-08-16 08:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:53 - 2014-08-16 08:34 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-11 03:53 - 2014-08-16 07:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-11 03:03 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:03 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 20:13 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 20:13 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 20:12 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 20:12 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 20:11 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 20:11 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 20:11 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 20:11 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 20:11 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 20:11 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 20:11 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-06 22:44 - 2014-09-06 22:44 - 04188089 _____ () C:\Users\Pascal\Downloads\Piston House Waschmaschine.zip
2014-09-06 17:07 - 2014-10-02 17:21 - 00001348 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-06 17:07 - 2014-09-06 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-06 17:04 - 2014-09-06 17:06 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 12:01 - 2014-09-06 12:01 - 07433355 _____ () C:\Users\Pascal\Downloads\FR_hi_res_pack_01.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-06 13:42 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-06 13:42 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-06 13:40 - 2011-05-16 16:04 - 00707400 _____ () C:\Windows\system32\perfh007.dat
2014-10-06 13:40 - 2011-05-16 16:04 - 00153334 _____ () C:\Windows\system32\perfc007.dat
2014-10-06 13:40 - 2009-07-14 07:13 - 01644624 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-06 13:38 - 2012-04-16 12:02 - 01795311 _____ () C:\Windows\WindowsUpdate.log
2014-10-06 13:34 - 2014-06-11 10:27 - 00003310 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-10-06 13:34 - 2014-06-11 10:27 - 00000678 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-10-06 13:33 - 2014-03-29 07:22 - 00082852 _____ () C:\Windows\setupact.log
2014-10-06 13:33 - 2014-03-03 20:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-06 13:33 - 2013-01-25 15:21 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-06 13:32 - 2013-10-11 16:41 - 00001196 _____ () C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2014-10-06 13:32 - 2013-10-11 16:41 - 00001096 _____ () C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2014-10-06 13:32 - 2013-10-11 16:40 - 00001904 _____ () C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job
2014-10-06 13:32 - 2013-10-11 16:40 - 00001828 _____ () C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job
2014-10-06 13:32 - 2012-01-24 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-06 13:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-05 19:32 - 2014-02-06 15:32 - 00000312 _____ () C:\Windows\Tasks\Digital Sites.job
2014-10-05 19:32 - 2013-10-30 14:32 - 00000310 _____ () C:\Windows\Tasks\DigitalSite.job
2014-10-05 19:22 - 2014-03-03 20:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-05 19:18 - 2012-12-23 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-05 19:00 - 2013-11-26 11:36 - 00000296 _____ () C:\Windows\Tasks\RegistryBooster Maintenance.job
2014-10-05 16:03 - 2013-04-14 09:37 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\.minecraft
2014-10-05 15:33 - 2012-04-16 13:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-05 08:37 - 2013-10-30 15:32 - 00000096 _____ () C:\Users\Pascal\AppData\Roaming\WB.CFG
2014-10-04 15:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-04 12:22 - 2012-04-16 13:40 - 00000000 ____D () C:\ProgramData\Origin
2014-10-04 12:21 - 2014-01-22 15:55 - 00000000 ____D () C:\Users\Pascal\Documents\FIFA 14
2014-10-04 06:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-04 06:23 - 2012-09-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-10-03 15:05 - 2013-02-08 19:41 - 00000000 ____D () C:\Windows\pss
2014-10-03 10:41 - 2013-07-11 15:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-03 08:45 - 2013-11-20 17:09 - 00000000 ____D () C:\Users\Pascal\AppData\Local\CrashDumps
2014-10-02 20:36 - 2014-03-31 14:14 - 00178980 _____ () C:\Windows\PFRO.log
2014-10-02 19:53 - 2014-05-14 16:36 - 00074044 _____ () C:\Windows\DirectX.log
2014-10-02 15:58 - 2013-10-30 14:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-09-26 18:38 - 2014-03-03 20:30 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-09-26 18:38 - 2013-12-15 14:58 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-26 18:33 - 2013-12-15 14:58 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-26 14:41 - 2014-06-03 14:57 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389385127
2014-09-26 14:41 - 2014-01-10 22:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-25 20:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-24 19:18 - 2012-12-23 17:51 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 19:18 - 2012-10-28 15:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 19:18 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 15:38 - 2012-04-16 19:41 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-09-24 15:35 - 2012-07-15 12:13 - 00000000 ____D () C:\Program Files (x86)\Cornelsen
2014-09-23 15:07 - 2012-04-17 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-23 15:05 - 2013-04-21 14:29 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-20 17:49 - 2012-12-03 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2014-09-18 15:55 - 2014-06-04 14:39 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-17 14:31 - 2013-12-15 14:58 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-15 09:06 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-13 14:02 - 2013-03-24 17:31 - 00000000 ____D () C:\tmp
2014-09-11 21:12 - 2012-04-16 12:09 - 00000000 ____D () C:\Users\Pascal
2014-09-11 19:06 - 2014-06-06 21:46 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\TS3Client
2014-09-11 03:50 - 2012-04-21 11:21 - 01617968 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:49 - 2013-07-28 21:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:04 - 2011-07-18 22:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:03 - 2014-05-06 21:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-06 17:09 - 2013-06-12 17:03 - 00000000 ____D () C:\Users\Pascal\Documents\Electronic Arts
2014-09-06 13:35 - 2012-04-16 19:41 - 00000000 ____D () C:\ProgramData\Skype
Files to move or delete:
====================
C:\Users\Pascal\DSETUP.dll
C:\Users\Pascal\dsetup32.dll
C:\Users\Pascal\DXSETUP.exe
C:\Users\Pascal\ManiaPlanetCanyon_Setup.exe
C:\Users\Pascal\MouseServer.exe
C:\Users\Pascal\setup.exe
C:\Users\Public\AlexaNSISPlugin.9612.dll
Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\BackupSetup.exe
C:\Users\Pascal\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Pascal\AppData\Local\Temp\ntvb2.dll
C:\Users\Pascal\AppData\Local\Temp\ntvb2.exe
C:\Users\Pascal\AppData\Local\Temp\optprosetup.exe
C:\Users\Pascal\AppData\Local\Temp\setup_337.exe
C:\Users\Pascal\AppData\Local\Temp\SpOrder.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 00:52
==================== End Of Log ============================
|
|
Hybrid-Darstellung
