| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1: Dauernde Trojanerfunde - Crypt.Xpack / Z.pack /..Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.02.2015, 03:39
| #1 |
 |  Windows 8.1: Dauernde Trojanerfunde - Crypt.Xpack / Z.pack /.. Hallo liebes Board, nachdem ich gesehen habe was Ihr bei anderen Usern erreicht habt und weil ich mir wirklich Sorgen mache dass das Problem sich verschlimmert, muss ich mich dringend an euch wenden. Seit ein paar Wochen zeigt Avira regelmäßig Trojaner-Funde an. Trotz aller Bemühungen (Systemscan, Abgesicherter Modus) ist die Ruhe immer nur von kurzer Dauer. Lösche ich Crypt.Xpack, findet er Crypt.Zpack, Epack oder sonst was und das immer wieder. Ich hoffe Ihr könnt mir durch das Problem durch helfen, damit ich meinen PC nicht einstampfen muss. Vielen Dank im Voraus für Eure Bemühungen. Schönen Gruß Matze Anbei noch die ersten Logfiles: Avira: Code:
ATTFilter Exportierte Ereignisse:
13.02.2015 00:05 [System-Scanner] Malware gefunden
Die Datei 'C:\Program Files (x86)\Setup Wizard\embird.exe'
enthielt einen Virus oder unerwünschtes Programm 'Worm/Rbot.5013712' [worm].
Durchgeführte Aktion(en):
Eine Sicherungskopie wurde unter dem Namen 50179290.qua erstellt ( QUARANTÄNE ).
Die Datei wurde gelöscht.
12.02.2015 21:26 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp8794.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen7' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50f69943.qua'
verschoben!
19.02.2015 05:46 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmpB521.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan].
Durchgeführte Aktion(en):
Eine Sicherungskopie wurde unter dem Namen 50f7c5ca.qua erstellt ( QUARANTÄNE ).
Die Datei wurde gelöscht.
18.02.2015 22:24 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmpB521.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
18.02.2015 22:24 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmpB521.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
13.02.2015 00:05 [System-Scanner] Malware gefunden
Die Datei
'C:\$Recycle.Bin\S-1-5-21-1635521525-480761495-2417052547-1002\$RYTJ33F.exe'
enthielt einen Virus oder unerwünschtes Programm 'Worm/Rbot.5013712' [worm].
Durchgeführte Aktion(en):
Eine Sicherungskopie wurde unter dem Namen 4889becd.qua erstellt ( QUARANTÄNE ).
Die Datei wurde gelöscht.
20.02.2015 02:02 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Matze\AppData\Local\Eftion\tmp76AC.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.101964' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
20.02.2015 02:05 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Matze\AppData\Local\Eftion\tmp76AC.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.101964' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
20.02.2015 02:06 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Matze\Downloads\Super Screen Capture\Super Screen
Capture.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Agent.12582912.5' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
20.02.2015 02:00 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Matze\AppData\Local\Eftion\tmp76AC.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.101964' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
19.02.2015 06:44 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Matze\AppData\Local\Eftion\tmp76AC.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.101964' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
12.02.2015 21:25 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp8794.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen7' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
12.02.2015 21:25 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp8794.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen7' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
14.02.2015 22:09 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp8C0E.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen7' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
16.02.2015 02:02 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Matze\AppData\Local\Eftion\tmp9450.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Boaxxe.A.284' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
16.02.2015 02:00 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Matze\AppData\Local\Eftion\tmp9450.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Boaxxe.A.284' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
16.02.2015 22:24 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp8EB5.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
16.02.2015 05:36 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmpDD5D.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Dropper.VB.19003' [trojan].
Durchgeführte Aktion(en):
Eine Sicherungskopie wurde unter dem Namen 4904f9c4.qua erstellt ( QUARANTÄNE ).
Die Datei wurde gelöscht.
16.02.2015 02:46 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Matze\AppData\Local\Eftion\tmp9450.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Boaxxe.A.284' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50f9dea0.qua'
verschoben!
Der Registrierungseintrag
<HKEY_USERS\S-1-5-21-1635521525-480761495-2417052547-1002\SOFTWARE\Microsoft\Win
dows\CurrentVersion\Run\Eftion> wurde erfolgreich repariert.
16.02.2015 05:36 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp9450.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Boaxxe.A.284' [trojan].
Durchgeführte Aktion(en):
Eine Sicherungskopie wurde unter dem Namen 1b5ba32c.qua erstellt ( QUARANTÄNE ).
Die Datei wurde gelöscht.
16.02.2015 05:36 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Matze\AppData\Local\Eftion\tmpDD5D.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Dropper.VB.19003' [trojan].
Durchgeführte Aktion(en):
Eine Sicherungskopie wurde unter dem Namen 5193d663.qua erstellt ( QUARANTÄNE ).
Die Datei wurde gelöscht.
17.02.2015 05:14 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Matze\AppData\Local\Eftion\tmp9486.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Agent.272664' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50bd55a8.qua'
verschoben!
Der Registrierungseintrag
<HKEY_USERS\S-1-5-21-1635521525-480761495-2417052547-1002\SOFTWARE\Microsoft\Win
dows\CurrentVersion\Run\Eftion> wurde erfolgreich repariert.
14.02.2015 22:12 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp8C0E.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen7' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50f929ac.qua'
verschoben!
14.02.2015 22:09 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp8C0E.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen7' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
17.02.2015 04:55 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp9486.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Agent.272664' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
16.02.2015 22:24 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp8EB5.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
16.02.2015 22:24 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp8EB5.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.Gen' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5011f5c2.qua'
verschoben!
17.02.2015 04:33 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp9486.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Agent.272664' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern
20.02.2015 02:06 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp76AC.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.101964' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.02.2015 02:11 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp2ACE.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.EPACK.21717' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.02.2015 02:12 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Matze\AppData\Local\Eftion\tmpD946.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Boaxxe.A.407' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50f34d98.qua'
verschoben!
Der Registrierungseintrag
<HKEY_USERS\S-1-5-21-1635521525-480761495-2417052547-1002\SOFTWARE\Microsoft\Win
dows\CurrentVersion\Run\Eftion> wurde erfolgreich repariert.
21.02.2015 02:11 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp2ACE.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.EPACK.21717' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner
20.02.2015 02:19 [Echtzeit-Scanner] Malware gefunden
In der Datei 'C:\Users\Matze\AppData\Local\Eftion\tmp76AC.exe'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.101964' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern
20.02.2015 02:21 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Matze\AppData\Local\Eftion\tmp76AC.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.101964'
[trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50a91cea.qua'
verschoben!
Der Registrierungseintrag
<HKEY_USERS\S-1-5-21-1635521525-480761495-2417052547-1002\SOFTWARE\Microsoft\Win
dows\CurrentVersion\Run\Eftion> wurde erfolgreich repariert.
20.02.2015 02:15 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Matze\Downloads\Super Screen Capture\Super Screen
Capture.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Agent.12582912.5' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '535e25f2.qua'
verschoben!
20.02.2015 02:15 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp76AC.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.ZPACK.101964'
[trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4bc90a4d.qua'
verschoben!
21.02.2015 02:13 [System-Scanner] Malware gefunden
Die Datei 'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp2ACE.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.EPACK.21717'
[trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '7c0c72c8.qua'
verschoben!
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Matze (administrator) on MRPINK on 21-02-2015 03:27:32
Running from C:\Users\Matze\Downloads
Loaded Profiles: UpdatusUser & Matze (Available profiles: UpdatusUser & Matze)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Users\Matze\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(nerds.de) C:\Program Files (x86)\nerds.de\LoopBe1\loopBeMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\ARA.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Ocs_SM] => C:\Users\Matze\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2014-10-11] (OCS)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\Run: [Pokki] => C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\Run: [IQFsoft] => regsvr32.exe C:\Users\Matze\AppData\Local\IQFsoft\loader_u.dll <===== ATTENTION
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware)
HKU\S-1-5-18\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [8519984 2015-01-30] (Avira Operations GmbH & Co. KG)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-08-30] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-08-30] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LoopBe1 Monitor.lnk
ShortcutTarget: LoopBe1 Monitor.lnk -> C:\Program Files (x86)\nerds.de\LoopBe1\loopBeMon.exe (nerds.de)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1635521525-480761495-2417052547-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1635521525-480761495-2417052547-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://bestwaytosearch.com/?subid=MnSsnOyLrRK2wgdUpd1S9QDQcpF3cx72nd__aBPXt-vWmk9imSRpESqy_MpQ3QxcMLP3mvBiQ9kCJ6g4nNuQjqIL
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://bestwaytosearch.com/?subid=MnSsnOyLrRK2wgdUpd1S9QDQcpF3cx72nd__aBPXt-vWmk9imSRpESqy_MpQ3QxcMLP3mvBiQ9kCJ6g4nNuQjqIL
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1635521525-480761495-2417052547-1002 -> DefaultScope {D675CC04-44D6-5A92-58B9-C44A7515089C} URL = hxxp://bestwaytosearch.com/?q={searchTerms}&subid=MnSsnOyLrRK2wgdUpd1S9QDQcpF3cx72nd__aBPXt-vWmk9imSRpESqy_MpQ3QxcMLP3mvBiQ9kCJ6g4nNuQjqIL
SearchScopes: HKU\S-1-5-21-1635521525-480761495-2417052547-1002 -> {163F8699-D6CC-4209-A301-2BFF7C752869} URL =
SearchScopes: HKU\S-1-5-21-1635521525-480761495-2417052547-1002 -> {4A162BDE-9BF2-4D63-B59E-1A9284FA51E2} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=3eea11a0-2ba5-4cf9-b91e-ac8b6fa43539&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1635521525-480761495-2417052547-1002 -> {515D7A71-BD85-4661-BEA0-B94108ACDE53} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=3eea11a0-2ba5-4cf9-b91e-ac8b6fa43539&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1635521525-480761495-2417052547-1002 -> {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org.anonymize-me.de/?anonymto=687474703A2F2F7777772E666972657461622E6F72672F3F747970653D647333736526703D7B7365617263685465726D737D&st={searchTerms}&clid=3eea11a0-2ba5-4cf9-b91e-ac8b6fa43539&pid=chipde&k=0
SearchScopes: HKU\S-1-5-21-1635521525-480761495-2417052547-1002 -> {897F39F9-9838-472C-B2DD-0E8EF5A22ADD} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=3eea11a0-2ba5-4cf9-b91e-ac8b6fa43539&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1635521525-480761495-2417052547-1002 -> {90644D4E-5F15-483C-97FA-4342250FC55C} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=3eea11a0-2ba5-4cf9-b91e-ac8b6fa43539&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1635521525-480761495-2417052547-1002 -> {AB85A108-145B-4BE8-BF73-4D8B0F9ADBD2} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=3eea11a0-2ba5-4cf9-b91e-ac8b6fa43539&pid=chipde&mode=bounce&k=0
SearchScopes: HKU\S-1-5-21-1635521525-480761495-2417052547-1002 -> {D675CC04-44D6-5A92-58B9-C44A7515089C} URL = hxxp://bestwaytosearch.com/?q={searchTerms}&subid=MnSsnOyLrRK2wgdUpd1S9QDQcpF3cx72nd__aBPXt-vWmk9imSRpESqy_MpQ3QxcMLP3mvBiQ9kCJ6g4nNuQjqIL
SearchScopes: HKU\S-1-5-21-1635521525-480761495-2417052547-1002 -> {DDD5EE6B-603D-41DE-AA31-83D338EA73D9} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=3eea11a0-2ba5-4cf9-b91e-ac8b6fa43539&pid=chipde&mode=bounce&k=0
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: PriceSparrow -> {3F2DC1E7-A56F-49D8-B0CF-DB2300594497} -> C:\Program Files (x86)\PriceSparrow\Internet Explorer\pricesparrow.dll ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\4Wj7aq9l.default
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Windows\system32\C2MP\npdivx32.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\4Wj7aq9l.default\searchplugins\bestwaytosearch.xml
FF Extension: Avira Browser Safety - C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\4Wj7aq9l.default\Extensions\abs@avira.com [2014-11-05]
Chrome:
=======
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Matze\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Matze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-02-23]
CHR Extension: (Google Docs) - C:\Users\Matze\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Matze\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-16]
CHR Extension: (Avira Browser Safety) - C:\Users\Matze\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-06]
CHR Extension: (AdBlock) - C:\Users\Matze\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-21]
CHR Extension: (Google Wallet) - C:\Users\Matze\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-21]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [kljkanaekoongefljnjbghkgjjocmikm] - C:\Program Files (x86)\PriceSparrow\Chrome\pricesparrow-1.4.9.crx [2013-03-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-04] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2798336 2014-02-13] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [254016 2014-11-04] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-03-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [185792 2014-03-17] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 SearchAnonymizer; C:\Users\Matze\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2014-10-11] () [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
S2 AddonsHelper; C:\Users\Matze\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\3356edf7a88e475d88eac25e50bcafe7\AddonsHelper.exe [X]
S4 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-03-17] (McAfee, Inc.)
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-07] (Disc Soft Ltd)
S3 ffusb2audio; C:\Windows\system32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 LoopBeMidi1; C:\Windows\system32\drivers\loopbe1.sys [13824 2011-04-09] (nerds.de)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-03-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-03-17] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2014-03-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-03-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-03-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [345456 2014-03-17] (McAfee, Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 RDID1104; C:\Windows\system32\Drivers\rdwm1104.sys [198144 2012-10-23] (Roland Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [427736 2013-08-09] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 ysusb64; C:\Windows\system32\drivers\ysusb64.sys [132160 2014-08-19] (Yamaha Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 02:52 - 2015-02-21 02:53 - 00047189 _____ () C:\Users\Matze\Downloads\Addition.txt
2015-02-21 02:51 - 2015-02-21 03:27 - 00026502 _____ () C:\Users\Matze\Downloads\FRST.txt
2015-02-21 02:51 - 2015-02-21 03:27 - 00000000 ____D () C:\FRST
2015-02-21 02:51 - 2015-02-21 02:51 - 02086912 _____ (Farbar) C:\Users\Matze\Downloads\FRST64.exe
2015-02-21 02:49 - 2015-02-21 02:49 - 00000542 _____ () C:\Users\Matze\Downloads\defogger_disable.log
2015-02-21 02:49 - 2015-02-21 02:49 - 00000168 _____ () C:\Users\Matze\defogger_reenable
2015-02-21 02:48 - 2015-02-21 02:48 - 00050477 _____ () C:\Users\Matze\Downloads\Defogger.exe
2015-02-21 02:44 - 2015-02-21 02:44 - 00024638 _____ () C:\Users\Matze\Documents\Ereignisse.txt
2015-02-20 18:26 - 2015-02-20 18:26 - 00000000 ____D () C:\Windows\LastGood
2015-02-19 10:24 - 2015-02-19 10:24 - 00000000 ____D () C:\Users\Matze\Downloads\Blockhead
2015-02-19 09:49 - 2015-02-19 09:49 - 00000000 ____D () C:\Users\Matze\Downloads\Blockhead - The Music Scene
2015-02-19 09:22 - 2015-02-19 09:28 - 00000000 ____D () C:\Users\Matze\Downloads\Daft Punk - Discovery
2015-02-14 22:21 - 2015-02-21 02:00 - 00000524 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5bbf76c7-a9e6-401d-b1d4-a8915562d9ec.job
2015-02-14 22:21 - 2015-02-20 22:21 - 00000524 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 30e8a3b2-67b1-4509-ad2c-9f6805d5d754.job
2015-02-14 22:21 - 2015-02-14 22:21 - 00003574 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 5bbf76c7-a9e6-401d-b1d4-a8915562d9ec
2015-02-14 22:21 - 2015-02-14 22:21 - 00003492 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 30e8a3b2-67b1-4509-ad2c-9f6805d5d754
2015-02-14 22:15 - 2015-02-20 22:21 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-14 22:15 - 2015-02-14 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-14 22:15 - 2015-02-14 22:15 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\SUPERAntiSpyware.com
2015-02-14 22:15 - 2015-02-14 22:15 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-02-14 22:12 - 2015-02-14 22:12 - 21318368 _____ (SUPERAntiSpyware) C:\Users\Matze\Downloads\SUPERAntiSpyware.exe
2015-02-14 21:22 - 2015-02-14 21:22 - 00000000 ____D () C:\Users\Matze\AppData\Local\IQFsoft
2015-02-12 21:33 - 2015-02-12 21:40 - 00000000 ____D () C:\Users\Matze\Downloads\Camtasia Studio 8.2.1 Build 1423+Key-T.F.K
2015-02-12 21:16 - 2015-02-12 21:16 - 00000000 ____D () C:\Users\Matze\Downloads\ZD Soft Screen Recorder 6.6 Final Incl. Keys [ATOM]
2015-02-12 21:09 - 2015-02-21 02:12 - 00000000 ____D () C:\Users\Matze\AppData\Local\Eftion
2015-02-12 21:09 - 2015-02-12 21:09 - 00000000 __SHD () C:\Users\Matze\AppData\Local\EmieBrowserModeList
2015-02-12 20:54 - 2015-02-12 20:54 - 00000000 ____D () C:\Users\Matze\AppData\Local\DVDVideoSoft_Ltd
2015-02-12 20:50 - 2015-02-12 20:50 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\DivX
2015-02-12 20:48 - 2015-02-12 20:48 - 03529880 _____ (DVDVideoSoft Ltd. ) C:\Users\Matze\Downloads\FreeScreenVideoRecorder.exe
2015-02-12 20:38 - 2015-02-12 20:38 - 03529352 _____ (DVDVideoSoft Ltd. ) C:\Users\Matze\Downloads\FreeVideoCallRecorder.exe
2015-02-12 17:53 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 17:53 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 17:37 - 2015-02-11 17:44 - 00000000 ____D () C:\Users\Matze\Downloads\Peter Doherty - 2009 - Grace Wastelands
2015-02-11 01:40 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 01:40 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 01:40 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 01:40 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 01:40 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 01:40 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 01:40 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 01:40 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 01:40 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 01:40 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 01:40 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 01:40 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 01:40 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 01:40 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 01:40 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 01:40 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 01:40 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 01:40 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 01:40 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 01:40 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 01:40 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 01:40 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 01:40 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 01:40 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 01:40 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 01:40 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-11 01:39 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-11 01:39 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 01:39 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 01:39 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 01:39 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 01:39 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 01:39 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 01:39 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 01:39 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 01:39 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 01:39 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 01:39 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 01:39 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 01:39 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 01:39 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 01:39 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 01:39 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 01:39 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 01:39 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 01:39 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 01:39 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 01:39 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 01:39 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 01:39 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 01:39 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 01:39 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 01:39 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 01:39 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 01:39 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 01:39 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 01:39 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 01:39 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 01:39 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 01:39 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 01:39 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 01:39 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-11 01:39 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 01:39 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 01:39 - 2014-12-09 00:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-10 23:42 - 2015-02-11 22:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-10 23:42 - 2015-02-10 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-10 16:46 - 2015-02-10 16:46 - 00026974 _____ () C:\Users\Matze\Downloads\Libertines - Last Post On The Bugle (Pro) (1).gp4
2015-02-09 17:00 - 2015-02-09 17:00 - 00308709 _____ () C:\Users\Matze\Downloads\mp3DC220.exe
2015-02-09 16:56 - 2015-02-09 17:46 - 00000000 ____D () C:\Users\Matze\Downloads\Babyshambles - Sequel To The Prequel (Deluxe Edition) 2013 [320 Kbps]
2015-02-09 16:56 - 2015-02-09 16:56 - 00000945 _____ () C:\Users\Matze\Downloads\Babyshambles - Sequel to the prequel (2013).cue
2015-02-03 12:36 - 2015-02-03 12:36 - 00000000 ____D () C:\ProgramData\TEMP
2015-02-03 12:36 - 2015-02-03 12:36 - 00000000 ____D () C:\ProgramData\Licenses
2015-02-03 12:29 - 2015-02-13 00:05 - 00000000 ____D () C:\Program Files (x86)\Setup Wizard
2015-02-03 12:29 - 2015-02-03 12:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Setup Wizard
2015-02-03 12:29 - 2007-06-04 15:10 - 00132880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2015-02-03 12:29 - 1999-05-06 23:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Comdlg32.ocx
2015-01-23 13:42 - 2015-01-27 09:25 - 00001456 _____ () C:\Users\Matze\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-01-23 13:39 - 2015-01-23 13:39 - 00000132 _____ () C:\Users\Matze\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 03:08 - 2013-11-05 15:50 - 01893445 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 03:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-21 02:56 - 2014-02-22 19:58 - 00000000 ____D () C:\Users\Matze\AppData\Local\CrashDumps
2015-02-21 02:54 - 2014-02-21 23:02 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 02:49 - 2014-02-21 22:35 - 00000000 ____D () C:\Users\Matze
2015-02-21 02:00 - 2014-07-29 20:56 - 00000000 ____D () C:\Users\Matze\AppData\Local\Adobe
2015-02-20 22:47 - 2014-02-21 22:47 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1635521525-480761495-2417052547-1002
2015-02-20 20:54 - 2014-02-21 23:02 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 18:30 - 2013-08-22 15:46 - 00034910 _____ () C:\Windows\setupact.log
2015-02-20 18:28 - 2013-11-06 00:35 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-02-20 18:28 - 2013-11-06 00:35 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-02-20 18:28 - 2013-09-05 13:31 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 18:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-20 17:17 - 2014-12-29 05:55 - 00000016 _____ () C:\Users\Matze\AppData\Roaming\msregsvv.dll
2015-02-20 17:17 - 2014-12-29 05:55 - 00000016 _____ () C:\ProgramData\autobk.inc
2015-02-20 07:24 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-20 02:17 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-20 01:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-19 10:59 - 2014-08-04 09:38 - 00000000 ___RD () C:\Users\Matze\Dropbox
2015-02-19 10:58 - 2014-08-04 09:37 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-19 10:58 - 2014-08-04 09:35 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\Dropbox
2015-02-19 10:57 - 2014-02-26 01:05 - 00000000 ____D () C:\Users\Matze\AppData\Local\Deployment
2015-02-19 10:26 - 2014-02-25 15:37 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\uTorrent
2015-02-18 00:55 - 2014-03-07 00:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-18 00:54 - 2014-02-25 19:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-16 06:24 - 2014-12-04 10:10 - 00000000 ____D () C:\Program Files (x86)\iExplorer
2015-02-14 22:54 - 2014-11-29 16:01 - 00000000 ____D () C:\Users\Matze\AppData\Local\AviraSpeedup
2015-02-14 22:54 - 2014-11-25 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-02-14 22:52 - 2014-11-25 10:41 - 00003320 _____ () C:\Windows\System32\Tasks\AviraSpeedup
2015-02-14 22:48 - 2013-09-05 13:28 - 00197812 _____ () C:\Windows\PFRO.log
2015-02-13 09:22 - 2014-06-16 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-12 23:55 - 2014-02-26 15:01 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\Skype
2015-02-12 21:07 - 2014-04-17 03:13 - 00004548 _____ () C:\Users\Matze\AppData\Roaming\CamStudio.cfg
2015-02-12 21:07 - 2014-04-17 03:13 - 00000408 _____ () C:\Users\Matze\AppData\Roaming\CamShapes.ini
2015-02-12 21:07 - 2014-04-17 03:13 - 00000408 _____ () C:\Users\Matze\AppData\Roaming\CamLayout.ini
2015-02-12 21:07 - 2014-04-17 03:13 - 00000096 _____ () C:\Users\Matze\AppData\Roaming\Camdata.ini
2015-02-12 20:57 - 2014-06-16 15:58 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-12 20:57 - 2014-06-16 15:57 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\DVDVideoSoft
2015-02-12 19:07 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-12 12:30 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-12 02:18 - 2014-04-07 23:07 - 00000000 ____D () C:\Program Files\CamStudio 2.7
2015-02-11 23:38 - 2014-04-17 00:00 - 00000096 _____ () C:\Users\Matze\AppData\Roaming\version2.xml
2015-02-11 23:32 - 2013-08-22 15:44 - 05239448 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 22:53 - 2014-02-26 15:01 - 00000000 ____D () C:\ProgramData\Skype
2015-02-11 17:39 - 2014-07-09 18:57 - 00000000 ____D () C:\Users\Matze\Documents\My CamStudio Temp Files
2015-02-11 01:56 - 2014-02-22 14:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 01:52 - 2014-02-22 14:54 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 01:51 - 2013-08-22 14:25 - 00000199 _____ () C:\Windows\win.ini
2015-02-09 18:13 - 2014-11-07 10:05 - 00000000 ____D () C:\Users\Matze\Documents\John Stuart Mill
2015-02-06 21:23 - 2014-11-05 13:50 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-06 21:23 - 2014-11-05 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-06 21:23 - 2014-11-05 13:50 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-02-06 20:49 - 2014-02-21 23:02 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-06 20:49 - 2014-02-21 23:02 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 20:31 - 2014-09-17 18:35 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-09-17 18:35 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 09:13 - 2014-10-12 16:29 - 00000000 ____D () C:\Users\Matze\AppData\Roaming\vlc
==================== Files in the root of some directories =======
2014-04-08 22:17 - 2014-03-04 07:37 - 0000226 _____ () C:\Program Files\update-southpark.bat
2015-01-23 13:39 - 2015-01-23 13:39 - 0000132 _____ () C:\Users\Matze\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2014-04-17 03:13 - 2015-02-12 21:07 - 0000096 _____ () C:\Users\Matze\AppData\Roaming\Camdata.ini
2014-04-17 03:13 - 2015-02-12 21:07 - 0000408 _____ () C:\Users\Matze\AppData\Roaming\CamLayout.ini
2014-04-17 03:13 - 2015-02-12 21:07 - 0000408 _____ () C:\Users\Matze\AppData\Roaming\CamShapes.ini
2014-04-17 03:13 - 2015-02-12 21:07 - 0004548 _____ () C:\Users\Matze\AppData\Roaming\CamStudio.cfg
2014-12-24 02:47 - 2014-12-24 02:47 - 0000200 _____ () C:\Users\Matze\AppData\Roaming\MRPINK.MTBF.txt
2014-12-29 05:55 - 2015-02-20 17:17 - 0000016 _____ () C:\Users\Matze\AppData\Roaming\msregsvv.dll
2014-04-17 00:00 - 2015-02-11 23:38 - 0000096 _____ () C:\Users\Matze\AppData\Roaming\version2.xml
2014-12-24 02:47 - 2014-12-24 20:24 - 0000602 _____ () C:\Users\Matze\AppData\Roaming\__AvidCloudManager.log
2014-12-24 02:47 - 2014-12-24 02:47 - 0000549 _____ () C:\Users\Matze\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-05-28 19:35 - 2014-05-28 19:35 - 0000037 ___SH () C:\Users\Matze\AppData\Local\20986331705021ca58edc424.96250074
2015-01-23 13:42 - 2015-01-27 09:25 - 0001456 _____ () C:\Users\Matze\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-12-17 09:09 - 2014-12-24 02:47 - 0004608 _____ () C:\Users\Matze\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-19 01:13 - 2015-01-19 01:13 - 0019408 _____ () C:\Users\Matze\AppData\Local\Temp99.PNG
2014-12-29 05:55 - 2015-02-20 17:17 - 0000016 _____ () C:\ProgramData\autobk.inc
2013-11-05 16:23 - 2013-11-05 16:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Matze\AppData\Local\Temp\avgnt.exe
C:\Users\Matze\AppData\Local\Temp\AviraSetup207281.exe
C:\Users\Matze\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnfgcup.dll
C:\Users\Matze\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps2myw6.dll
C:\Users\Matze\AppData\Local\Temp\DSETUP.dll
C:\Users\Matze\AppData\Local\Temp\dsetup32.dll
C:\Users\Matze\AppData\Local\Temp\DXSETUP.exe
C:\Users\Matze\AppData\Local\Temp\FreeScreenVideoRecorder.exe
C:\Users\Matze\AppData\Local\Temp\FreeVideoCallRecorder.exe
C:\Users\Matze\AppData\Local\Temp\mp3el2.exe
C:\Users\Matze\AppData\Local\Temp\ose00000.exe
C:\Users\Matze\AppData\Local\Temp\ose00001.exe
C:\Users\Matze\AppData\Local\Temp\ose00002.exe
C:\Users\Matze\AppData\Local\Temp\ose00003.exe
C:\Users\Matze\AppData\Local\Temp\PidGenX.dll
C:\Users\Matze\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Matze\AppData\Local\Temp\upnp.exe
C:\Users\Matze\AppData\Local\Temp\uttD0FE.tmp.exe
C:\Users\Matze\AppData\Local\Temp\uttE249.tmp.exe
C:\Users\Matze\AppData\Local\Temp\vpsetup.exe
C:\Users\Matze\AppData\Local\Temp\x264enc5.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-20 16:00
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2015 01
Ran by Matze at 2015-02-21 02:52:37
Running from C:\Users\Matze\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.03.3000 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 2.04.2005 - Acer)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.3002.6 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.3003.1 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.3004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.3001 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Album Art Downloader XUI 1.01 (HKLM-x32\...\Album Art Downloader XUI) (Version: 1.01 - hxxp://sourceforge.net/projects/album-art)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AmpliTube 3 version 3.14.0 (HKLM\...\{DA5202AC-12BF-4330-B8EA-BC77F991FA1C}_is1) (Version: 3.14.0 - IK Multimedia)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira System Speedup 1.6 (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6 - 2000 - 2015 Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Custom Shop version 1.5.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.5.0 - IK Multimedia)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Drum Machine 1.33 BETA (HKLM-x32\...\Drum Machine) (Version: 1.33 BETA - Andrew Rudson)
EaseUS MobiSaver 3.1 (HKLM-x32\...\EaseUS MobiSaver 3.1_is1) (Version: - EaseUS)
Focusrite USB 2.0 Audio Driver 2.5.1 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5.1 - Focusrite Audio Engineering Limited.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter version 5.0.46.820 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.)
Free AVI Video Converter version 5.0.54.1215 (HKLM-x32\...\Free AVI Video Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version: - musetips.com)
Free Screen Video Recorder version 2.5.40.128 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 2.5.40.128 - DVDVideoSoft Ltd.)
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
iFunbox (v2.7.2386.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.7.2386.747 - )
IK Multimedia Authorization Manager version 1.0.10 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.10 - IK Multimedia)
Installation Wizard (HKLM-x32\...\Installation Wizard_is1) (Version: - Installation Wizard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3277 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
iPhone Folders (HKLM-x32\...\{53DA6CFE-7CDE-4F72-9E23-39AAC686DE17}) (Version: 1.0.32 - Redart)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
KMSpico v9.2.3 (HKLM\...\KMSpico_is1) (Version: 9.2.3 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Letasoft Sound Booster Version 1.2 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.2 - Letasoft LLC)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
LoopBe1 - Internal MIDI Port (HKLM-x32\...\LoopBe1) (Version: - )
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
ME-25 Librarian (HKLM-x32\...\InstallShield_{06C89319-FE17-435D-BF51-66F5C15E6CDA}) (Version: 1.00.1000 - BOSS Corporation)
ME-25 Librarian (x32 Version: 1.00.1000 - BOSS Corporation) Hidden
Microsoft Office Language Pack 2013 - German/Deutsch (HKLM\...\Office15.OMUI.de-de) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NCH Debut Video Capture Software Pro v1.74 (HKLM-x32\...\NCH Debut Video Capture Software Pro v1.741.74) (Version: 1.74 - Friends in War)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\Pokki) (Version: 0.265.14.261 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PriceSparrow (HKLM-x32\...\{3F2DC1E7-A56F-49D8-B0CF-DB2300594497}) (Version: 1.4.9 - Ciuvo GmbH) <==== ATTENTION
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21238 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Road Redemption version 0.9.034 (HKLM-x32\...\Road Redemption_is1) (Version: 0.9.034 - GMT-MAX.ORG)
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0407-1000-0000000FF1CE}_Office15.OMUI.de-de_{4A8F14BC-FE6D-4FC8-AA48-14D574A71843}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Spielkanäle (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 9.2.0.11 - WildTangent, Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
SUPER © v2014.build.60+Recorder (2014/02/18) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.60+Recorder - eRightSoft)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.81 - NCH Software)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1) (HKLM\...\CF1FC201D237269A9CD51A3A6B14ADBF67175C32) (Version: 09/25/2013 2.5.128.1 - Focusrite)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Winrar Activator Version 1.2 (HKLM-x32\...\{AE0B3F2A-EB65-4D01-A3E1-6D879C6AAF2A}_is1) (Version: 1.2 - Rarlab)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{905A4D64-E752-4BC1-9D18-F7747F4C7D87}) (Version: 1.9.0 - Yamaha Corporation)
Yamaha Steinberg USB Driver (Version: 1.9.0 - Yamaha Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1635521525-480761495-2417052547-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635521525-480761495-2417052547-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635521525-480761495-2417052547-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635521525-480761495-2417052547-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635521525-480761495-2417052547-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635521525-480761495-2417052547-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635521525-480761495-2417052547-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635521525-480761495-2417052547-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635521525-480761495-2417052547-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1635521525-480761495-2417052547-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Matze\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
==================== Restore Points =========================
17-02-2015 05:16:22 Avira Free Antivirus - 17.02.2015 05:16
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0D487BB0-FCEF-4CF6-8087-4E9FE0C15708} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {388F0AB4-297A-4639-B32E-AD1DA0C331B8} - System32\Tasks\SUPERAntiSpyware Scheduled Task 5bbf76c7-a9e6-401d-b1d4-a8915562d9ec => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {423BAE11-7633-47F7-904E-1698C60B5F04} - System32\Tasks\AdobeAAMUpdater-1.0-MrPink-Matze => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {50D4FFA8-988A-4FE6-AC72-6AA76070FBC0} - System32\Tasks\{BC47D336-059B-43E3-9F41-F00EC17F47E4} => pcalua.exe -a "C:\Users\Matze\Downloads\Adobe Photoshop 7.0+Serial Keys [TeryongNoypi]\Adobe Photoshop 7.0\Setup.exe" -d "C:\Users\Matze\Downloads\Adobe Photoshop 7.0+Serial Keys [TeryongNoypi]\Adobe Photoshop 7.0"
Task: {51E2FB13-688E-4958-8213-9A4207A4162C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-11] (Microsoft Corporation)
Task: {54A606C1-031E-45CF-A187-41701A1368C4} - System32\Tasks\SUPERAntiSpyware Scheduled Task 30e8a3b2-67b1-4509-ad2c-9f6805d5d754 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {560CBED9-5DD7-4769-9ED9-BA9AE47B129B} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {6BD96AD8-DEE7-49E8-9FED-468E4E7AC44C} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {6FB22A88-B76F-48BA-B9EE-C4FF474749D3} - System32\Tasks\pricesparrowSWU => Cscript.exe "C:\Program Files (x86)\PriceSparrow\Internet Explorer\swu.vbs"
Task: {713BA481-6D23-438D-B12A-49AD0FECBAF4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {7B2064A9-56D8-4A2D-A6CB-CE0B44628459} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-21] (Google Inc.)
Task: {85DE04FD-4AE7-47A9-806B-A479809A7653} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9AEA2655-5013-4426-A133-B52F71204056} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {ADC3A92B-E102-4139-8757-C05F0B0AA365} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {B5211056-64A6-4E6B-9A4B-415E89676BEA} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-07-08] (Dolby Laboratories Inc.)
Task: {BDEC1EA8-2BE2-438A-970B-9BFE8F301ABF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-21] (Google Inc.)
Task: {C11A9852-204D-4F0D-AEAB-72238DC75C4F} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-01-30] (Avira Operations GmbH & Co. KG)
Task: {CB187100-A617-44B8-BC0B-5D9198D86BFB} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {D649EBCC-E171-4692-9E0D-584D8317C889} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {F871D1F9-3D78-4612-BE3A-5C682109BD2F} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2014-02-13] (Acer Incorporated)
Task: {F9A9EBAC-5FBF-4E6E-9BB7-09AAF38AFD89} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-03-02] ()
Task: {FC3B97C1-0000-40EA-A9BC-B012F3220936} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 30e8a3b2-67b1-4509-ad2c-9f6805d5d754.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5bbf76c7-a9e6-401d-b1d4-a8915562d9ec.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Loaded Modules (whitelisted) ==============
2013-11-05 16:10 - 2013-08-30 04:03 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-11 02:51 - 2014-10-11 02:54 - 00040960 _____ () C:\Users\Matze\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
2013-11-05 16:52 - 2013-07-30 18:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-02-12 21:09 - 2015-02-12 21:09 - 02696704 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2015-02-12 21:09 - 2015-02-12 21:09 - 02224640 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-07-08 18:53 - 2013-07-08 18:53 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-23 13:26 - 2010-03-23 13:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2015-02-14 21:22 - 2015-02-14 21:22 - 00011776 _____ () C:\Users\Matze\AppData\Local\IQFsoft\loader_u.dll
2013-11-05 16:08 - 2013-09-04 00:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-03-11 11:01 - 2013-03-11 11:01 - 00186600 _____ () C:\Program Files (x86)\PriceSparrow\Internet Explorer\pricesparrow.dll
2013-11-05 16:52 - 2013-07-30 18:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-02-20 01:55 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 01:55 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 01:55 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-20 01:55 - 2015-02-17 23:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Matze\Cookies:roePOuIiL0zl2kh8muC3PWD
AlternateDataStreams: C:\Users\Matze\AppData\Local\fNsQUUj5Sk2:eKhTOMc7eYfJnV6yHIksFTZ
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Matze\Pictures\anarchie.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "vpngui.exe.lnk"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\StartupApproved\Run: => "Eftion"
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\StartupApproved\Run: => "{42EC14D2-4742-864B-8E06-11BF743FF29B}"
HKU\S-1-5-21-1635521525-480761495-2417052547-1002\...\StartupApproved\Run: => "Xvid"
==================== Accounts: =============================
Administrator (S-1-5-21-1635521525-480761495-2417052547-500 - Administrator - Disabled)
Gast (S-1-5-21-1635521525-480761495-2417052547-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1635521525-480761495-2417052547-1004 - Limited - Enabled)
Matze (S-1-5-21-1635521525-480761495-2417052547-1002 - Administrator - Enabled) => C:\Users\Matze
UpdatusUser (S-1-5-21-1635521525-480761495-2417052547-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Realtek PCIe GBE Family Controller #2
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: StorLib bus (virtual storages support)
Description: StorLib bus (virtual storages support)
Class Guid: {1378e71b-ab4d-4348-af26-cba56b12969e}
Manufacturer: EldoS Corporation
Service: cbfs3
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/20/2015 05:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172
Error: (02/20/2015 05:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172
Error: (02/20/2015 05:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/20/2015 03:32:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452eed9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0d74f
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000e581f
ID des fehlerhaften Prozesses: 0x1a4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (02/20/2015 07:28:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452eed9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0d74f
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000e581f
ID des fehlerhaften Prozesses: 0x10bc
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (02/20/2015 07:27:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pokki.exe, Version: 0.265.14.261, Zeitstempel: 0x5202d16d
Name des fehlerhaften Moduls: libPokki.dll, Version: 23.0.1271.64, Zeitstempel: 0x5202d0ad
Ausnahmecode: 0x80000003
Fehleroffset: 0x000629c0
ID des fehlerhaften Prozesses: 0x458
Startzeit der fehlerhaften Anwendung: 0xpokki.exe0
Pfad der fehlerhaften Anwendung: pokki.exe1
Pfad des fehlerhaften Moduls: pokki.exe2
Berichtskennung: pokki.exe3
Vollständiger Name des fehlerhaften Pakets: pokki.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pokki.exe5
Error: (02/20/2015 02:20:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: pokki.exe, Version: 0.265.14.261, Zeitstempel: 0x5202d16d
Name des fehlerhaften Moduls: libPokki.dll, Version: 23.0.1271.64, Zeitstempel: 0x5202d0ad
Ausnahmecode: 0x80000003
Fehleroffset: 0x000629c0
ID des fehlerhaften Prozesses: 0x1514
Startzeit der fehlerhaften Anwendung: 0xpokki.exe0
Pfad der fehlerhaften Anwendung: pokki.exe1
Pfad des fehlerhaften Moduls: pokki.exe2
Berichtskennung: pokki.exe3
Vollständiger Name des fehlerhaften Pakets: pokki.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: pokki.exe5
Error: (02/20/2015 02:18:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Service_KMS.exe, Version: 13.1.0.0, Zeitstempel: 0x5313ef48
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0x00000000
Fehleroffset: 0x00007ffb919c0399
ID des fehlerhaften Prozesses: 0x7dc
Startzeit der fehlerhaften Anwendung: 0xService_KMS.exe0
Pfad der fehlerhaften Anwendung: Service_KMS.exe1
Pfad des fehlerhaften Moduls: Service_KMS.exe2
Berichtskennung: Service_KMS.exe3
Vollständiger Name des fehlerhaften Pakets: Service_KMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Service_KMS.exe5
Error: (02/20/2015 01:17:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_winethc.dll, Version: 6.3.9600.16384, Zeitstempel: 0x5215f00d
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0e17a
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec4a0
ID des fehlerhaften Prozesses: 0x1964
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_winethc.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_winethc.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_winethc.dll2
Berichtskennung: rundll32.exe_winethc.dll3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe_winethc.dll4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe_winethc.dll5
Error: (02/20/2015 00:36:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452eed9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0d74f
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000e581f
ID des fehlerhaften Prozesses: 0x1d14
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
System errors:
=============
Error: (02/20/2015 04:01:42 PM) (Source: DCOM) (EventID: 10010) (User: MrPink)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/20/2015 04:01:12 PM) (Source: DCOM) (EventID: 10010) (User: MrPink)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/20/2015 03:55:26 PM) (Source: DCOM) (EventID: 10010) (User: MrPink)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (02/20/2015 03:54:56 PM) (Source: DCOM) (EventID: 10010) (User: MrPink)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (02/20/2015 07:25:01 AM) (Source: DCOM) (EventID: 10016) (User: MrPink)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MrPinkMatzeS-1-5-21-1635521525-480761495-2417052547-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/20/2015 07:25:00 AM) (Source: DCOM) (EventID: 10016) (User: MrPink)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MrPinkMatzeS-1-5-21-1635521525-480761495-2417052547-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (02/20/2015 07:24:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Service KMSELDI" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/20/2015 07:24:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AddonsHelper" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (02/20/2015 07:23:33 AM) (Source: DCOM) (EventID: 10005) (User: MrPink)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (02/20/2015 07:23:19 AM) (Source: DCOM) (EventID: 10005) (User: MrPink)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}
Microsoft Office Sessions:
=========================
Error: (02/20/2015 05:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172
Error: (02/20/2015 05:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172
Error: (02/20/2015 05:46:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/20/2015 03:32:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9ntdll.dll6.3.9600.1763054b0d74fc0000409000e581f1a401d04d1a158c0d91C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dll53573b86-b90d-11e4-8295-e5cd3cf6e6ef
Error: (02/20/2015 07:28:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9ntdll.dll6.3.9600.1763054b0d74fc0000409000e581f10bc01d04cd682508f24C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dllc078b003-b8c9-11e4-8295-e5cd3cf6e6ef
Error: (02/20/2015 07:27:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: pokki.exe0.265.14.2615202d16dlibPokki.dll23.0.1271.645202d0ad80000003000629c045801d04cd6454c53a0C:\Users\Matze\AppData\Local\Pokki\Engine\pokki.exeC:\Users\Matze\AppData\Local\Pokki\Engine\libPokki.dll844a409b-b8c9-11e4-8295-e5cd3cf6e6ef
Error: (02/20/2015 02:20:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: pokki.exe0.265.14.2615202d16dlibPokki.dll23.0.1271.645202d0ad80000003000629c0151401d04cab74a93bd3C:\Users\Matze\AppData\Local\Pokki\Engine\pokki.exeC:\Users\Matze\AppData\Local\Pokki\Engine\libPokki.dllb71f6523-b89e-11e4-8293-089e01f2d12b
Error: (02/20/2015 02:18:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Service_KMS.exe13.1.0.05313ef48unknown0.0.0.0000000000000000000007ffb919c03997dc01d04cab1afc8d78C:\Program Files\KMSpico\Service_KMS.exeunknown6180bc8b-b89e-11e4-8293-089e01f2d12b
Error: (02/20/2015 01:17:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe_winethc.dll6.3.9600.163845215f00dUSER32.dll6.3.9600.1763054b0e17ac000014200000000000ec4a0196401d04ca2a5986ac7C:\Windows\System32\rundll32.exeUSER32.dlle34c8a68-b895-11e4-8292-089e01f2d12b
Error: (02/20/2015 00:36:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9ntdll.dll6.3.9600.1763054b0d74fc0000409000e581f1d1401d04c9ce4ff14e0C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\ntdll.dll22e875c6-b890-11e4-8292-089e01f2d12b
CodeIntegrity Errors:
===================================
Date: 2014-11-02 03:43:44.772
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-29 21:18:59.529
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-24 09:48:05.380
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-21 13:37:59.818
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-10-18 15:42:56.468
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-27 04:14:03.017
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-22 13:58:11.541
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-09-16 15:31:17.329
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-30 03:32:49.062
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-08-18 09:52:45.425
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 34%
Total physical RAM: 8072.27 MB
Available physical RAM: 5316.57 MB
Total Pagefile: 9352.27 MB
Available Pagefile: 6071.01 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:913.7 GB) (Free:724.23 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 1BB47C17)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
| Themen zu Windows 8.1: Dauernde Trojanerfunde - Crypt.Xpack / Z.pack /.. |
| antivir, antivirus, avira, bonjour, browser, converter, cubase, desktop, device driver, downloader, dringend, dvdvideosoft ltd., failed, google, home, kmspico, launch, malware, problem, programm, realtek, security, software, super, svchost.exe, symantec, tr/crypt.xpack.gen, trojaner, updates, virus, windows, wma |
Baum-Darstellung