Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   WIN7: Internet reagiert kaum (https://www.trojaner-board.de/159824-win7-internet-reagiert-kaum.html)

Shizmo 16.10.2014 23:05
WIN7: Internet reagiert kaum
 
Hallo,

ich glaube ich habe mir was eingefangen, seit Gestern funktioniert mein Internet nicht mehr wirklich, ca. alle 2 Minuten geht es für 1ne Minute ganz normal, dann reagiert es wieder gar nicht. Habe es schon mit Chrome, Firefox und IE probiert und immer dasselbe. Mit meinem Laptop und Handy im gleichen WLAN Netz funktioniert es allerdings ganz normal. Habs auch schon versucht mit Firewall und AVIRA Echtzeitscanner zu deaktivieren, hilft auch nichts. Beim Status von der Netzwerkverbindung passt aber alles, Übertragungsrate 54MBit/s und das Signal ist auch sehr gut. Habe auch schon den Antivirus drüber laufen lassen und der findet auch nichts.

OTL-Logfile + Extra im Anhang (gesplittet jeweils auf 2 Teile) und eine CCleaner Install Liste.

Vielen Dank für eure Hilfe!!
LG

Bootsektor 16.10.2014 23:28
:hallo:

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Wie ist die Verbindung, wenn du den Rechner per LAN mit dem Router verbindest?

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Shizmo 17.10.2014 07:09
Hallo, danke für deine Mühe.
Beim Runterladen von FRST hat es immer nach 1,6MB abgebrochen, dann stand im Chrome unter "Alle Downloads anzeigen": Unbekannter Netzwerkfehler.

Leider habe ich kein solanges LAN-Kabel, dass ich das ausprobieren kann.

Hier FRST.txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by M***** (administrator) on M*****-PC on 17-10-2014 07:59:11
Running from C:\Users\M*****\Downloads
Loaded Profile: M***** (Available profiles: M*****)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apache Software Foundation) C:\xampp\apache\bin\apache.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
() C:\xampp\mysql\bin\mysqld.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(BySoft) C:\Program Files (x86)\BySoft FreeRAM\FreeRAM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Apache Software Foundation) C:\xampp\apache\bin\apache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [5684736 2008-03-31] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2008-03-31] (Realtek Semiconductor Corp.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\WB: C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll [X]
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\Run: [BySoft FreeRAM] => C:\Program Files (x86)\BySoft FreeRAM\FreeRAM.exe [318976 2004-12-17] (BySoft)
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {03237c71-914d-11e1-a203-0024211eaa99} - G:\AutoRun.exe
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {03237c87-914d-11e1-a203-0024211eaa99} - G:\AutoRun.exe
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {5e7e3d28-dab4-11e2-bcb4-00223ffdfbe7} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {857e358c-6cb7-11e2-8d81-0024211eaa99} - G:\AutoRun.exe
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {87bfdab6-db56-11e1-ad6e-002185029185} - G:\AutoRun.exe
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {d0517809-2a13-11e3-bd5d-0024211eaa99} - I:\HTC_Sync_Manager_PC.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.alternate.net
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.aon.at
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alternate.net
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://at.search.yahoo.com?type=677874&fr=spigot-yhp-ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - DefaultScope {74C6F829-D0BE-4D84-ADFB-155DC8E56E30} URL = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=677874&p={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {74C6F829-D0BE-4D84-ADFB-155DC8E56E30} URL = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=677874&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://at.search.yahoo.com?type=677874&fr=spigot-yhp-ff
FF Keyword.URL: hxxp://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=677874&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @bittorrent.com/BitTorrentDNA -> C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbittorrent.dll (BitTorrent, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: PC Sync 2 Synchronisation Extension - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\bkmrksync@nokia.com [2008-08-01]
FF Extension: Conduit Engine  - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\engine@conduit.com [2011-04-17]
FF Extension: Free Download Manager plugin - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\fdm_ffext@freedownloadmanager.org [2013-03-08]
FF Extension: Move Media Player - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\moveplayer@movenetworks.com [2009-11-06]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-28]
FF Extension: Adobe DLM (powered by getPlus(R)) - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} [2008-07-07]
FF Extension: Slick Savings - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\savingsslider@mybrowserbar.com.xpi [2014-04-10]
FF Extension: YouTube to MP3 - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\youtube2mp3@mondayx.de.xpi [2011-05-02]
FF Extension: FlashGot - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-03-08]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-21]
FF Extension: DownThemAll! - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-02-22]
FF Extension: Greasemonkey - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-10-14]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-07]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2012-10-17]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2012-10-17]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-17]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "https://www.google.at/"
CHR Profile: C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-27]
CHR Extension: (Google Drive) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-27]
CHR Extension: (Freemake Video Downloader) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-04-27]
CHR Extension: (Google-Suche) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-27]
CHR Extension: (Freemake Video Downloader) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-04-27]
CHR Extension: (Google Wallet) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-27]
CHR Extension: (Google Mail) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-27]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-10-17]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2012-10-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [581000 2014-04-01] (Autodesk Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 Apache2.2; c:\xampp\apache\bin\apache.exe [24636 2008-12-10] (Apache Software Foundation) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
S4 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S4 DAUpdaterSvc; C:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-11-23] (Freemake) [File not signed]
S4 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-03] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
S4 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 mysql; c:\xampp\mysql\bin\mysqld.exe [6447744 2008-11-15] ()
S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S4 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [173616 2007-02-07] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [648472 2014-08-14] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2012-05-14] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S3 L6TPortGX; C:\Windows\System32\Drivers\L6TPortGX64.sys [772864 2013-10-18] (Line 6)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2008-07-07] ()
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RDID1104; C:\Windows\System32\Drivers\rdwm1104.sys [197888 2009-11-30] (Roland Corporation)
S3 SaiK0CEA; C:\Windows\System32\DRIVERS\SaiK0CEA.sys [129024 2008-04-04] (Saitek)
S3 SaiU0CEA; C:\Windows\System32\DRIVERS\SaiU0CEA.sys [34432 2008-04-04] (Saitek)
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75640 2006-07-05] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
S3 SIS162u; C:\Windows\System32\DRIVERS\sis162u.sys [242432 2005-05-06] (SiS Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-15] () [File not signed]
S4 StarOpen; No ImagePath
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [43792 2009-08-05] (Sun Microsystems, Inc.)
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [13560 2006-11-02] (Cyberlink Corp.)
U3 aevmrk9s; C:\Windows\System32\Drivers\aevmrk9s.sys [0 ] (Microsoft Corporation)
S4 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S4 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S4 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S4 NPF; system32\drivers\NPF.sys [X]
S4 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S4 tsusbhub; system32\drivers\tsusbhub.sys [X]
S4 VGPU; System32\drivers\rdvgkmd.sys [X]
S4 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-17 07:59 - 2014-10-17 07:59 - 00029051 _____ () C:\Users\M*****\Downloads\FRST.txt
2014-10-17 07:59 - 2014-10-17 07:59 - 00000000 ____D () C:\FRST
2014-10-17 07:58 - 2014-10-17 07:58 - 02112000 _____ (Farbar) C:\Users\M*****\Downloads\FRST64 (1).exe
2014-10-17 07:56 - 2014-10-17 07:58 - 02112000 _____ (Farbar) C:\Users\M*****\Downloads\FRST64.exe
2014-10-17 07:37 - 2014-10-17 07:38 - 00076224 _____ () C:\Windows\setupact.log
2014-10-17 07:37 - 2014-10-17 07:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-16 23:57 - 2014-10-16 23:57 - 00125790 _____ () C:\Users\M*****\Downloads\Extras.Txt
2014-10-16 23:50 - 2014-10-17 00:04 - 00000000 ____D () C:\Users\M*****\Documents\Bug
2014-10-16 23:38 - 2014-10-16 23:38 - 00602112 _____ (OldTimer Tools) C:\Users\M*****\Downloads\OTL.exe
2014-10-16 23:05 - 2014-10-16 23:05 - 00005804 _____ () C:\Users\M*****\Documents\cc_20141016_230511.reg
2014-10-14 01:26 - 2014-10-14 01:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-03 20:35 - 2014-10-03 20:35 - 00000000 ____D () C:\Users\Public\Documents\ZBrushData
2014-10-03 20:34 - 2014-10-03 20:34 - 00001133 _____ () C:\Users\Public\Desktop\ZBrush 4R6.lnk
2014-10-03 20:34 - 2014-10-03 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic
2014-10-03 20:33 - 2014-10-03 20:33 - 00000000 ____D () C:\Users\Public\Pixologic
2014-10-03 20:31 - 2014-10-03 20:31 - 00000000 ____D () C:\Program Files (x86)\Pixologic
2014-10-03 19:31 - 2014-10-17 07:47 - 00005080 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for M*****-PC-M***** M*****-PC
2014-10-03 19:25 - 2014-10-03 19:25 - 00120746 _____ () C:\Users\M*****\Documents\cc_20141003_192548.reg
2014-10-03 19:18 - 2014-10-03 19:18 - 00000000 ____D () C:\Users\M*****\Documents\Shade_Empire-Zero_Nexus-(Advance)-2008-FNT
2014-10-03 18:47 - 2014-10-03 18:47 - 00000000 ____D () C:\Users\M*****\Downloads\Autoruns_1203
2014-10-03 15:31 - 2014-10-03 15:31 - 00275494 _____ () C:\Users\M*****\Documents\cc_20141003_153152.reg
2014-10-03 15:31 - 2014-10-03 15:31 - 00004398 _____ () C:\Users\M*****\Documents\cc_20141003_153101.reg
2014-10-03 14:21 - 2014-10-17 07:48 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-10-01 22:17 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 22:17 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-24 18:33 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 18:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-18 10:53 - 2014-09-18 10:53 - 00003120 _____ () C:\Windows\System32\Tasks\{C57DB961-CDAA-4FE0-B62B-B7F4F01B94B5}
2014-09-17 22:25 - 2014-09-17 22:25 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\Flux
2014-09-17 22:20 - 2014-09-17 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flux sound and picture development
2014-09-17 22:18 - 2014-09-17 22:18 - 00000000 ____D () C:\Program Files (x86)\Flux

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-17 07:53 - 2010-03-09 21:16 - 01381272 _____ () C:\Windows\WindowsUpdate.log
2014-10-17 07:53 - 2010-03-09 20:15 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-17 07:53 - 2010-03-09 20:15 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-17 07:53 - 2010-01-11 11:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-17 07:48 - 2008-07-07 17:04 - 00000000 ____D () C:\Users\M*****\AppData\Local\Adobe
2014-10-17 07:40 - 2009-02-19 16:41 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-17 07:37 - 2010-01-11 11:15 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-17 07:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-17 07:37 - 2009-07-14 04:34 - 00000288 _____ () C:\Windows\system.ini
2014-10-17 07:37 - 2008-07-02 17:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-17 00:09 - 2012-05-23 12:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-16 23:31 - 2014-06-19 20:52 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\FileZilla
2014-10-16 23:09 - 2010-03-10 10:36 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3E305E16-1E2C-4F71-A29F-EAEEC5BCC348}
2014-10-16 23:02 - 2010-03-15 20:49 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\DAEMON Tools Lite
2014-10-16 23:02 - 2008-07-08 16:07 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\BitTorrent
2014-10-15 00:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-14 19:09 - 2012-04-24 21:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-14 17:56 - 2008-07-10 14:32 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\vlc
2014-10-14 10:20 - 2014-09-16 06:10 - 00001097 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-14 10:20 - 2014-05-01 18:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-14 10:20 - 2012-11-20 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-14 10:20 - 2012-11-20 11:40 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-09 15:02 - 2013-05-09 22:09 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-09 15:02 - 2013-04-03 15:06 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-09 15:02 - 2013-04-03 15:06 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-07 17:57 - 2013-11-22 15:52 - 00000000 ____D () C:\Users\M*****\Downloads\share-online
2014-10-07 17:30 - 2010-03-02 21:29 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-10-06 12:28 - 2013-04-05 09:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-10-04 17:12 - 2008-07-10 14:22 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\dvdcss
2014-10-04 13:37 - 2009-07-14 06:45 - 05370016 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-03 20:47 - 2014-03-30 11:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-03 19:28 - 2013-01-17 10:31 - 00000000 ____D () C:\Users\M*****\Downloads\1
2014-10-03 19:10 - 2012-05-01 08:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge
2014-10-03 19:10 - 2012-05-01 08:47 - 00000000 ____D () C:\Program Files (x86)\Gameforge
2014-10-03 19:04 - 2010-03-09 22:08 - 00120288 _____ () C:\Users\M*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-03 19:04 - 2010-03-08 14:31 - 00000000 ____D () C:\Program Files (x86)\NCSoft
2014-10-03 19:04 - 2009-03-02 23:09 - 00000000 ____D () C:\ProgramData\InstallShield
2014-10-03 19:04 - 2008-07-02 17:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-03 19:03 - 2008-09-29 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2014-10-03 19:03 - 2008-09-29 20:06 - 00000000 ____D () C:\Program Files (x86)\MagicISO
2014-10-03 19:02 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-03 19:01 - 2008-07-07 19:34 - 00000000 ____D () C:\Users\M*****\AppData\Local\GameSpy
2014-10-03 18:51 - 2014-09-02 14:47 - 00003352 _____ () C:\Users\M*****\Documents\Uninstall Dragon Age 2.log
2014-10-03 18:49 - 2008-07-07 16:30 - 00000000 ____D () C:\Users\M*****\Documents\My Games
2014-09-27 19:44 - 2013-01-27 14:24 - 00000112 _____ () C:\Windows\SysWOW64\w3data.vss
2014-09-27 19:44 - 2013-01-27 14:24 - 00000112 _____ () C:\Windows\SysWOW64\msvcsv60.dll
2014-09-27 19:44 - 2013-01-27 14:24 - 00000112 _____ () C:\Windows\msocreg32.dat
2014-09-27 19:30 - 2014-05-27 23:50 - 00000016 _____ () C:\Users\M*****\AppData\Roaming\msregsvv.dll
2014-09-27 19:30 - 2014-05-27 23:50 - 00000016 _____ () C:\ProgramData\autobk.inc
2014-09-25 13:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-24 20:25 - 2014-07-01 17:16 - 00000000 ____D () C:\Cakewalk Projects
2014-09-24 19:09 - 2012-05-23 12:42 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 19:09 - 2012-05-23 12:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 19:09 - 2011-11-29 22:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 16:53 - 2013-01-24 11:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-19 20:54 - 2009-07-14 19:58 - 00780072 _____ () C:\Windows\system32\perfh007.dat
2014-09-19 20:54 - 2009-07-14 19:58 - 00178686 _____ () C:\Windows\system32\perfc007.dat
2014-09-19 20:54 - 2009-07-14 07:13 - 01824584 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-18 12:16 - 2008-07-07 19:44 - 00000000 ____D () C:\Program Files (x86)\Trillian
2014-09-18 11:10 - 2008-07-07 16:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-18 11:00 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-17 22:20 - 2014-07-01 15:54 - 00000000 ____D () C:\Program Files (x86)\Cakewalk
2014-09-17 17:47 - 2009-08-30 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2014-09-17 17:45 - 2009-08-30 00:34 - 00000000 ____D () C:\Program Files (x86)\IK Multimedia

Files to move or delete:
====================
C:\ProgramData\sysqcl1129139270.dat
C:\Users\Public\daemon-lite.exe
C:\Users\Public\HamachiSetup-1.0.2.5-de.exe
C:\Users\Public\Nero-8.1.1.4_deu_trial.exe
C:\Users\Public\Oburis Launcher.exe


Some content of TEMP:
====================
C:\Users\M*****\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-10-06 00:54

==================== End Of Log ============================
--- --- ---


Und die Addition.txt

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2014
Ran by M***** at 2014-10-17 08:00:18
Running from C:\Users\M*****\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
802.11b USB Wireless LAN Adapter (HKLM\...\SiS162u) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (x32 Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Default Language CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (HKLM-x32\...\Adobe_c015d5ef39552390a753ee735d16041) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Illustrator CS3 (x32 Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 (HKLM-x32\...\{6F86810F-BE5B-4FB1-BA5A-EFD8F65F5EE4}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (x32 Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
AmpliTube 3 version 3.11.2 (HKLM\...\{DA5202AC-12BF-4330-B8EA-BC77F991FA1C}_is1) (Version: 3.11.2 - IK Multimedia)
AmpliTube Metal (HKLM-x32\...\{9EDEF5B1-B740-4DFF-AC16-E2428E1713E8}) (Version: 1.0.0 - IK Multimedia)
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.1 - CrystalIdea Software, Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
Auto Gordian Knot 2.55 (HKLM-x32\...\AutoGK) (Version: 2.55 - len0x)
Autodesk 3ds Max 2015 (HKLM\...\Autodesk 3ds Max 2015) (Version: 17.0.630.0 - Autodesk)
Autodesk 3ds Max 2015 (Version: 17.0.630.0 - Autodesk) Hidden
Autodesk 3ds Max 2015 Populate Data (HKLM\...\{57E92DED-DC6C-41E5-B9E1-76D83BD2EABE}) (Version: 17.0.0.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 2.2.12.0 - Autodesk)
Autodesk Backburner 2015 (HKLM-x32\...\{8C5F38D2-8EFE-49A4-B3F5-BF3210FED168}) (Version: 15.0.0.0 - Autodesk)
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
Autodesk Inventor Server Engine for 3ds Max 2015 (HKLM\...\{9167CA34-4E48-49E3-8892-3C439739D2D3}) (Version: 17.0 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2015 (HKLM-x32\...\{9F6466D9-6EFC-4A10-B931-C72D1A3F1763}) (Version: 5.2.9.100 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2015) (Version: 15.0.107.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2015 (Version: 15.0.107.0 - Autodesk) Hidden
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKCU\...\BitTorrent) (Version: 6.0.3 - BitTorrent, Inc)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.6.1 - BitTorrent Inc.)
Borderlands 2 (HKLM-x32\...\Borderlands 2_is1) (Version:  - )
BySoft FreeRAM 4.0 (HKLM-x32\...\BySoft FreeRAM) (Version: 4.0 - BySoft)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
ControlMK 0.232 (HKLM-x32\...\ControlMK) (Version: 0.232 - Redcl0ud)
ConvertXtoDVD 4.0.6.316 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.6.316 - )
Cubase 5 (HKLM\...\{51AC53CA-6D26-459A-9BDF-53BAEB3E11A3}) (Version: 5.1.2 - Steinberg)
Custom Shop version 1.3.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.3.0 - IK Multimedia)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B6FBF358-6B5E-4DE4-8BC5-892C87BBD3B4}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.9 - DivX, LLC)
Dr. DivX 2.0 OSS (HKCU\...\Dr. DivX 2.0 OSS) (Version:  - )
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.03 - Electronic Arts, Inc.)
EVEREST Ultimate Edition v4.20 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 4.20 - Lavalys, Inc.)
EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.0 - Toontrack)
EZmix 64-bit (HKLM\...\{3D83CC9F-E2E1-47AE-B1AF-F6D3A8825196}) (Version: 2.0.8 - Toontrack)
EZXCocktail (HKLM-x32\...\{147567F0-8575-4BE0-B5B3-62706C67FA5A}) (Version: 1.0 - Toontrack)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Firebird v2.0 (HKLM-x32\...\Tone2 Firebird_is1) (Version:  - Tone2)
FL Studio 8 (HKLM-x32\...\FL Studio 8) (Version:  - Image-Line bvba)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
Flux:: BitterSweet II (HKLM-x32\...\{14692E89-A126-4D2E-9E0C-FA7BC3FEE29C}) (Version: 1.4.0.0 - Flux:: sound and picture development)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
FLV.com FLV Converter 4.7 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-997AF4905D9C}) (Version: 4.7 - GreenTree Applications SRL)
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Free YouTube to MP3 Converter version 3.12.29.304 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.29.304 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.4.0 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.11.0 - Futuremark Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.6.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{F838C3DD-5785-4F19-AD0F-BD532C8A31F4}) (Version: 2.1.76.0 - HTC)
IK Multimedia Authorization Manager version 1.0.9 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.9 - IK Multimedia)
IL Juice Pack (HKLM-x32\...\IL Juice Pack) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
IsoBuster 2.4 (HKLM-x32\...\IsoBuster_is1) (Version: 2.4 - Smart Projects)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)
Java(TM) 6 Update 6 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - Sun Microsystems, Inc.)
Java(TM) 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
JDownloader (HKLM-x32\...\JDownloader) (Version: 0.89 - AppWork UG (haftungsbeschränkt))
JPEGmini (HKCU\...\1e743bb8905c901f) (Version: 1.8.20.0 - ICVT Ltd)
K-Lite Codec Pack 5.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.2.0 - )
KRISTAL Audio Engine (HKLM-x32\...\KRISTAL Audio Engine) (Version:  - )
Latency Optimizer FREE VERSION (HKLM-x32\...\{2A9767A4-577D-4806-A121-7F0010F6BC60}) (Version: 3.0.1 - Badosoft)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version:  - Line 6)
Locate32 (HKLM-x32\...\Locate) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
ME-25 Librarian (HKLM-x32\...\InstallShield_{06C89319-FE17-435D-BF51-66F5C15E6CDA}) (Version: 1.00.1000 - BOSS Corporation)
ME-25 Librarian (x32 Version: 1.00.1000 - BOSS Corporation) Hidden
ME-25-Treiber (HKLM\...\RolandRDID0104) (Version:  - Roland Corporation)
Melodyne 3.1 (x32 Version: 3.1.0200 - Celemony Software GmbH) Hidden
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Melodyne singletrack (HKLM-x32\...\{16DF894D-FC3F-4B87-908D-671E201CD7A8}) (Version: 2.01.0115 - Celemony Software GmbH)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM-x32\...\M953297) (Version:  - )
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Windows XP Video Decoder Checkup Utility (HKLM-x32\...\DECCHECK) (Version:  - )
Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
MotioninJoy DS3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0005 - www.motioninjoy.com)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM-x32\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Controller Editor (Version: 1.3.5.667 - Native Instruments) Hidden
Native Instruments DrumMicA (HKLM-x32\...\Native Instruments DrumMicA) (Version:  - Native Instruments)
Native Instruments DrumMicA (Version: 1.0.0.002 - Native Instruments) Hidden
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version:  - Native Instruments)
Native Instruments FM8 (Version: 1.2.0.1016 - Native Instruments) Hidden
Native Instruments Guitar Rig 4 (HKLM-x32\...\Native Instruments Guitar Rig 4) (Version:  - Native Instruments)
Native Instruments Guitar Rig 4 (Version: 4.0.7.960 - Native Instruments) Hidden
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (Version: 5.0.1.2447 - Native Instruments) Hidden
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (Version: 5.0.3.5812 - Native Instruments) Hidden
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Massive (Version: 1.3.0.2050 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Nero 8 (HKLM-x32\...\{B944FA21-81AF-4A77-8328-CE4F4CC51031}) (Version: 8.10.20 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NETGEAR WG111v3 wireless USB 2.0 adapter (HKLM-x32\...\InstallShield_{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}) (Version: 1.01.10 - NETGEAR)
NETGEAR WG111v3 wireless USB 2.0 adapter (x32 Version: 1.01.10 - NETGEAR) Hidden
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PowerDVD (HKLM-x32\...\InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.30.0000 - CyberLink)
PowerDVD (x32 Version: 7.30.0000 - CyberLink) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProjectSAM Symphobia 2 (HKLM-x32\...\ProjectSAM Symphobia 2) (Version:  - ProjectSAM)
ProjectSAM Symphobia 2 (Version: 1.0.0.001 - ProjectSAM) Hidden
RAM Idle LE (HKLM-x32\...\RAM Idle LE_is1) (Version: 1.5.0 - TweakNow)
Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
reFX Nexus 1.0.0 (HKLM-x32\...\{84D04D4F-2201-4AED-BE9A-FFA62069CA19}_is1) (Version: 1.0.0 - reFX)
reFX Nexus 1.0.9 (HKLM-x32\...\reFX Nexus 1.0.9_is1) (Version:  - )
ReValver Mk II (HKLM-x32\...\ReValver Mk II_is1) (Version:  - )
ReValver Mk III (HKLM-x32\...\ReValver Mk III_is1) (Version:  - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Rocksmith (HKLM-x32\...\Rocksmith_is1) (Version:  - )
S-Gear2 (HKLM\...\{0BDEF193-EE20-4028-9124-3DC653A7B0AF}) (Version: 2.2.6 - Scuffham Amps)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
SLOW-PCfighter (Version: 1.6.21 - SPAMfighter ApS) Hidden
Softube Metal Amp Room VST RTAS v1.1.5 (HKLM-x32\...\Softube Metal Amp Room VST RTAS_is1) (Version:  - )
Softube Plug-Ins (VST AAX 64-bit) (HKLM\...\Softube Plug-Ins (VST AAX 64-bit)) (Version:  - )
SONAR X3 Producer (x64) (HKLM-x32\...\SONARX3Producer_x64_is1) (Version: 20.0 - Cakewalk Music Software)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.5.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Virtual Bassist v1.0.0.504 (HKLM-x32\...\Steinberg Virtual Bassist v1.0.0.504) (Version:  - )
Steinberg VoiceMachine v1.0 (HKLM-x32\...\Steinberg VoiceMachine v1.0) (Version:  - )
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Superior Drummer 64-bit (HKLM\...\{22029AEE-38DF-4E35-AEF4-FE8CA3F6667F}) (Version: 2.3.2 - Toontrack)
SyncroSoft Emu (Remove only) (HKLM-x32\...\SyncroSoft Emu) (Version:  - )
Syncrosofts Lizenz Kontrolle (HKLM-x32\...\Syncrosoft's License Control) (Version:  - Syncrosoft Hard- Und Software GmbH)
System Requirements Lab (HKLM-x32\...\{9E1BAB75-EB78-440D-94C0-A3857BE2E733}) (Version: 4.1.71.0 - Husdawg, LLC)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
System Requirements Lab Test (HKLM-x32\...\{D62576C2-C084-4698-974A-5BE77714FDDD}) (Version: 5.0.6.0 - Husdawg, LLC)
T-RackS 3 Brickwall Limiter (HKLM-x32\...\{0F52F370-B2ED-43E4-8545-F7810D349390}) (Version: 1.0.0 - IK Multimedia)
T-RackS 3 Linear Phase EQ (HKLM-x32\...\{2E309E7D-F7AD-4D5B-9505-9DAAFCC1C22A}) (Version: 1.0.0 - IK Multimedia)
T-RackS 3 Opto Compressor (HKLM-x32\...\{6D18A0F2-4A5E-4CC1-915E-B91B85BEC762}) (Version: 1.0.0 - IK Multimedia)
T-RackS 3 Program EQ 1A (HKLM-x32\...\{A3AC50F5-8209-43F1-84B7-5CF732A51862}) (Version: 1.0.0 - IK Multimedia)
T-RackS 3 Vintage Compressor 670 (HKLM-x32\...\{97F40ED6-C2F9-422F-BFDC-BDABAD01675A}) (Version: 1.0.0 - IK Multimedia)
Transcribe! 8.31 (HKLM-x32\...\Transcribe!_is1) (Version: 8.31 - Seventh String Software)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2889861) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{6A34D28A-A780-405D-BF1A-F054542A37C8}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F1FFD0B3-9F20-4EE7-ACED-5B63DFA018D8}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2889860) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{75FECCEB-66B8-4376-8A25-6137D30D3C93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7A4AB8E1-C091-4BD3-B308-844BA6EE752A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881001) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF1B7B95-4A86-4605-A628-556394B5580A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3033838D-15E0-4199-8CBD-A7F2057AE653}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2881039) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C675FC43-E413-49A7-B3DC-44967B4FE22D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E919ACF4-A1D7-4CAA-A103-5EB115563721}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{39D9DAC1-16A7-430A-B2F3-4D3D000454D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E12997A4-DAEC-4563-B330-F21EB71880D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F9C35D99-CA8E-4D17-B785-66AC654D5664}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{18C53DCB-FA98-4A7B-BC2E-6DA30D4E4901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{540B47E7-0F89-4CA1-8BFA-5CF377A963AF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2883095) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EADBF225-163E-406B-B11A-26ECCCAB5A0E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889848) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A9D59DD4-0591-447A-AEEB-DC1FEE5502BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889862) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CC0535B0-340B-4740-A63D-DBBE389DC83A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2889940) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{36772E16-D3FA-440E-B001-0BEB2B1FCE47}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5E9FA8D8-45A9-4223-A5A8-285CB6188592}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BFD66A5D-F608-441E-9282-41E13F5E7412}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2889847) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{7F1008C2-8C87-497F-B6D8-56B53DA0FAB3}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{C07147B9-CC0B-4CC1-A107-A705889A54F2}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2889852) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{01839F84-E94C-4E47-BEBE-95DF9CAE5FF3}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VideoLAN VLC media player 0.8.6h (HKLM-x32\...\VLC media player) (Version: 0.8.6h - VideoLAN Team)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.9w3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
winLAME 2010 beta 2 (HKLM-x32\...\{63C16E81-327C-49B6-9643-4F5EFD8A6B2D}) (Version: 1.0.2010.2 - Michael Fink)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
XviD MPEG4 Video Codec (remove only) (HKLM-x32\...\XviD MPEG4 Video Codec) (Version:  - )
ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1319131921-239364623-2864319773-1001_Classes\CLSID\{5F27566F-F6A9-4d3a-BABE-C8B796702C2C}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

==================== Restore Points  =========================

10-10-2014 17:08:17 Windows Update
14-10-2014 11:29:07 Windows Update
16-10-2014 22:18:46 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 14:34 - 2014-08-29 22:45 - 00000911 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com
127.0.0.1 activation.guitar-pro.com
127.0.0.1 activate.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {097C412F-1110-4521-89B0-F91B1F993152} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {0C4B8C11-0751-46E8-A0CD-59430A174C94} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {0E67E431-5D20-4C54-9A1D-446D1A3F7EFE} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {10B394E0-0E96-4260-B098-62F005BD4946} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {3414D38A-E3A2-4390-A88A-35CA8498E0C0} - System32\Tasks\Microsoft Office 15 Sync Maintenance for M*****-PC-M***** M*****-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {4F25AEB5-E13F-41B9-8BBD-635DB0D47A28} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {5A38CC08-34F2-480D-85D2-FBABB20FF0CC} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2009-07-14] (Microsoft Corporation)
Task: {635017AB-24AA-4FC0-8F12-05EBFC0885B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-11] (Google Inc.)
Task: {67AEE40E-9B7B-4081-AC9E-42642FA91DB3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6D6D00F3-0E46-4D99-8EB2-4DB3539426EB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {795761E7-572D-4017-9D8F-A64B3A94BB86} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {7E24A022-3E9E-4BDF-B4C7-0B87877283FD} - System32\Tasks\AdobeAAMUpdater-1.0-M*****-PC-M***** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-12-15] (Adobe Systems Incorporated)
Task: {8001BC38-AA1A-4A42-8D98-C69F248B2FE8} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-03-30] ()
Task: {8F1B3B77-B4B1-4C70-82BF-9648829F25B0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {9D740AFE-7BD7-4DA7-BCE8-9CD8AC11E6AA} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {A555A918-7D9A-429F-B4CE-B01089FB0E37} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-11] (Google Inc.)
Task: {B11B5914-161E-4DDB-814B-1D2A5447B914} - System32\Tasks\{A87CC8C2-F97F-4D55-B4DE-FFCEF3333635} => C:\Program Files (x86)\Guitar Pro 6\GuitarPro.exe [2011-06-30] ()
Task: {BE66C492-9E63-4FFE-BF20-670ACD0CB4AD} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {C9CF0603-FCBE-4CF6-8D38-8AC9CCB9EA00} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {E7063982-7A2F-40B0-95EB-5017E02328D4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {EB4A7377-E0EE-45C0-8EBF-A8983622899A} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {FE8FD2D0-CE5C-469C-852B-539A26D398EF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-04-24 16:27 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-07-07 13:18 - 2006-12-11 02:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-08-28 12:28 - 2014-08-14 19:41 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2013-04-05 09:50 - 2011-02-07 09:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2008-11-15 06:53 - 2008-11-15 06:53 - 06447744 _____ () c:\xampp\mysql\bin\mysqld.exe
2011-02-01 20:34 - 2007-09-02 14:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2008-01-18 01:17 - 2008-01-18 01:17 - 00073782 _____ () c:\xampp\apache\bin\zlib1.dll
2007-02-04 11:14 - 2007-02-04 11:14 - 00020687 _____ () C:\xampp\php\zendOptimizer\lib\ZendExtensionManager.dll
2008-12-08 20:33 - 2008-12-08 20:33 - 00166912 _____ () c:\xampp\apache\bin\libmcrypt.dll
2008-12-17 20:48 - 2008-12-17 20:48 - 01646592 _____ () c:\xampp\apache\bin\LIBMYSQL.dll
2008-12-08 20:33 - 2008-12-08 20:33 - 00464172 _____ () c:\xampp\apache\bin\LIBPQ.dll
2007-10-25 10:34 - 2007-10-25 10:34 - 00163840 _____ () c:\xampp\apache\bin\pslib.dll
2007-10-30 14:28 - 2007-10-30 14:28 - 00086016 _____ () c:\xampp\apache\bin\pxlib.dll
2008-01-07 17:47 - 2008-01-07 17:47 - 00721095 _____ () C:\xampp\php\zendOptimizer\lib\Optimizer\php-5.2.x\ZendOptimizer.dll
2011-02-01 20:34 - 2007-09-02 14:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2008-01-18 01:17 - 2008-01-18 01:17 - 00073782 _____ () C:\xampp\apache\bin\zlib1.dll
2008-12-08 20:33 - 2008-12-08 20:33 - 00166912 _____ () C:\xampp\apache\bin\libmcrypt.dll
2008-12-17 20:48 - 2008-12-17 20:48 - 01646592 _____ () C:\xampp\apache\bin\LIBMYSQL.dll
2008-12-08 20:33 - 2008-12-08 20:33 - 00464172 _____ () C:\xampp\apache\bin\LIBPQ.dll
2007-10-25 10:34 - 2007-10-25 10:34 - 00163840 _____ () C:\xampp\apache\bin\pslib.dll
2007-10-30 14:28 - 2007-10-30 14:28 - 00086016 _____ () C:\xampp\apache\bin\pxlib.dll
2014-06-01 11:08 - 2014-06-01 11:08 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-09-25 12:56 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 12:56 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 12:56 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 12:56 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 12:56 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdAppMgrSvc => 2
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DAUpdaterSvc => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: FreemakeVideoCapture => 2
MSCONFIG\Services: getPlus(R) Helper => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gusvc => 2
MSCONFIG\Services: HTCMonitorService => 2
MSCONFIG\Services: mi-raysat_3dsmax2015_64 => 3
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NIHardwareService => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\Services: RelevantKnowledge => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WG111v3 Setup-Assistent.lnk => C:\Windows\pss\NETGEAR WG111v3 Setup-Assistent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^M*****^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Locate32 Autorun.lnk => C:\Windows\pss\Locate32 Autorun.lnk.Startup
MSCONFIG\startupreg: 1aonmessagecenter => C:\Program Files (x86)\aon\aonMessageCenter\aonMessageCenter.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: BitTorrent DNA => "C:\Users\M*****\Program Files (x86)\DNA\btdna.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: CommonToolkitTray => C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EA Core => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
MSCONFIG\startupreg: H2O => C:\Program Files (x86)\SyncroSoft\Pos\H2O\cledx.exe
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: MMAgent => C:\Program Files (x86)\Mobile Master\MMAgent.exe
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PC Suite Tray => "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\pdf24\PDFBackend.exe"
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SaitekInstall => "C:\Windows\temp\Saitek\RANGE_Saitek_Mice_SD6_64_Drivers\00000013\setup.exe" -S2 -R -WEB
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\M*****\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: WinSys2 => C:\Windows\system32\startup.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1319131921-239364623-2864319773-500 - Administrator - Disabled)
ASPNET (S-1-5-21-1319131921-239364623-2864319773-1003 - Limited - Enabled)
Gast (S-1-5-21-1319131921-239364623-2864319773-501 - Limited - Enabled)
M***** (S-1-5-21-1319131921-239364623-2864319773-1001 - Administrator - Enabled) => C:\Users\M*****

==================== Faulty Device Manager Devices =============

Name: atksgt
Description: atksgt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: atksgt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: StarForce Protection Environment Driver (version 1.x)
Description: StarForce Protection Environment Driver (version 1.x)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sfdrv01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: StarForce Protection Synchronization Driver (version 2.x)
Description: StarForce Protection Synchronization Driver (version 2.x)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sfsync02
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/17/2014 07:38:06 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (10/17/2014 07:38:06 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (10/17/2014 07:38:06 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (10/16/2014 11:15:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 37.0.2062.124, Zeitstempel: 0x5420d868
Name des fehlerhaften Moduls: DivXMFSource.dll, Version: 1.0.0.72, Zeitstempel: 0x4cffcf66
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009b890
ID des fehlerhaften Prozesses: 0x16a4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (10/16/2014 10:55:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (10/16/2014 10:55:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (10/16/2014 10:55:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (10/14/2014 07:10:59 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (10/14/2014 07:10:59 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (10/14/2014 07:10:59 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]


System errors:
=============
Error: (10/17/2014 07:45:57 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (10/17/2014 07:39:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01
sfsync02

Error: (10/17/2014 07:37:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (10/17/2014 07:37:44 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (10/17/2014 07:36:29 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfdrv01.sys konnte nicht geladen werden.

Error: (10/17/2014 07:36:27 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfsync02.sys konnte nicht geladen werden.

Error: (10/16/2014 11:09:28 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (10/16/2014 11:03:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (10/16/2014 10:59:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (10/16/2014 10:56:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01
sfsync02


Microsoft Office Sessions:
=========================
Error: (10/17/2014 07:38:06 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (10/17/2014 07:38:06 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (10/17/2014 07:38:06 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (10/16/2014 11:15:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chrome.exe37.0.2062.1245420d868DivXMFSource.dll1.0.0.724cffcf66c00000050009b89016a401cfe9860e3e6852C:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXMFSource.dll8ab68c40-5579-11e4-b813-0024211eaa99

Error: (10/16/2014 10:55:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (10/16/2014 10:55:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (10/16/2014 10:55:15 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (10/14/2014 07:10:59 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (10/14/2014 07:10:59 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (10/14/2014 07:10:59 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]


CodeIntegrity Errors:
===================================
  Date: 2010-12-01 18:28:46.687
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sis162u.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-12-01 18:28:46.678
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sis162u.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-12-01 18:22:39.606
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sis162u.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-12-01 18:22:39.597
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sis162u.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-12-01 18:20:14.334
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sis162u.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-12-01 18:20:14.325
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sis162u.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-12-01 18:18:59.570
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sis162u.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-12-01 18:18:59.561
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sis162u.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-12-01 18:12:29.299
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sis162u.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-12-01 18:12:29.290
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\sis162u.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q9450 @ 2.66GHz
Percentage of memory in use: 47%
Total physical RAM: 4095.3 MB
Available physical RAM: 2149.23 MB
Total Pagefile: 10235.48 MB
Available Pagefile: 7762.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:82.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:465.76 GB) (Free:32.87 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 88534563)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: C8FC207B)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Shizmo 17.10.2014 18:06
Hallo,

habe mal Malwarebytes und AdwCleaner drüber laufen lassen, gebracht hat es aber nichts (inkl löschen), anbei die Logfiles und ein frisches FRST Logfile.

Adwcleaner.txt:
Code:
# AdwCleaner v4.000 - Bericht erstellt am 17/10/2014 um 18:36:21
# DB v
# Aktualisiert 12/10/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : M***** - M*****-PC
# Gestartet von : C:\Users\M*****\Downloads\AdwCleaner_4.000.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.3 (x86 de)

[6kfb7tw2.default] - Zeile gelöscht : # Mozilla User Preferences
[6kfb7tw2.default] - Zeile gelöscht :
[6kfb7tw2.default] - Zeile gelöscht : /* Do not edit this file.
[6kfb7tw2.default] - Zeile gelöscht :  *
[6kfb7tw2.default] - Zeile gelöscht :  * If you make changes to this file while the application is running,
[6kfb7tw2.default] - Zeile gelöscht :  * the changes will be overwritten when the application exits.
[6kfb7tw2.default] - Zeile gelöscht :  *
[6kfb7tw2.default] - Zeile gelöscht :  * To make a manual change to preferences, you can visit the URL about:config
[6kfb7tw2.default] - Zeile gelöscht :  */
[6kfb7tw2.default] - Zeile gelöscht :
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050", "\"9cff5689a9eb1d040c801db2f523efbc2\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/AT", "\"0\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/AT", "\"0\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", "\"1343640511\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"803651ba7facb1:0\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"807dc126dd28cc1:0\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0e0a4327275cd1:0\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050", "\"c912886ea3ba021d3a9ef2d6ad700899\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"90a6f50158fc69d971d4e5b58046cce2\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"987ffb9097f367e1d1cd13edbd87ae54\"");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.IsEngineShown", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon May 09 2011 18:45:03 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Jun 24 2011 10:28:02 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Jun 24 2011 10:27:50 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.alert.userId", "{a0e43138-9211-44d6-97a5-387f88b8f1d1}");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.globalUserId", "c0bb52fc-7eb6-4611-87a6-532b411d959a");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Sun Jun 19 2011 22:32:39 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.CTID", "ConduitEngine");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Fri Jun 24 2011 10:27:50 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.FirstServerDate", "04/17/2011 12");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.FirstTime", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.Initialize", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.InstalledDate", "Sun Apr 17 2011 11:07:21 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Fri Jun 24 2011 10:27:50 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Fri Jun 24 2011 10:27:50 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Fri Jun 24 2011 10:27:50 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.UserID", "UN08811550695478765");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.componentAlertEnabled", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.engineLocale", "de");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Fri Jun 24 2011 10:27:50 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Fri Jun 24 2011 10:27:50 GMT+0200");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.initDone", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("ConduitEngine.usagesFlag", 2);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("accessibility.typeaheadfind.flashBar", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1413237031);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.lastUpdateTime.background-update-timer", 1413325141);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1413493692);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1413324901);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.lastUpdateTime.experiments-update-timer", 1413324781);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.lastUpdateTime.microsummary-generator-update-timer", 1314084864);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.lastUpdateTime.places-maintenance-timer", 1302818413);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1413325021);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.migrated.updateDir", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.never.3.5.2", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("app.update.never.3.6", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.cache.disk.capacity", 358400);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.cache.disk.smart_size.first_run", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.cache.disk.smart_size.use_old_max", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.cache.disk.smart_size_cached_value", 358400);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.cache.frecency_experiment", 3);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.download.dir", "C:\\Users\\M*****\\Downloads\\1");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.download.importedFromSqlite", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.download.lastDir", "C:\\Users\\M*****\\Downloads");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.download.manager.closeWhenDone", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.download.manager.retention", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.download.panel.firstSessionCompleted", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.download.panel.shown", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.download.save_converter_index", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.download.useDownloadDir", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.feeds.handler.default", "bookmarks");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.feeds.showFirstRunUI", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.history_expire_days.mirror", 180);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.history_expire_days_min", 60);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.keywordURLPromptDeclined", 1);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.migration.version", 22);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.newtabpage.storageVersion", 1);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.offline", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.pagethumbnails.storage_version", 3);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.panorama.experienced_first_run", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.panorama.session_restore_enabled_once", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.places.importBookmarksHTML", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.places.importDefaults", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.places.leftPaneFolderId", -1);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.places.migratePostDataAnnotations", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.places.smartBookmarksVersion", 7);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.places.updateRecentTagsUri", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.preferences.advanced.selectedTabIndex", 4);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.privatebrowsing.dont_prompt_on_enter", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.rights.3.shown", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "Yahoo!");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Yahoo!");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.sessionstore.upgradeBackup.latestBuildID", "20140923175406");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.shell.checkDefaultBrowser", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.slowStartup.averageTime", 9660);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.slowStartup.samples", 4);
[6kfb7tw2.default] - Zeile gelöscht :
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.startup.homepage_override.buildID", "20140923175406");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.startup.homepage_override.mstone", "32.0.3");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.taskbar.lastgroupid", "E7CF176E110C211B");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[6kfb7tw2.default] - Zeile gelöscht : user_pref("coupons.cnid", "677874");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("coupons.installed", "1");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("coupons.isn", "C3A4457738C827AE19272AB2CDCF65E0");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("coupons.pingInterval", "604800");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("coupons.ping_ts", "1413493576279");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("coupons.url", "[\"hxxp://i.spigjs.info/spig/javascript.js?hid=49&channel=FF\"]");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("coupons.urls", "[\"hxxps://i_spigjs_info.tlscdn.com/spig/javascript.js?hid=49&channel=FF\"]");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.healthreport.currentDaySubmissionFailureCount", 2);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.healthreport.lastDataSubmissionFailureTime", "1377262148943");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.healthreport.lastDataSubmissionRequestedTime", "1413493638811");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.healthreport.lastDataSubmissionSuccessfulTime", "1413233257608");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.healthreport.nextDataSubmissionTime", "1413328947829");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.healthreport.service.firstRun", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.policy.dataSubmissionPolicyAccepted", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.policy.dataSubmissionPolicyAcceptedVersion", 1);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.policy.dataSubmissionPolicyNotifiedTime", "1365969675718");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.policy.dataSubmissionPolicyResponseTime", "1365969984053");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.policy.dataSubmissionPolicyResponseType", "accepted-implicit-time-elapsed");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.policy.firstRunTime", "1365926459780");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.sessions.current.activeTicks", 19);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.sessions.current.clean", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.sessions.current.firstPaint", 14065);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.sessions.current.main", 10873);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.sessions.current.sessionRestored", 16202);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.sessions.current.startTime", "1413493560135");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.sessions.current.totalTime", 179);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.sessions.currentIndex", 70);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("datareporting.sessions.prunedIndex", 69);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("dom.disable_window_open_feature.status", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("dom.disable_window_status_change", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("dom.max_script_run_time", 1800);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("dom.mozApps.used", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("dom.w3c_touch_events.expose", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.blocklist.pingCountTotal", 405);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.blocklist.pingCountVersion", 2);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.databaseSchema", 16);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.dta.closedta", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.dta.history", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.dta.network.hxxp.max-connections", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.dta.ntask", 1);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.dta.saveasmode", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.dta.version", "2.0.17");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.enabledAddons", "moveplayer%40movenetworks.com:1.0.0.071303000004,savingsslider%40mybrowserbar.com:3.2,youtube2mp3%40mondayx.de:1.2.3,%7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2[...]
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}:6.0.06,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,{CAFEEFAC-0016-0000-0013[...]
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.getAddons.cache.lastUpdate", 1413274408);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.getAddons.databaseSchema", 5);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.greasemonkey.coralCacheWorks", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.greasemonkey.enabled", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.greasemonkey.haveInsertedToolbarbutton", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.greasemonkey.stats.prompted", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.greasemonkey.version", "2.2");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.hotfix.lastVersion", "20140527.01.3");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.lastAppVersion", "32.0.3");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.lastPlatformVersion", "32.0.3");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.pendingOperations", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.shownSelectionUI", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.ui.dictionary.hidden", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.ui.lastCategory", "addons://list/plugin");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.ui.locale.hidden", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("extensions.update.notifyUser", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.Net_Transport.encode", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.custom.Retriever.maxLinks", 10);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.custom.Uget.args", "[--hxxp-cookie-file=CFILE] [--hxxp-post-data=POST] [--hxxp-referer=REFERER] [--filename=FNAME] [--input-file=UFILE]");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.custom.XDM.args", "[-u URL] -m [-c COOKIE] [-r REFERER]");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.defaultDM", "DTA (Turbo)");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.detect.cache", "Integrierter Download-Manager,pyLoad,JDownloader,DTA (Turbo),DTA");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.dmchoice", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.dmsopts.GetRight.quiet", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.dmsopts.JDownloader.args", "-Xmx512m -jar ");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.dmsopts.JDownloader.path", "C:\\Program Files (x86)\\JDownloader\\JDownloader.jar");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.hide-all", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.hide-buildGallery", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.hide-it", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.hide-media", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.hide-options", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.hide-sel", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.decode_signature_func", "/* Not encoded. */ if (params.stream.sig) { return params.stream.sig; } /* 2014-10-15: hxxp://s.ytimg.com/yts/swfbin/player-vflKwNL_K/watch_a[...]
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.decode_signature_func.auto.last_update_ok", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.decode_signature_func.auto.last_update_time", 1413325207);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.decode_signature_func.timestamp", 16353);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_map.quality_sort_key.144", "144");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_map.quality_sort_key.144.itags", "17,160,278");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_map.quality_sort_key.240", "240");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_map.quality_sort_key.240.itags", "5,36,133,242");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_map.quality_sort_key.360", "360");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_map.quality_sort_key.360.itags", "18,43,134,243");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_map.quality_sort_key.480", "480");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_map.quality_sort_key.480.itags", "135,244");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_map.type.vid_webm.itags", "43,44,45,46,100,101,102,242,243,244,278");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_remap.type.vid_webm.itags", "43,44,45,46,100,101,102,242,278");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_remap.type.webm", "webm");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.YouTube.itag_remap.type.webm.itags", "243,244");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.dm", "Integrierter Download-Manager");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.media.iconInstalled", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.options.tabSelectedIndexes", "0");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("flashgot.version", "1.5.6.7");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("gecko.buildID", "20140923175406");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("gecko.mstone", "32.0.3");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("general.useragent.extra.microsoftdotnet", "( .NET CLR 3.5.30729; .NET4.0C)");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("gfx.direct2d.disabled", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("idle.lastDailyNotification", 1413239042);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("intl.charsetmenu.browser.cache", "windows-1252, UTF-8, ISO-8859-15, windows-1251, EUC-KR");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("keyword.URL", "hxxp://at.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=677874&p=");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("layers.acceleration.disabled", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("microsoft.CLR.auto_install", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("network.cookie.prefsMigrated", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("pdfjs.migrationVersion", 2);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("pdfjs.previousHandler.alwaysAskBeforeHandling", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("pdfjs.previousHandler.preferredAction", 4);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("places.database.lastMaintenance", 1413493639);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("places.history.expiration.transient_current_max_pages", 104858);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("places.history.expiration.transient_optimal_database_size", 167772160);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("places.last_vacuum", 1300903423);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("plugin.disable_full_page_plugin_for_types", "application/pdf");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("plugin.importedState", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("plugin.state.java", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("plugin.state.npwpf", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("pref.advanced.javascript.disable_button.advanced", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("pref.general.disable_button.default_browser", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("pref.privacy.disable_button.cookie_exceptions", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("pref.privacy.disable_button.view_cookies", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("pref.privacy.disable_button.view_passwords", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("pref.privacy.disable_button.view_passwords_exceptions", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.print_printer", "\\\\BÃœRO-PC\\HP DeskJet 710C");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_bgcolor", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_bgimages", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_command", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_downloadfonts", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_edge_bottom", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_edge_left", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_edge_right", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_edge_top", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_evenpages", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_footercenter", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_footerleft", "&PT");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_footerright", "&D");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_headercenter", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_headerleft", "&T");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_headerright", "&U");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_in_color", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_margin_bottom", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_margin_left", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_margin_right", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_margin_top", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_oddpages", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_orientation", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_pagedelay", 500);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_data", 9);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_height", " 11,00");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_size_type", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_size_unit", 1);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_width", "  8,50");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_reversed", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_scaling", "  1,00");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_shrink_to_fit", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_to_file", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_to_filename", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_unwriteable_margin_bottom", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_unwriteable_margin_left", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_unwriteable_margin_right", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print.printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_unwriteable_margin_top", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("print_printer", "\\\\BÃœRO-PC\\EPSON SX130 Series");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_bgcolor", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_bgimages", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_colorspace", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_command", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_downloadfonts", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_edge_bottom", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_edge_left", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_edge_right", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_edge_top", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_evenpages", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_footercenter", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_footerleft", "&PT");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_footerright", "&D");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_headercenter", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_headerleft", "&T");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_headerright", "&U");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_in_color", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_margin_bottom", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_margin_left", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_margin_right", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_margin_top", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_oddpages", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_orientation", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_page_delay", 50);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_paper_data", 9);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_paper_height", " 11,00");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_paper_name", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_paper_size_type", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_paper_size_unit", 1);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_paper_width", "  8,50");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_plex_name", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_resolution_name", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_reversed", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_scaling", "  1,00");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_shrink_to_fit", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_to_file", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_to_filename", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_unwriteable_margin_bottom", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_unwriteable_margin_left", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_unwriteable_margin_right", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\EPSON_SX130_Series.print_unwriteable_margin_top", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_bgcolor", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_bgimages", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_colorspace", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_command", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_downloadfonts", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_edge_bottom", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_edge_left", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_edge_right", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_edge_top", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_evenpages", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_footercenter", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_footerleft", "&PT");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_footerright", "&D");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_headercenter", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_headerleft", "&T");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_headerright", "&U");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_in_color", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_margin_bottom", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_margin_left", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_margin_right", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_margin_top", "0.5");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_oddpages", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_orientation", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_page_delay", 50);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_data", 9);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_height", " 11,00");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_name", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_size_type", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_size_unit", 1);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_paper_width", "  8,50");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_plex_name", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_resolution_name", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_reversed", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_scaling", "  1,00");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_shrink_to_fit", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_to_file", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_to_filename", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_unwriteable_margin_bottom", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_unwriteable_margin_left", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_unwriteable_margin_right", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("printer_\\\\BÃœRO-PC\\HP_DeskJet_710C.print_unwriteable_margin_top", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("privacy.sanitize.migrateFx3Prefs", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("security.warn_viewing_mixed", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("services.sync.clients.lastSync", "0");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("services.sync.clients.lastSyncLocal", "0");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("services.sync.declinedEngines", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("services.sync.engine.greasemonkey", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("services.sync.engineStatusChanged.greasemonkey", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("services.sync.globalScore", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("services.sync.migrated", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("services.sync.nextSync", 0);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("services.sync.tabs.lastSync", "0");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("services.sync.tabs.lastSyncLocal", "0");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("signon.importedFromSqlite", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("signon.rememberSignons", false);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("skype_codeprefix", "AT");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("skype_ff_toolbar_win.firstlaunch", "0");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("skype_ff_toolbar_win.guid", "%7B791141F4-9987-6CA5-542E-AED9618A8241%7D");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("skype_ff_toolbar_win.isocodesupdated", "1");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("skype_ff_toolbar_win.version", "2.2.0.102");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("storage.vacuum.last.index", 1);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("storage.vacuum.last.places.sqlite", 1412782294);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("toolkit.startup.last_success", 1413493571);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("toolkit.telemetry.previousBuildID", "20140923175406");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("toolkit.telemetry.prompted", 2);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey", 1415373022);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("view_source.wrap_long_lines", true);
[6kfb7tw2.default] - Zeile gelöscht : user_pref("xpinstall.whitelist.add", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("xpinstall.whitelist.add.103", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("xpinstall.whitelist.add.180", "");
[6kfb7tw2.default] - Zeile gelöscht : user_pref("xpinstall.whitelist.add.36", "");

-\\ Google Chrome v37.0.2062.124


*************************

AdwCleaner[R0].txt - [45753 octets] - [17/10/2014 18:35:24]
AdwCleaner[S0].txt - [45297 octets] - [17/10/2014 18:36:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [45358 octets] ##########
Malwarebytes.txt
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 17.10.2014 17:20:40, SYSTEM, M*****-PC, Manual, Rootkit Database, 2014.5.21.1, 2014.10.15.1,
Update, 17.10.2014 17:21:58, SYSTEM, M*****-PC, Manual, Malware Database, 2014.5.23.4, 2014.10.17.5,
Error, 17.10.2014 17:24:49, SYSTEM, M*****-PC, Manual, 0,
Update, 17.10.2014 17:36:16, SYSTEM, M*****-PC, Manual, program, 2.0.1.1004, 2.0.2.1012,
Protection, 17.10.2014 17:39:34, SYSTEM, M*****-PC, Protection, Malware Protection, Starting,
Protection, 17.10.2014 17:39:34, SYSTEM, M*****-PC, Protection, Malware Protection, Started,
Protection, 17.10.2014 17:39:34, SYSTEM, M*****-PC, Protection, Malicious Website Protection, Starting,
Protection, 17.10.2014 17:39:35, SYSTEM, M*****-PC, Protection, Malicious Website Protection, Started,
Update, 17.10.2014 17:40:01, SYSTEM, M*****-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.10.17.1,
Update, 17.10.2014 17:42:08, SYSTEM, M*****-PC, Manual, Malware Database, 2014.3.4.9, 2014.10.17.5,
Protection, 17.10.2014 17:43:10, SYSTEM, M*****-PC, Protection, Refresh, Starting,
Protection, 17.10.2014 17:43:10, SYSTEM, M*****-PC, Protection, Malicious Website Protection, Stopping,
Protection, 17.10.2014 17:43:10, SYSTEM, M*****-PC, Protection, Malicious Website Protection, Stopped,
Protection, 17.10.2014 17:43:15, SYSTEM, M*****-PC, Protection, Refresh, Success,
Protection, 17.10.2014 17:43:15, SYSTEM, M*****-PC, Protection, Malicious Website Protection, Starting,
Protection, 17.10.2014 17:43:15, SYSTEM, M*****-PC, Protection, Malicious Website Protection, Started,
Protection, 17.10.2014 18:40:06, SYSTEM, M*****-PC, Protection, Malware Protection, Starting,
Protection, 17.10.2014 18:40:07, SYSTEM, M*****-PC, Protection, Malware Protection, Started,
Protection, 17.10.2014 18:40:07, SYSTEM, M*****-PC, Protection, Malicious Website Protection, Starting,
Protection, 17.10.2014 18:42:56, SYSTEM, M*****-PC, Protection, Malicious Website Protection, Started,

(end)
FRST.txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-10-2014
Ran by M***** (administrator) on M*****-PC on 17-10-2014 18:49:55
Running from C:\Users\M*****\Downloads
Loaded Profile: M***** (Available profiles: M*****)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
() C:\Windows\AutoKMS\AutoKMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apache Software Foundation) C:\xampp\apache\bin\apache.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\xampp\mysql\bin\mysqld.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Apache Software Foundation) C:\xampp\apache\bin\apache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(BySoft) C:\Program Files (x86)\BySoft FreeRAM\FreeRAM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(OldTimer Tools) C:\Users\M*****\Downloads\OTL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [5684736 2008-03-31] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2008-03-31] (Realtek Semiconductor Corp.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre7\bin\jusched.exe"
Winlogon\Notify\WB: C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll [X]
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\Run: [BySoft FreeRAM] => C:\Program Files (x86)\BySoft FreeRAM\FreeRAM.exe [318976 2004-12-17] (BySoft)
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {03237c71-914d-11e1-a203-0024211eaa99} - G:\AutoRun.exe
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {03237c87-914d-11e1-a203-0024211eaa99} - G:\AutoRun.exe
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {5e7e3d28-dab4-11e2-bcb4-00223ffdfbe7} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {857e358c-6cb7-11e2-8d81-0024211eaa99} - G:\AutoRun.exe
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {87bfdab6-db56-11e1-ad6e-002185029185} - G:\AutoRun.exe
HKU\S-1-5-21-1319131921-239364623-2864319773-1001\...\MountPoints2: {d0517809-2a13-11e3-bd5d-0024211eaa99} - I:\HTC_Sync_Manager_PC.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.alternate.net
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.aon.at
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.alternate.net
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {74C6F829-D0BE-4D84-ADFB-155DC8E56E30} URL = hxxp://at.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=677874&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: SSVHelper Class -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
DPF: HKLM-x32 {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @bittorrent.com/BitTorrentDNA -> C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbittorrent.dll (BitTorrent, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: PC Sync 2 Synchronisation Extension - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\bkmrksync@nokia.com [2008-08-01]
FF Extension: Conduit Engine  - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\engine@conduit.com [2011-04-17]
FF Extension: Free Download Manager plugin - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\fdm_ffext@freedownloadmanager.org [2013-03-08]
FF Extension: Move Media Player - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\moveplayer@movenetworks.com [2009-11-06]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-28]
FF Extension: Adobe DLM (powered by getPlus(R)) - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7} [2008-07-07]
FF Extension: YouTube to MP3 - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\youtube2mp3@mondayx.de.xpi [2011-05-02]
FF Extension: FlashGot - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-03-08]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-21]
FF Extension: DownThemAll! - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-02-22]
FF Extension: Greasemonkey - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-29]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-07]
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2012-10-17]
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2012-10-17]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-10-17]
FF Extension: No Name - C:\Users\M*****\AppData\Roaming\Mozilla\Firefox\Profiles\6kfb7tw2.default\extensions\savingsslider@mybrowserbar.com.xpi [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "https://www.google.at/"
CHR Profile: C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-27]
CHR Extension: (Google Drive) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-27]
CHR Extension: (Freemake Video Downloader) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf [2013-04-27]
CHR Extension: (Google-Suche) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-27]
CHR Extension: (Freemake Video Downloader) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-04-27]
CHR Extension: (Google Wallet) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-04-27]
CHR Extension: (Google Mail) - C:\Users\M*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-27]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-10-17]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2012-10-17]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [581000 2014-04-01] (Autodesk Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 Apache2.2; c:\xampp\apache\bin\apache.exe [24636 2008-12-10] (Apache Software Foundation) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
S4 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S4 DAUpdaterSvc; C:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
S4 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [8704 2012-11-23] (Freemake) [File not signed]
S4 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-09-03] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 mi-raysat_3dsmax2015_64; C:\Program Files\Autodesk\3ds Max 2015\NVIDIA\Satellite\raysat_3dsmax2015_64server.exe [86016 2011-09-15] () [File not signed]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 mysql; c:\xampp\mysql\bin\mysqld.exe [6447744 2008-11-15] ()
S4 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S4 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-04-07] (Native Instruments GmbH) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [173616 2007-02-07] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [648472 2014-08-14] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2012-05-14] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
S3 L6TPortGX; C:\Windows\System32\Drivers\L6TPortGX64.sys [772864 2013-10-18] (Line 6)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2008-07-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-14] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RDID1104; C:\Windows\System32\Drivers\rdwm1104.sys [197888 2009-11-30] (Roland Corporation)
S3 SaiK0CEA; C:\Windows\System32\DRIVERS\SaiK0CEA.sys [129024 2008-04-04] (Saitek)
S3 SaiU0CEA; C:\Windows\System32\DRIVERS\SaiU0CEA.sys [34432 2008-04-04] (Saitek)
S0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75640 2006-07-05] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
S3 SIS162u; C:\Windows\System32\DRIVERS\sis162u.sys [242432 2005-05-06] (SiS Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-15] () [File not signed]
S4 StarOpen; No ImagePath
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [43792 2009-08-05] (Sun Microsystems, Inc.)
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [13560 2006-11-02] (Cyberlink Corp.)
U3 antd0j2b; C:\Windows\System32\Drivers\antd0j2b.sys [0 ] (Microsoft Corporation)
S4 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S4 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S4 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S4 NPF; system32\drivers\NPF.sys [X]
S4 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S4 tsusbhub; system32\drivers\tsusbhub.sys [X]
S4 VGPU; System32\drivers\rdvgkmd.sys [X]
S4 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-17 18:38 - 2014-10-17 18:38 - 00004946 _____ () C:\Windows\PFRO.log
2014-10-17 18:09 - 2014-10-17 18:44 - 00000000 ____D () C:\Bugs
2014-10-17 18:02 - 2014-10-17 18:36 - 00000000 ____D () C:\AdwCleaner
2014-10-17 18:00 - 2014-10-17 18:00 - 01976320 _____ () C:\Users\M*****\Downloads\AdwCleaner_4.000.exe
2014-10-17 17:38 - 2014-10-17 17:38 - 00000762 _____ () C:\Windows\comsetup.log
2014-10-17 17:35 - 2014-10-17 17:50 - 00000000 ___DC () C:\Users\M*****\AppData\Local\MigWiz
2014-10-17 17:20 - 2014-04-14 20:14 - 00880040 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2014-10-17 17:20 - 2014-04-14 20:14 - 00802728 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2014-10-17 17:15 - 2014-10-17 17:15 - 00003132 _____ () C:\Windows\System32\Tasks\{35627F72-562C-4D7F-AC1C-739D9BA8499A}
2014-10-17 17:11 - 2014-10-17 17:11 - 00000000 ____D () C:\Users\M*****\Documents\PcSetup
2014-10-17 17:06 - 2014-10-17 17:06 - 00003204 _____ () C:\Windows\System32\Tasks\{E4893C33-9E24-4CBD-B6EF-E481FFFF3510}
2014-10-17 17:05 - 2014-10-17 17:52 - 00001184 _____ () C:\Users\M*****\Documents\Software.txt
2014-10-17 08:01 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 08:01 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-17 08:00 - 2014-10-17 08:11 - 00074191 _____ () C:\Users\M*****\Downloads\Addition.txt
2014-10-17 07:59 - 2014-10-17 18:50 - 00029186 _____ () C:\Users\M*****\Downloads\FRST.txt
2014-10-17 07:59 - 2014-10-17 18:50 - 00000000 ____D () C:\FRST
2014-10-17 07:56 - 2014-10-17 07:58 - 02112000 _____ (Farbar) C:\Users\M*****\Downloads\FRST64.exe
2014-10-17 07:37 - 2014-10-17 18:40 - 00229112 _____ () C:\Windows\setupact.log
2014-10-17 07:37 - 2014-10-17 07:37 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-16 23:57 - 2014-10-16 23:57 - 00125790 _____ () C:\Users\M*****\Downloads\Extras.Txt
2014-10-16 23:50 - 2014-10-17 00:04 - 00000000 ____D () C:\Users\M*****\Documents\Bug
2014-10-16 23:38 - 2014-10-16 23:38 - 00602112 _____ (OldTimer Tools) C:\Users\M*****\Downloads\OTL.exe
2014-10-16 23:05 - 2014-10-16 23:05 - 00005804 _____ () C:\Users\M*****\Documents\cc_20141016_230511.reg
2014-10-14 01:26 - 2014-10-14 01:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-03 20:35 - 2014-10-03 20:35 - 00000000 ____D () C:\Users\Public\Documents\ZBrushData
2014-10-03 20:34 - 2014-10-03 20:34 - 00001133 _____ () C:\Users\Public\Desktop\ZBrush 4R6.lnk
2014-10-03 20:34 - 2014-10-03 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixologic
2014-10-03 20:33 - 2014-10-03 20:33 - 00000000 ____D () C:\Users\Public\Pixologic
2014-10-03 20:31 - 2014-10-03 20:31 - 00000000 ____D () C:\Program Files (x86)\Pixologic
2014-10-03 19:31 - 2014-10-17 16:44 - 00005080 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for M*****-PC-M***** M*****-PC
2014-10-03 19:25 - 2014-10-03 19:25 - 00120746 _____ () C:\Users\M*****\Documents\cc_20141003_192548.reg
2014-10-03 19:18 - 2014-10-03 19:18 - 00000000 ____D () C:\Users\M*****\Documents\Shade_Empire-Zero_Nexus-(Advance)-2008-FNT
2014-10-03 18:47 - 2014-10-03 18:47 - 00000000 ____D () C:\Users\M*****\Downloads\Autoruns_1203
2014-10-03 15:31 - 2014-10-03 15:31 - 00275494 _____ () C:\Users\M*****\Documents\cc_20141003_153152.reg
2014-10-03 15:31 - 2014-10-03 15:31 - 00004398 _____ () C:\Users\M*****\Documents\cc_20141003_153101.reg
2014-10-03 14:21 - 2014-10-17 16:24 - 00003758 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-10-01 22:17 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 22:17 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-24 18:33 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 18:33 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-18 10:53 - 2014-09-18 10:53 - 00003120 _____ () C:\Windows\System32\Tasks\{C57DB961-CDAA-4FE0-B62B-B7F4F01B94B5}
2014-09-17 22:25 - 2014-09-17 22:25 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\Flux
2014-09-17 22:20 - 2014-09-17 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flux sound and picture development
2014-09-17 22:18 - 2014-09-17 22:18 - 00000000 ____D () C:\Program Files (x86)\Flux

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-17 18:53 - 2010-01-11 11:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-17 18:48 - 2010-03-09 20:15 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-17 18:48 - 2010-03-09 20:15 - 00016768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-17 18:47 - 2010-03-09 21:16 - 01539639 _____ () C:\Windows\WindowsUpdate.log
2014-10-17 18:43 - 2014-05-23 10:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-17 18:42 - 2009-07-14 04:34 - 00000288 _____ () C:\Windows\system.ini
2014-10-17 18:42 - 2009-02-19 16:41 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-17 18:39 - 2010-01-11 11:15 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-17 18:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-17 18:39 - 2008-07-02 17:57 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-17 18:30 - 2008-07-10 14:32 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\vlc
2014-10-17 18:09 - 2012-05-23 12:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-17 18:08 - 2013-06-02 16:01 - 00000000 ____D () C:\Program Files (x86)\Metro Last Light
2014-10-17 17:41 - 2013-06-02 17:07 - 00018432 ___SH () C:\Users\M*****\Thumbs.db
2014-10-17 17:41 - 2010-03-09 20:18 - 00000000 ____D () C:\Users\M*****
2014-10-17 17:38 - 2014-05-23 10:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-17 17:38 - 2014-05-23 10:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-17 17:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-10-17 17:21 - 2008-07-07 13:12 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-17 17:19 - 2008-11-16 19:52 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-17 17:18 - 2008-07-02 17:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-17 17:17 - 2008-12-14 14:22 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2014-10-17 17:16 - 2011-11-15 19:44 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-17 17:11 - 2009-11-30 17:10 - 00099384 _____ () C:\Users\M*****\AppData\Roaming\inst.exe
2014-10-17 17:11 - 2009-11-30 17:10 - 00082816 _____ (VSO Software) C:\Users\M*****\AppData\Roaming\pcouffin.sys
2014-10-17 17:11 - 2009-11-30 17:10 - 00007859 _____ () C:\Users\M*****\AppData\Roaming\pcouffin.cat
2014-10-17 17:11 - 2009-11-30 17:10 - 00000055 _____ () C:\Users\M*****\AppData\Roaming\pcouffin.log
2014-10-17 17:11 - 2009-11-30 17:10 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\Vso
2014-10-17 17:10 - 2011-03-08 02:03 - 00000000 ____D () C:\Program Files (x86)\AnyToISO
2014-10-17 17:07 - 2008-09-27 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steinberg VoiceMachine
2014-10-17 17:07 - 2008-09-16 22:43 - 00000000 ____D () C:\Program Files (x86)\Syncrosoft
2014-10-17 17:00 - 2008-07-07 17:28 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\Steinberg
2014-10-17 16:59 - 2009-11-21 21:54 - 00000000 ____D () C:\Program Files\Native Instruments
2014-10-17 16:59 - 2009-11-21 21:54 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-10-17 16:58 - 2008-08-23 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-10-17 16:57 - 2014-06-19 20:52 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\FileZilla
2014-10-17 07:48 - 2008-07-07 17:04 - 00000000 ____D () C:\Users\M*****\AppData\Local\Adobe
2014-10-16 23:09 - 2010-03-10 10:36 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3E305E16-1E2C-4F71-A29F-EAEEC5BCC348}
2014-10-16 23:02 - 2010-03-15 20:49 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\DAEMON Tools Lite
2014-10-16 23:02 - 2008-07-08 16:07 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\BitTorrent
2014-10-15 00:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-14 19:09 - 2012-04-24 21:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-14 10:20 - 2014-09-16 06:10 - 00001097 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-14 10:20 - 2014-05-01 18:45 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-14 10:20 - 2012-11-20 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-14 10:20 - 2012-11-20 11:40 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-09 15:02 - 2013-05-09 22:09 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-09 15:02 - 2013-04-03 15:06 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-09 15:02 - 2013-04-03 15:06 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-07 17:57 - 2013-11-22 15:52 - 00000000 ____D () C:\Users\M*****\Downloads\share-online
2014-10-07 17:30 - 2010-03-02 21:29 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-10-06 12:28 - 2013-04-05 09:50 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-10-04 17:12 - 2008-07-10 14:22 - 00000000 ____D () C:\Users\M*****\AppData\Roaming\dvdcss
2014-10-04 13:37 - 2009-07-14 06:45 - 05370016 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-03 20:47 - 2014-03-30 11:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-10-03 19:28 - 2013-01-17 10:31 - 00000000 ____D () C:\Users\M*****\Downloads\1
2014-10-03 19:10 - 2012-05-01 08:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge
2014-10-03 19:10 - 2012-05-01 08:47 - 00000000 ____D () C:\Program Files (x86)\Gameforge
2014-10-03 19:04 - 2010-03-09 22:08 - 00120288 _____ () C:\Users\M*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-03 19:04 - 2010-03-08 14:31 - 00000000 ____D () C:\Program Files (x86)\NCSoft
2014-10-03 19:04 - 2009-03-02 23:09 - 00000000 ____D () C:\ProgramData\InstallShield
2014-10-03 19:03 - 2008-09-29 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2014-10-03 19:03 - 2008-09-29 20:06 - 00000000 ____D () C:\Program Files (x86)\MagicISO
2014-10-03 19:02 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-03 19:01 - 2008-07-07 19:34 - 00000000 ____D () C:\Users\M*****\AppData\Local\GameSpy
2014-10-03 18:51 - 2014-09-02 14:47 - 00003352 _____ () C:\Users\M*****\Documents\Uninstall Dragon Age 2.log
2014-10-03 18:49 - 2008-07-07 16:30 - 00000000 ____D () C:\Users\M*****\Documents\My Games
2014-09-27 19:44 - 2013-01-27 14:24 - 00000112 _____ () C:\Windows\SysWOW64\w3data.vss
2014-09-27 19:44 - 2013-01-27 14:24 - 00000112 _____ () C:\Windows\SysWOW64\msvcsv60.dll
2014-09-27 19:44 - 2013-01-27 14:24 - 00000112 _____ () C:\Windows\msocreg32.dat
2014-09-27 19:30 - 2014-05-27 23:50 - 00000016 _____ () C:\Users\M*****\AppData\Roaming\msregsvv.dll
2014-09-27 19:30 - 2014-05-27 23:50 - 00000016 _____ () C:\ProgramData\autobk.inc
2014-09-25 13:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-24 20:25 - 2014-07-01 17:16 - 00000000 ____D () C:\Cakewalk Projects
2014-09-24 19:09 - 2012-05-23 12:42 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 19:09 - 2012-05-23 12:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 19:09 - 2011-11-29 22:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-22 16:53 - 2013-01-24 11:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-19 20:54 - 2009-07-14 19:58 - 00780072 _____ () C:\Windows\system32\perfh007.dat
2014-09-19 20:54 - 2009-07-14 19:58 - 00178686 _____ () C:\Windows\system32\perfc007.dat
2014-09-19 20:54 - 2009-07-14 07:13 - 01824584 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-18 12:16 - 2008-07-07 19:44 - 00000000 ____D () C:\Program Files (x86)\Trillian
2014-09-18 11:10 - 2008-07-07 16:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-18 11:00 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-17 22:20 - 2014-07-01 15:54 - 00000000 ____D () C:\Program Files (x86)\Cakewalk
2014-09-17 17:47 - 2009-08-30 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2014-09-17 17:45 - 2009-08-30 00:34 - 00000000 ____D () C:\Program Files (x86)\IK Multimedia

Files to move or delete:
====================
C:\ProgramData\sysqcl1129139270.dat
C:\Users\Public\daemon-lite.exe
C:\Users\Public\HamachiSetup-1.0.2.5-de.exe
C:\Users\Public\Nero-8.1.1.4_deu_trial.exe
C:\Users\Public\Oburis Launcher.exe


Some content of TEMP:
====================
C:\Users\M*****\AppData\Local\Temp\avgnt.exe
C:\Users\M*****\AppData\Local\Temp\Quarantine.exe
C:\Users\M*****\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-10-06 00:54

==================== End Of Log ============================
--- --- ---


Liebe Grüße

Bootsektor 19.10.2014 01:28
Hallo,

was ist das?

Zitat:
() C:\Windows\AutoKMS\AutoKMS.exe
Supportunterbrechung

Lesestoff:
Cracks und Keygens
Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert.


Bitte entferne den Crack von deinem System ansonsten kann ich dir nicht helfen!

Shizmo 19.10.2014 09:39
Okay gelöscht! Wie gehts weiter?

Bootsektor 20.10.2014 23:03
Hallo,

gut.

Poste mir dann bitte das Suchprotokoll von Malwarebytes. Das ist das Protektionslog.

Schritt 1
  • Starte Malwarebytes
  • Gehe nun oben auf Verlauf
  • links findest du nun die Auswahl Quarantäne und Anwendungsprotokolle
  • Gehe auf Anwendungsprotokolle
  • suche hier das letzte Suchlaufsprotokoll und wähle das aus
  • nun gehe oben auf Ansicht, das Protokoll öffnet sich
  • unten links steht exportieren, wähle das aus und klicke auf Textdatei
  • speichere nun das Log unter mbam.txt ab
  • öffne das Log mit deinem Texteditor
  • poste mir den Inhalt


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:52 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58