Wahrscheinlich Trojaner oder Virus durch JAVA Update

Taku79 · 13.04.2014, 21:06

Hi an alle Helfer,
ich war eben mit meinem Laptop auf einer Seite zum streamen. Die Seite kannte ich noch nicht und die Meldung kam ich sollte JAVA updaten. Ich bin immer sehr vorsichtig bei so etwas und schaute es mir genauer an, ich las etwas von Windows7 und es kam mir zuverlässig vor. Ich klickte auf installieren und das Schicksal nahm seinen Lauf. Ich sollte zwei mal was bestätigen, der gesamte Text war englisch und sah so aus wie immer bei Updates. Als sich dann aber nichts mehr tat bzw. sich das Icon von JAVA geändert hat aber kein Installer aufging wurde ich misstrauisch. In Sekundenschnelle poppten komische Fenster mit Seiten auf die ich nicht kannte, die Meldung "Firefox wurde nicht gefunden" erschien und mein IE wurde geschlossen. In diesem Moment war ich mir sicher das es ein Virus oder ähnliches ist. Ich habe den Laptop sofort ausgeschaltet und vom Strom genommen. Jetzt traue ich mich auch nicht ihn wieder anzumachen. Ich schreibe euch jetzt von meinem IPad in der Hoffnung das einer mit mir Schritt für Schritt das Problem beheben kann.

Ich hoffe ihn auszuschalten war richtig, das hatte mit mein Bruder mal gesagt der IT-Elektrotechniker ist als ich mir schon mal einen Virus eingefangen habe.

Noch eine wichtige Info für den Helfer, ich verstehe gar nix vom PC, ich weiß noch nicht mal was ein Logfile ist, nur das es sich um eine Datei (file) handeln muss. Da der Laptop aus ist kann ich euch hier auch nichts posten, nehme mir die goldenen Regeln aber zu Herzen und habe mir vor schreiben meines Thread alles durchgelesen.

Ich bin wirklich für jede Hilfe dankbar!

P.S. Mein Betriebsystem ist Windows7

deeprybka · 13.04.2014, 21:21

Schalte den PC kurz an, lade FRST runter (siehe Schritt 1) und mach den Scan und das Posting wie beschrieben!

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab.
Poste die Logfiles direkt in deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweise: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Das dauert dann zwar ein paar Stunden länger, garantiert aber, dass Du kompetente Hilfe und geprüfte Antworten bekommst. Siehe hier...

Ich bedanke mich für Deine Geduld!

Schritt 1 (Scan mit FRST)
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Taku79 · 13.04.2014, 21:28

Hallo Jürgen,

Danke für deine Hilfe, ich verstehe zwar nur Bahnhof werde aber versuchen alles nach bestem Gewissen auszuführen.

Sicherlich werde ich während des Vorganges noch die eine oder andere Frage haben. Aber ich bin erstmal sehr dankbar das du deine Freizeit dafür opferst mir zu helfen.

deeprybka · 13.04.2014, 21:31

Das bekommen wir schon hin!

Taku79 · 13.04.2014, 21:43

Der öffnet hier so viele Fenster in denen ich irgendwelche Downloads machen soll das ich jetzt gar nicht weiß was das richtige ist. Ich habe den Link für FRS 32 Bit angeklickt, ist dann reinmachen PC Repair online korrekt?

deeprybka · 13.04.2014, 21:45

Probiere diese Seite:
Farbar Recovery Scan Tool Download

Taku79 · 13.04.2014, 21:54

Es tut mir leid aber jedes mal wenn ich auf Download klicke macht er ein neues Fenster bei denen ich auf Downloads hingewiesen werde. Mein IE stürzt auch ständig ab, ich gebe mein bestes.

deeprybka · 13.04.2014, 22:00

Ok, gib Bescheid ob es irgendwie geht. Sonst überlegen wir uns was anderes...

Taku79 · 13.04.2014, 22:06

Ich habe den Eindruck das mich der IE immer auf eine andere Seite als die gewünschte leitet, kann das sein?

Es erscheint das der Download vorbereitet wird und dann kommt die Fehlermeldung das der IE nicht mehr funktioniert.

deeprybka · 13.04.2014, 22:06

ja das kann sein....

Wenn Du nur den IE als Browser verwendest und es nicht geht FRST runterzuladen, dann hören wir für heute auf. Ich melde mich dann morgen wieder mit vom Ausbilder geprüften Anweisungen, OK?

Taku79 · 13.04.2014, 22:14

Jetzt ist ein Feld erschienen, keine Ahnung ob es das richtige ist:

windows Version Installer 2011-2014 (C) All Rights reserved

End User Agreement......

Ich würde es gern mit dem IPad fotografieren und hier anhängen, weiß aber leider nicht wie.

Leider habe ich nur den IE zur Verfügung. Ich habe ihn jetzt wieder ausgemacht. Dennoch erstmal vielen Dank und dann bis Morgen!

deeprybka · 14.04.2014, 09:04

Hi,
FRST bitte von einem anderen PC auf nen USB-Stick laden. Auf Deinen PC kopieren. Scan durchführen. Logfiles auf den USB-STICK. Diese dann vom anderen PC posten...

Taku79 · 14.04.2014, 15:24

Mit dem Stick hat es funktioniert, der Scan ist fertig.
Jetzt habe ich hier zwei Dateien, FRST.txt und Addition.txt, deren Inhalt soll ich wie oben beschrieben posten?

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2014 01
Ran by Tanja at 2014-04-14 16:18:08
Running from G:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.0 - CMI Limited)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.5.0621 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F8FEEFC0-D7D6-9A40-28E9-1E7A6716E803}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
BatteryLifeExtender (HKLM-x32\...\{74A579FB-EB06-497D-B194-01590D6FE51A}) (Version: 1.0.5 - Samsung)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonbon Quest (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111768557}) (Version:  - Oberon Media)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.44 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0504.2152.37420 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help English (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help French (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help German (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0504.2151.37420 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0504.2152.37420 - ATI) Hidden
ccc-utility64 (Version: 2010.0504.2152.37420 - ATI) Hidden
Common Desktop Agent (x32 Version: 1.36.2 - OEM) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3911 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Dell 2335dn MFP Software-Deinstallation (HKLM-x32\...\Dell 2335dn MFP) (Version:  - DELL Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
DVAG Online-System (HKLM-x32\...\DVAG Online System) (Version: 1.2 - Deutsche Vermögensberatung AG)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F9557866-B4C8-4CE5-8508-0E386BDC20B2}) (Version: 4.3.3 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.0.11 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{C4582EED-A3FB-4358-8F3F-8C994460DF28}) (Version: 1.0.3 - Samsung)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version:  - Oberon Media)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Gem Shop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110521483}) (Version:  - Oberon Media)
Genesis (HKCU\...\genesis) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)
HQ-V-Pro-1.9 (HKLM-x32\...\HQ-V-Pro-1.9) (Version: 1.34.4.10 - HQ-V-1.9)
Insaniquarium Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110245793}) (Version:  - Oberon Media)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version:  - Oberon Media)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
MediaPlayerplus (HKLM-x32\...\MediaPlayerplus) (Version: 1.34.4.10 - Freeven)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Nokia PC Suite (x32 Version: 7.1.60.0 - Nokia) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
PC Connectivity Solution (HKLM-x32\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.6.5.6 - Reimage)
Re-markit (HKLM-x32\...\C41FBC48-71F7-7251-7D3C-727F8A92664B) (Version:  - Re-markit-software) <==== ATTENTION
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Scan Manager (HKLM-x32\...\{B7E981A3-4517-4B05-98E7-E3E8ED355591}) (Version: 0.00.0013 - Dell)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
ShopperReports (HKLM-x32\...\ShoppingReport2) (Version: 2.7.34 - ShopperReports) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.3.4 - Uniblue Systems Limited)
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.14563 - TeamViewer)
toolplugin (HKLM-x32\...\toolplugin) (Version:  - )
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - )
webssearches uninstaller (HKLM-x32\...\webssearches uninstaller) (Version:  - webssearches)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WPM18.8.0.212 (HKLM-x32\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION

==================== Restore Points  =========================

13-04-2014 19:18:46 Uniblue SpeedUpMyPC installation

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {060A8A10-FCA4-48BB-9AE1-60C24CA2184C} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit-soft\Re-markitfQL.exe [2014-04-13] () <==== ATTENTION
Task: {19E04981-E33D-4C96-A5D9-4E60E86B3AF7} - System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-2 => C:\Program Files (x86)\HQ-V-Pro-1.9\0646f96d-e73e-48bf-9ca9-58255af83235-2.exe [2014-04-13] (HQ-V-1.9)
Task: {1A9C1087-98BC-4EF9-8153-E84236148E63} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {1B093BA2-89A2-4151-B84A-DCF536E71381} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {1D818528-C0AE-4BA9-A459-5E07675C7FAE} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-06-08] (Samsung Electronics Co., Ltd.)
Task: {20ADF15A-59FC-4129-B40A-0FBE84FAED7E} - System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5 => C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5.exe [2014-04-13] (Freeven)
Task: {25AFE220-0FFA-4F18-ABA2-89B0E2C27435} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-06-01] (Samsung Electronics. Co. Ltd.)
Task: {29E9F48E-A70F-4C61-BFEE-E99344862B63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-29] (Google Inc.)
Task: {3F0BB0C6-6D78-4E5D-947A-C335FDEDBEA6} - System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-13] (Freeven)
Task: {4103DD93-D5D4-4E57-B173-2E02479D869C} - System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-4 => C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-4.exe [2014-04-13] (Freeven)
Task: {6694638F-51B3-4DE3-B314-73B8F11A90E4} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {6C87E4CE-F799-47C0-8083-3D0A0722C557} - System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-3 => C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-3.exe [2014-04-13] (Freeven)
Task: {86240C20-4C5A-4AF6-A28A-C96497EE01FF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {8EBFBC96-747A-4015-878F-2D78E6F6D545} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-05-06] (Samsung Electronics)
Task: {96F65CCF-FCE2-4EE3-AC6A-AD862BCF26B1} - System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-3 => C:\Program Files (x86)\HQ-V-Pro-1.9\0646f96d-e73e-48bf-9ca9-58255af83235-3.exe [2014-04-13] (HQ-V-1.9)
Task: {98FF4574-E556-4B66-B76F-0015E164E940} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A494C8DF-8D2A-40F6-8DF7-61A8DE6257F1} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-04-09] (Uniblue Systems Limited)
Task: {A846282E-079C-491C-80A1-C9C56021FC24} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {ADE2BED9-A625-458D-A8F9-38B8415775DB} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-03-29] (SAMSUNG Electronics co., LTD.)
Task: {B288B732-E590-4E97-863F-DB846B7BB4E1} - System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-2 => C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-2.exe [2014-04-13] (Freeven)
Task: {B58315A4-A2C6-48E3-BC75-2A2DBCAD17A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-29] (Google Inc.)
Task: {B8FF1375-3177-4444-BE13-BBD36917586A} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit-soft\Re-markitfQLOWw.exe [2014-04-13] () <==== ATTENTION
Task: {BB1E14CB-41DB-4247-B851-DD18A6EC05A9} - System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-1 => C:\Program Files (x86)\HQ-V-Pro-1.9\HQ-V-Pro-1.9-codedownloader.exe [2014-04-13] (HQ-V-1.9)
Task: {D9C23CB7-0417-4AF7-A667-3B920B3B4223} - System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-5 => C:\Program Files (x86)\HQ-V-Pro-1.9\0646f96d-e73e-48bf-9ca9-58255af83235-5.exe [2014-04-13] (HQ-V-1.9)
Task: {DD0E202A-E584-424C-83C6-FDD63006ED3A} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-04-09] (Uniblue Systems Limited)
Task: {EB2BC582-952D-44FB-8733-13D6FADFDE53} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2014-01-15] (Reimage ltd.)
Task: {EEC6B2F7-3C0F-49DD-894D-FC2729DD8339} - System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-4 => C:\Program Files (x86)\HQ-V-Pro-1.9\0646f96d-e73e-48bf-9ca9-58255af83235-4.exe [2014-04-13] (HQ-V-1.9)
Task: C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-1.job => C:\Program Files (x86)\HQ-V-Pro-1.9\HQ-V-Pro-1.9-codedownloader.exe
Task: C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-2.job => C:\Program Files (x86)\HQ-V-Pro-1.9\0646f96d-e73e-48bf-9ca9-58255af83235-2.exe
Task: C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-3.job => C:\Program Files (x86)\HQ-V-Pro-1.9\0646f96d-e73e-48bf-9ca9-58255af83235-3.exe
Task: C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-4.job => C:\Program Files (x86)\HQ-V-Pro-1.9\0646f96d-e73e-48bf-9ca9-58255af83235-4.exe
Task: C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-5.job => C:\Program Files (x86)\HQ-V-Pro-1.9\0646f96d-e73e-48bf-9ca9-58255af83235-5.exe
Task: C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe
Task: C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-2.job => C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-2.exe
Task: C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-3.job => C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-3.exe
Task: C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-4.job => C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-4.exe
Task: C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5.job => C:\Program Files (x86)\MediaPlayerplus\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\Re-markitfQL.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markitfQLOWw.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => ?
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => ?

==================== Loaded Modules (whitelisted) =============

2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-03-31 15:57 - 2010-04-27 10:33 - 00080896 _____ () C:\Windows\System32\Dell2335Port_x64.dll
2011-03-31 15:54 - 2010-03-10 19:09 - 00022016 _____ () C:\Windows\System32\sdf1ml6.dll
2014-03-14 16:00 - 2014-03-14 16:00 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2012-04-15 11:47 - 2013-03-02 10:45 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2014-04-13 21:18 - 2014-04-13 21:18 - 00141824 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfQL158.exe
2014-04-13 21:18 - 2014-04-13 21:18 - 00077312 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfQLOWw.exe
2013-03-02 10:46 - 2013-03-02 10:45 - 00151552 _____ () C:\Windows\KMService.exe
2010-08-12 06:50 - 2009-03-05 11:54 - 00311296 _____ () C:\Windows\SysWOW64\Rezip.exe
2014-04-12 00:58 - 2014-04-12 00:58 - 00355328 _____ () C:\Users\Tanja\AppData\Roaming\VOPackage\VOsrv.exe
2011-03-31 15:50 - 2010-08-04 20:15 - 00632128 _____ () C:\Windows\Dell\PanelMgr\SSMMgr.exe
2010-07-29 23:07 - 2010-07-29 23:07 - 00311296 _____ () C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
2011-07-29 01:08 - 2011-07-29 01:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2009-02-12 07:32 - 2009-02-12 07:32 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-12 06:46 - 2010-08-12 06:46 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-31 15:50 - 2010-08-04 20:15 - 00312128 _____ () C:\Windows\Dell\PanelMgr\caller64.exe
2013-10-21 10:22 - 2014-04-12 10:34 - 00602680 _____ () C:\Users\Tanja\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-13 21:18 - 2014-04-13 21:18 - 00133120 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markitfQL158.dll
2010-08-12 06:54 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2012-08-23 11:20 - 2014-04-12 10:34 - 36966968 _____ () C:\Users\Tanja\AppData\Roaming\Spotify\Data\libcef.dll
2011-07-29 01:09 - 2011-07-29 01:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2014 11:04:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16521, Zeitstempel: 0x53114399
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16521, Zeitstempel: 0x53115050
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x46e4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (04/13/2014 10:47:35 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16521, Zeitstempel: 0x53114399
Name des fehlerhaften Moduls: HQ-V-Pro-1.9-bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x534a44e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x03591373
ID des fehlerhaften Prozesses: 0x1868
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (04/13/2014 10:37:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16521, Zeitstempel: 0x53114399
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.9600.16521, Zeitstempel: 0x53115050
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00008a95
ID des fehlerhaften Prozesses: 0x1764
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (04/13/2014 10:32:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: msnmsgr.exe, Version: 15.4.3538.513, Zeitstempel: 0x4dcdb2b3
Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version: 2.0.10175.3910, Zeitstempel: 0x4b9715b8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c9d8
ID des fehlerhaften Prozesses: 0xedc
Startzeit der fehlerhaften Anwendung: 0xmsnmsgr.exe0
Pfad der fehlerhaften Anwendung: msnmsgr.exe1
Pfad des fehlerhaften Moduls: msnmsgr.exe2
Berichtskennung: msnmsgr.exe3

Error: (04/13/2014 00:49:38 PM) (Source: Application Hang) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7113.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b18

Startzeit: 01cf562a09699453

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

Berichts-ID: 4586b706-c2f9-11e3-af1e-002454e41abf

Error: (04/12/2014 10:33:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 36230765

Error: (04/12/2014 10:33:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 36230765

Error: (04/12/2014 10:33:33 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/12/2014 00:29:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9173

Error: (04/12/2014 00:29:51 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9173


System errors:
=============
Error: (04/14/2014 04:11:56 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/14/2014 04:10:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/14/2014 04:09:58 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎13.‎04.‎2014 um 23:12:37 unerwartet heruntergefahren.

Error: (04/13/2014 11:10:44 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (04/13/2014 11:10:44 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (04/13/2014 10:31:57 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/13/2014 10:30:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/13/2014 10:30:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/13/2014 10:30:53 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.

Error: (04/13/2014 10:29:54 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎13.‎04.‎2014 um 21:21:16 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (04/13/2014 11:04:44 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1652153114399jscript9.dll11.0.9600.1652153115050c000000500008a9546e401cf5758563dd66cC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWow64\jscript9.dll3c85b7ce-c34f-11e3-bb05-002454e41abf

Error: (04/13/2014 10:47:35 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1652153114399HQ-V-Pro-1.9-bho.dll_unloaded0.0.0.0534a44e5c000000503591373186801cf5759958df764C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEHQ-V-Pro-1.9-bho.dlld6d3a816-c34c-11e3-bb05-002454e41abf

Error: (04/13/2014 10:37:46 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1652153114399jscript9.dll11.0.9600.1652153115050c000000500008a95176401cf57578458af75C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWow64\jscript9.dll77e56c98-c34b-11e3-bb05-002454e41abf

Error: (04/13/2014 10:32:39 PM) (Source: Application Error)(User: )
Description: msnmsgr.exe15.4.3538.5134dcdb2b3YCWebCameraSource.ax2.0.10175.39104b9715b8c00000050000c9d8edc01cf575753237ec9C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeC:\Program Files (x86)\CyberLink\YouCam\YCWebCameraSource.axc133c13d-c34a-11e3-bb05-002454e41abf

Error: (04/13/2014 00:49:38 PM) (Source: Application Hang)(User: )
Description: OUTLOOK.EXE14.0.7113.50001b1801cf562a0969945316C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE4586b706-c2f9-11e3-af1e-002454e41abf

Error: (04/12/2014 10:33:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 36230765

Error: (04/12/2014 10:33:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 36230765

Error: (04/12/2014 10:33:33 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/12/2014 00:29:51 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9173

Error: (04/12/2014 00:29:51 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9173


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 3946.16 MB
Available physical RAM: 2305.74 MB
Total Pagefile: 8040.34 MB
Available Pagefile: 6210.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:52 GB) (Free:9.14 GB) NTFS
Drive d: (Cache) (Fixed) (Total:5.86 GB) (Free:0.12 GB) NTFS
Drive e: (Daten) (Fixed) (Total:387.8 GB) (Free:172.59 GB) NTFS
Drive g: () (Removable) (Total:0.94 GB) (Free:0.16 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 1F260976)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=52 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=394 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 963 MB) (Disk ID: 0029B81D)
Partition 1: (Active) - (Size=962 MB) - (Type=06)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2014 01
Ran by Tanja (administrator) on TANJA-PC on 14-04-2014 16:17:48
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\srvany.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markitfQL158.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markitfQLOWw.exe
(Reimage®) C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
() C:\Windows\KMService.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
() C:\Windows\SysWOW64\Rezip.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
() C:\Users\Tanja\AppData\Roaming\VOPackage\VOsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Tanja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Spotify Ltd) C:\Users\Tanja\AppData\Roaming\Spotify\spotify.exe
(inferir) C:\Users\Tanja\AppData\Local\Genesis\Genesis.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\Dell\PanelMgr\SSMMgr.exe
() C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) E:\Bibliotheken\Eigene Dokumente\I Pad\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Windows\Dell\PanelMgr\caller64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Tanja\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tanja\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tanja\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Tanja\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Dell PanelMgr] => C:\Windows\Dell\PanelMgr\SSMMgr.exe [632128 2010-08-04] ()
HKLM-x32\...\Run: [CDAServer] => C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe [311296 2010-07-29] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => E:\Bibliotheken\Eigene Dokumente\I Pad\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\Run: [PC Suite Tray] => "C:\Users\Tanja\Nokia PC Suite 7\PCSuite.exe" -onlytray
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\Run: [B610C16A] => C:\Users\Tanja\AppData\Roaming\Mywmk\pcyyfrkvw.exe
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\Run: [Spotify Web Helper] => C:\Users\Tanja\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\Run: [Spotify] => C:\Users\Tanja\AppData\Roaming\Spotify\spotify.exe [6087224 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\Run: [genesis] => c:\users\tanja\appdata\local\genesis\genesis.exe [2797568 2014-04-13] (inferir)
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\Policies\system: [DisableRegedit] 1
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\MountPoints2: {1dba7fb3-d565-11e1-8114-002454e41abf} - G:\setup_vmb_lite.exe /checkApplicationPresence
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\MountPoints2: {641216f6-a417-11e0-bc6b-002454e41abf} - G:\AutoRun.exe
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\MountPoints2: {64121709-a417-11e0-bc6b-002454e41abf} - G:\AutoRun.exe
HKU\S-1-5-21-2949563268-3681810927-3286423182-1000\...\MountPoints2: {d2c7494e-b115-11e0-a32d-002454e41abf} - G:\AutoRun.exe
Startup: C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = 
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT&q={searchTerms}
BHO: HQ-V-Pro-1.9 - {11111111-1111-1111-1111-110511311172} - C:\Program Files (x86)\HQ-V-Pro-1.9\HQ-V-Pro-1.9-bho64.dll (HQ-V-1.9)
BHO: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll (Freeven)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HQ-V-Pro-1.9 - {11111111-1111-1111-1111-110511311172} - C:\Program Files (x86)\HQ-V-Pro-1.9\HQ-V-Pro-1.9-bho.dll (HQ-V-1.9)
BHO-x32: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Tanja\AppData\Roaming\toolplugin\toolbar.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\io26ooqa.default
FF user.js: detected! => C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\io26ooqa.default\user.js
FF NewTab: hxxp://istart.webssearches.com/newtab/?type=nt&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT
FF DefaultSearchEngine: webssearches
FF SearchEngineOrder.1: Search the web
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://istart.webssearches.com/?type=hp&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT
FF Keyword.URL: hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Bibliotheken\Eigene Dokumente\I Pad\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\io26ooqa.default\searchplugins\askcom.xml
FF Extension: MediaPlayerplus - C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\io26ooqa.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-13]
FF Extension: HQ-V-Pro-1.9 - C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\io26ooqa.default\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com [2014-04-13]
FF Extension: Quick Start - C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\io26ooqa.default\Extensions\quick_start@gmail.com [2014-04-13]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [ClickPotatoLite@ClickPotatoLite.com] - C:\Program Files (x86)\ClickPotatoLite\bin\10.0.668.0\firefox\extensions
FF Extension: ClickPotatoLite Component - C:\Program Files (x86)\ClickPotatoLite\bin\10.0.668.0\firefox\extensions [2011-05-24]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-12]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\io26ooqa.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Tanja\AppData\Roaming\Mozilla\Firefox\Profiles\io26ooqa.default\extensions\quick_start@gmail.com [2014-04-13]
FF HKCU\...\Firefox\Extensions: [{372479DD-B552-F0A8-F0E5-EEEEA6602285}] - C:\Program Files (x86)\Re-markit-soft\158.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit-soft\158.xpi [2014-04-13]

Chrome: 
=======
CHR HomePage: hxxp://istart.webssearches.com/?type=hp&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT
CHR DefaultSearchKeyword: webssearches
CHR DefaultSearchProvider: webssearches
CHR DefaultSearchURL: hxxp://istart.webssearches.com/web/?type=ds&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT&q={searchTerms}
CHR Extension: (Docs) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-20]
CHR Extension: (Google Drive) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-20]
CHR Extension: (YouTube) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-20]
CHR Extension: (Google Search) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-20]
CHR Extension: (HQ-V-Pro-1.9) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-04-13]
CHR Extension: (Re-markit) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikcggonfhgaingjbhjanbibmlfeomooc [2014-04-13]
CHR Extension: (MediaPlayerplus) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-13]
CHR Extension: (Google Wallet) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-20]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-01-20]
CHR Extension: (Quick Start) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-04-13]
CHR Extension: (Gmail) - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-20]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Tanja\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-04-13]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://istart.webssearches.com/?type=sc&ts=1397416706&from=tugs&uid=TOSHIBAXMK5065GSX_90BFP0YLTXX90BFP0YLT

==================== Services (Whitelisted) =================

R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [688240 2014-03-31] (Cherished Technololgy LIMITED)
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-03-02] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markitfQL158.exe [141824 2014-04-13] ()
R2 ReimageRealTimeProtection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [5100392 2014-01-15] (Reimage®)
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] ()
R2 vosr; C:\Users\Tanja\AppData\Roaming\VOPackage\VOsrv.exe [355328 2014-04-12] ()
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-13] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-02-20] (DT Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-26] (Windows (R) 2003 DDK 3790 provider)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 cpuz134; \??\C:\Users\Tanja\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-14 16:13 - 2014-04-14 16:17 - 00000000 ____D () C:\FRST
2014-04-14 16:11 - 2014-04-14 16:11 - 00000000 ____D () C:\Users\Tanja\AppData\Local\{58CC9203-95CC-461C-B1AB-7EF4EF6FC562}
2014-04-13 22:38 - 2014-04-13 22:38 - 00003434 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-04-13 22:38 - 2014-04-13 22:38 - 00000000 ____D () C:\ProgramData\CDB
2014-04-13 22:37 - 2014-04-13 22:38 - 00000000 ____D () C:\rei
2014-04-13 22:37 - 2014-04-13 22:37 - 00001907 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-04-13 22:37 - 2014-04-13 22:37 - 00000000 ____D () C:\Program Files\Reimage
2014-04-13 22:36 - 2014-04-13 22:38 - 00000155 _____ () C:\Windows\Reimage.ini
2014-04-13 22:33 - 2014-04-13 22:33 - 00000000 ____D () C:\Users\Tanja\AppData\Local\{78241F49-F3B8-4AE7-B998-1F23D8C87D50}
2014-04-13 22:32 - 2014-04-13 23:05 - 00001099 _____ () C:\Users\Tanja\Desktop\Continue VuuPC Installation.lnk
2014-04-13 21:20 - 2014-04-14 16:10 - 00001536 _____ () C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5.job
2014-04-13 21:20 - 2014-04-14 16:10 - 00001450 _____ () C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-1.job
2014-04-13 21:20 - 2014-04-14 16:10 - 00001434 _____ () C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-2.job
2014-04-13 21:20 - 2014-04-13 21:21 - 00001242 _____ () C:\Users\Tanja\AppData\Roaming\aps.scan.quick.results
2014-04-13 21:20 - 2014-04-13 21:21 - 00000324 _____ () C:\Users\Tanja\AppData\Roaming\aps.uninstall.scan.results
2014-04-13 21:20 - 2014-04-13 21:20 - 00004566 _____ () C:\Windows\System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5
2014-04-13 21:20 - 2014-04-13 21:20 - 00004480 _____ () C:\Windows\System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-1
2014-04-13 21:20 - 2014-04-13 21:20 - 00004464 _____ () C:\Windows\System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-2
2014-04-13 21:20 - 2014-04-13 21:20 - 00003216 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-04-13 21:20 - 2014-04-13 21:20 - 00002584 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-04-13 21:20 - 2014-04-13 21:20 - 00001135 _____ () C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2014-04-13 21:20 - 2014-04-13 21:20 - 00001015 _____ () C:\Users\Tanja\Desktop\AnyProtect.lnk
2014-04-13 21:20 - 2014-04-13 21:20 - 00000292 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-04-13 21:20 - 2014-04-13 21:20 - 00000278 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-04-13 21:20 - 2014-04-13 21:20 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-04-13 21:20 - 2014-04-13 21:20 - 00000000 _____ () C:\Users\Tanja\AppData\Roaming\aps.scan.results
2014-04-13 21:19 - 2014-04-14 16:11 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-04-13 21:19 - 2014-04-14 16:10 - 00003124 _____ () C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-3.job
2014-04-13 21:19 - 2014-04-14 16:10 - 00002370 _____ () C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-4.job
2014-04-13 21:19 - 2014-04-14 16:10 - 00002228 _____ () C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-4.job
2014-04-13 21:19 - 2014-04-14 16:10 - 00001462 _____ () C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-5.job
2014-04-13 21:19 - 2014-04-14 16:10 - 00001372 _____ () C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-1.job
2014-04-13 21:19 - 2014-04-14 16:10 - 00001366 _____ () C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-2.job
2014-04-13 21:19 - 2014-04-13 21:20 - 00005258 _____ () C:\Windows\System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-4
2014-04-13 21:19 - 2014-04-13 21:20 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-13 21:19 - 2014-04-13 21:20 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-04-13 21:19 - 2014-04-13 21:19 - 01097384 _____ (AnyProtect.com) C:\Users\Tanja\AppData\Local\nsq3B6F.tmp
2014-04-13 21:19 - 2014-04-13 21:19 - 00006154 _____ () C:\Windows\System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-3
2014-04-13 21:19 - 2014-04-13 21:19 - 00005400 _____ () C:\Windows\System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-4
2014-04-13 21:19 - 2014-04-13 21:19 - 00004492 _____ () C:\Windows\System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-5
2014-04-13 21:19 - 2014-04-13 21:19 - 00004402 _____ () C:\Windows\System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-1
2014-04-13 21:19 - 2014-04-13 21:19 - 00004396 _____ () C:\Windows\System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-2
2014-04-13 21:19 - 2014-04-13 21:19 - 00001939 _____ () C:\Users\Tanja\Desktop\Sync Folder.lnk
2014-04-13 21:19 - 2014-04-13 21:19 - 00001057 _____ () C:\Users\Tanja\Desktop\MyPC Backup.lnk
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\VOPackage
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\Uniblue
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\SupTab
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\ProgramData\WPM
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-13 21:18 - 2014-04-14 16:13 - 00000406 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-13 21:18 - 2014-04-14 16:10 - 00002772 _____ () C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-3.job
2014-04-13 21:18 - 2014-04-14 16:10 - 00000396 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-13 21:18 - 2014-04-13 23:04 - 00000000 ____D () C:\Users\Tanja\AppData\Local\Genesis
2014-04-13 21:18 - 2014-04-13 21:19 - 00000000 ____D () C:\Program Files (x86)\HQ-V-Pro-1.9
2014-04-13 21:18 - 2014-04-13 21:18 - 00005802 _____ () C:\Windows\System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-3
2014-04-13 21:18 - 2014-04-13 21:18 - 00003054 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-04-13 21:18 - 2014-04-13 21:18 - 00002984 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-13 21:18 - 2014-04-13 21:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-13 21:18 - 2014-04-13 21:18 - 00000000 ____D () C:\Program Files (x86)\Re-markit-soft
2014-04-10 10:54 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 10:54 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 10:54 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-10 10:54 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 10:53 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 10:53 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 10:53 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 10:53 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 10:53 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 10:53 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 10:53 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 10:53 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 10:53 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 10:53 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 10:53 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 10:53 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 10:53 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 10:53 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 10:53 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 10:53 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 10:53 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-07 15:54 - 2014-04-07 15:54 - 00000000 ____D () C:\ProgramData\Brother
2014-04-02 09:59 - 2014-04-02 09:59 - 00000000 ____D () C:\Users\Tanja\AppData\Local\{A1328154-15AE-4405-B3D0-21A974BEBB17}
2014-03-17 11:17 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-17 11:17 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-17 11:17 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-17 11:17 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-17 11:17 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-17 11:17 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-17 11:17 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-17 11:17 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-17 11:17 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-17 11:17 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-17 11:17 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-17 11:17 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-17 11:17 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-17 11:17 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-17 11:17 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-17 11:17 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-17 11:17 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-17 11:17 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-17 11:17 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-17 11:17 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-17 11:17 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-17 11:17 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-17 11:17 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-17 11:17 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-17 11:17 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-17 11:17 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-17 11:17 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-17 11:17 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-17 11:17 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-17 11:17 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-17 11:17 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-17 11:17 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-17 11:17 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-17 11:17 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-17 11:17 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-17 11:17 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-16 22:03 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-16 22:03 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-16 22:03 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-16 22:03 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-16 21:58 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-16 21:58 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-16 21:57 - 2014-03-16 21:57 - 00001756 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-16 21:57 - 2014-03-16 21:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-16 21:57 - 2014-03-16 21:57 - 00000000 ____D () C:\Program Files\iTunes
2014-03-16 21:57 - 2014-03-16 21:57 - 00000000 ____D () C:\Program Files\iPod
2014-03-16 21:57 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-16 21:57 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-16 21:41 - 2014-03-16 21:45 - 00000000 ____D () C:\Program Files (x86)\QuickTime

==================== One Month Modified Files and Folders =======

2014-04-14 16:17 - 2014-04-14 16:13 - 00000000 ____D () C:\FRST
2014-04-14 16:16 - 2012-08-23 11:20 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\Spotify
2014-04-14 16:15 - 2010-08-12 23:04 - 00703192 _____ () C:\Windows\system32\perfh007.dat
2014-04-14 16:15 - 2010-08-12 23:04 - 00150800 _____ () C:\Windows\system32\perfc007.dat
2014-04-14 16:15 - 2009-07-14 07:13 - 01629348 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-14 16:14 - 2010-08-12 22:41 - 01951640 _____ () C:\Windows\WindowsUpdate.log
2014-04-14 16:13 - 2014-04-13 21:18 - 00000406 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-14 16:12 - 2013-11-27 16:46 - 00001581 _____ () C:\Windows\setupact.log
2014-04-14 16:12 - 2011-08-29 13:36 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-14 16:11 - 2014-04-14 16:11 - 00000000 ____D () C:\Users\Tanja\AppData\Local\{58CC9203-95CC-461C-B1AB-7EF4EF6FC562}
2014-04-14 16:11 - 2014-04-13 21:19 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-04-14 16:11 - 2012-02-08 13:06 - 00000000 ____D () C:\Users\Tanja\Tracing
2014-04-14 16:10 - 2014-04-13 21:20 - 00001536 _____ () C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5.job
2014-04-14 16:10 - 2014-04-13 21:20 - 00001450 _____ () C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-1.job
2014-04-14 16:10 - 2014-04-13 21:20 - 00001434 _____ () C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-2.job
2014-04-14 16:10 - 2014-04-13 21:19 - 00003124 _____ () C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-3.job
2014-04-14 16:10 - 2014-04-13 21:19 - 00002370 _____ () C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-4.job
2014-04-14 16:10 - 2014-04-13 21:19 - 00002228 _____ () C:\Windows\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-4.job
2014-04-14 16:10 - 2014-04-13 21:19 - 00001462 _____ () C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-5.job
2014-04-14 16:10 - 2014-04-13 21:19 - 00001372 _____ () C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-1.job
2014-04-14 16:10 - 2014-04-13 21:19 - 00001366 _____ () C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-2.job
2014-04-14 16:10 - 2014-04-13 21:18 - 00002772 _____ () C:\Windows\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-3.job
2014-04-14 16:10 - 2014-04-13 21:18 - 00000396 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-14 16:10 - 2011-08-29 13:36 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-14 16:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-13 23:05 - 2014-04-13 22:32 - 00001099 _____ () C:\Users\Tanja\Desktop\Continue VuuPC Installation.lnk
2014-04-13 23:04 - 2014-04-13 21:18 - 00000000 ____D () C:\Users\Tanja\AppData\Local\Genesis
2014-04-13 22:45 - 2012-04-12 11:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-13 22:38 - 2014-04-13 22:38 - 00003434 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-04-13 22:38 - 2014-04-13 22:38 - 00000000 ____D () C:\ProgramData\CDB
2014-04-13 22:38 - 2014-04-13 22:37 - 00000000 ____D () C:\rei
2014-04-13 22:38 - 2014-04-13 22:36 - 00000155 _____ () C:\Windows\Reimage.ini
2014-04-13 22:38 - 2009-07-14 06:45 - 00014144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-13 22:38 - 2009-07-14 06:45 - 00014144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-13 22:37 - 2014-04-13 22:37 - 00001907 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-04-13 22:37 - 2014-04-13 22:37 - 00000000 ____D () C:\Program Files\Reimage
2014-04-13 22:33 - 2014-04-13 22:33 - 00000000 ____D () C:\Users\Tanja\AppData\Local\{78241F49-F3B8-4AE7-B998-1F23D8C87D50}
2014-04-13 22:29 - 2010-08-12 07:39 - 00824658 _____ () C:\Windows\PFRO.log
2014-04-13 21:21 - 2014-04-13 21:20 - 00001242 _____ () C:\Users\Tanja\AppData\Roaming\aps.scan.quick.results
2014-04-13 21:21 - 2014-04-13 21:20 - 00000324 _____ () C:\Users\Tanja\AppData\Roaming\aps.uninstall.scan.results
2014-04-13 21:20 - 2014-04-13 21:20 - 00004566 _____ () C:\Windows\System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-5
2014-04-13 21:20 - 2014-04-13 21:20 - 00004480 _____ () C:\Windows\System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-1
2014-04-13 21:20 - 2014-04-13 21:20 - 00004464 _____ () C:\Windows\System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-2
2014-04-13 21:20 - 2014-04-13 21:20 - 00003216 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-04-13 21:20 - 2014-04-13 21:20 - 00002584 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-04-13 21:20 - 2014-04-13 21:20 - 00001135 _____ () C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2014-04-13 21:20 - 2014-04-13 21:20 - 00001015 _____ () C:\Users\Tanja\Desktop\AnyProtect.lnk
2014-04-13 21:20 - 2014-04-13 21:20 - 00000292 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-04-13 21:20 - 2014-04-13 21:20 - 00000278 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-04-13 21:20 - 2014-04-13 21:20 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-04-13 21:20 - 2014-04-13 21:20 - 00000000 _____ () C:\Users\Tanja\AppData\Roaming\aps.scan.results
2014-04-13 21:20 - 2014-04-13 21:19 - 00005258 _____ () C:\Windows\System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-4
2014-04-13 21:20 - 2014-04-13 21:19 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-13 21:20 - 2014-04-13 21:19 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-04-13 21:19 - 2014-04-13 21:19 - 01097384 _____ (AnyProtect.com) C:\Users\Tanja\AppData\Local\nsq3B6F.tmp
2014-04-13 21:19 - 2014-04-13 21:19 - 00006154 _____ () C:\Windows\System32\Tasks\3d8c097a-d75d-43d1-aa88-eb4ad99df514-3
2014-04-13 21:19 - 2014-04-13 21:19 - 00005400 _____ () C:\Windows\System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-4
2014-04-13 21:19 - 2014-04-13 21:19 - 00004492 _____ () C:\Windows\System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-5
2014-04-13 21:19 - 2014-04-13 21:19 - 00004402 _____ () C:\Windows\System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-1
2014-04-13 21:19 - 2014-04-13 21:19 - 00004396 _____ () C:\Windows\System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-2
2014-04-13 21:19 - 2014-04-13 21:19 - 00001939 _____ () C:\Users\Tanja\Desktop\Sync Folder.lnk
2014-04-13 21:19 - 2014-04-13 21:19 - 00001057 _____ () C:\Users\Tanja\Desktop\MyPC Backup.lnk
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\VOPackage
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\Uniblue
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\SupTab
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\ProgramData\WPM
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-04-13 21:19 - 2014-04-13 21:19 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-13 21:19 - 2014-04-13 21:18 - 00000000 ____D () C:\Program Files (x86)\HQ-V-Pro-1.9
2014-04-13 21:19 - 2011-02-20 18:45 - 00000000 ___RD () C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 21:18 - 2014-04-13 21:18 - 00005802 _____ () C:\Windows\System32\Tasks\0646f96d-e73e-48bf-9ca9-58255af83235-3
2014-04-13 21:18 - 2014-04-13 21:18 - 00003054 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-04-13 21:18 - 2014-04-13 21:18 - 00002984 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-13 21:18 - 2014-04-13 21:18 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-13 21:18 - 2014-04-13 21:18 - 00000000 ____D () C:\Program Files (x86)\Re-markit-soft
2014-04-13 21:18 - 2011-04-27 20:49 - 00000000 ____D () C:\Users\Tanja\searchplugins
2014-04-13 21:18 - 2011-02-20 18:45 - 00001657 _____ () C:\Users\Tanja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-13 21:18 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-13 21:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-13 12:38 - 2011-04-13 11:28 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E1B28F02-F4C9-4E5E-ADDF-FF6D6C285015}
2014-04-12 00:28 - 2012-08-23 11:21 - 00000000 ____D () C:\Users\Tanja\AppData\Local\Spotify
2014-04-11 09:49 - 2011-02-20 12:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 09:47 - 2013-08-01 06:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 09:43 - 2011-03-29 22:17 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 15:54 - 2014-04-07 15:54 - 00000000 ____D () C:\ProgramData\Brother
2014-04-02 09:59 - 2014-04-02 09:59 - 00000000 ____D () C:\Users\Tanja\AppData\Local\{A1328154-15AE-4405-B3D0-21A974BEBB17}
2014-04-02 03:01 - 2011-05-24 17:38 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-04-02 03:01 - 2011-05-24 17:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-04-02 03:01 - 2011-05-24 17:36 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-04-01 23:06 - 2011-08-29 13:36 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-01 23:06 - 2011-08-29 13:36 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 03:16 - 2014-04-10 10:54 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-10 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-10 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-10 10:54 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-20 18:53 - 2009-07-14 06:45 - 00341504 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-20 18:52 - 2012-05-21 06:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-20 18:52 - 2012-05-21 06:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-16 21:57 - 2014-03-16 21:57 - 00001756 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-16 21:57 - 2014-03-16 21:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-16 21:57 - 2014-03-16 21:57 - 00000000 ____D () C:\Program Files\iTunes
2014-03-16 21:57 - 2014-03-16 21:57 - 00000000 ____D () C:\Program Files\iPod
2014-03-16 21:52 - 2012-06-28 15:25 - 00000000 ____D () C:\ProgramData\Apple
2014-03-16 21:45 - 2014-03-16 21:41 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-16 21:45 - 2011-05-24 18:53 - 00000000 ____D () C:\Users\Tanja\plugins

Some content of TEMP:
====================
C:\Users\Tanja\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tanja\AppData\Local\Temp\ose00000.exe
C:\Users\Tanja\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Tanja\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-02 00:48

==================== End Of Log ============================

--- --- ---

--- --- ---

deeprybka · 14.04.2014, 15:37

Gut gemacht!

Du liest wieder von mir...

deeprybka · 14.04.2014, 19:54

Hallo & Sorry!

Es gibt hier Regeln wie Du vermutlich weißt...

Zitat:

C:\Windows\KMService.exe

Leider deuten die von mir gelisteten Einträge stark darauf hin, dass auf diesem Rechner Software benutzt wird, die nicht legal erworben wurde.

Supportstopp

Lesestoff:
Cracks und Keygens
Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert.

Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle nicht weiter bereinigen, da wir ein solches Vorgehen nicht unterstützen. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen.

Unsere Hilfe beschränkt sich daher nur auf das Neuaufsetzen und Absichern deines Systems.
Fragen dazu beantworten wir dir aber weiterhin gerne und zwar in unserem Forum.

Um mit der Bereinigung fortzufahren, muss Microsoft Office Professional Plus 2010 deinstalliert werden.

13.04.2014, 21:31	#4
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Wahrscheinlich Trojaner oder Virus durch JAVA Update Das bekommen wir schon hin! __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

13.04.2014, 21:45	#6
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Wahrscheinlich Trojaner oder Virus durch JAVA Update Probiere diese Seite: Farbar Recovery Scan Tool Download __________________ --> Wahrscheinlich Trojaner oder Virus durch JAVA Update

13.04.2014, 22:00	#8
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Wahrscheinlich Trojaner oder Virus durch JAVA Update Ok, gib Bescheid ob es irgendwie geht. Sonst überlegen wir uns was anderes... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

14.04.2014, 15:37	#14
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Wahrscheinlich Trojaner oder Virus durch JAVA Update Gut gemacht! Du liest wieder von mir... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Wahrscheinlich Trojaner oder Virus durch JAVA Update

Plagegeister aller Art und deren Bekämpfung: Wahrscheinlich Trojaner oder Virus durch JAVA Update