Hilfe! Trojaner Generic Befall

schrauber · 02.07.2013, 13:27

Wenn ESET fertig ist das komplette Logfile bitte

lisei · 02.07.2013, 14:09

Hallo Schrauber.
finde die Datei Eset nicht im Explorer wie beschrieben!
Hab über meinen USB das Programm gestartet!!

Gruß Lisa

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.68  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
Bitdefender Virenschutz   
AVG Anti-Virus 2013       
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 TuneUp Utilities Language Pack (de-DE) 
 Java(TM) 6 Update 31  
 Java version out of Date! 
 Adobe Flash Player 11.7.700.224  
 Adobe Reader XI  
 Mozilla Firefox 21.0 Firefox out of Date!  
 Google Chrome 27.0.1453.110  
 Google Chrome 27.0.1453.116  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.68  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
Bitdefender Virenschutz   
AVG Anti-Virus 2013       
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 TuneUp Utilities Language Pack (de-DE) 
 Java(TM) 6 Update 31  
 Java version out of Date! 
 Adobe Flash Player 11.7.700.224  
 Adobe Reader XI  
 Mozilla Firefox 21.0 Firefox out of Date!  
 Google Chrome 27.0.1453.110  
 Google Chrome 27.0.1453.116  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=34e00e62827b2c4eab3e12142b7bb307
# engine=14231
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-02 12:57:48
# local_time=2013-07-02 02:57:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1044 16777214 100 95 21158 59907452 0 0
# compatibility_mode=2056 16777214 100 85 19287 131850966 0 0
# compatibility_mode=5893 16776574 100 94 0 124399718 0 0
# scanned=263288
# found=8
# cleaned=0
# scan_time=10699
sh=50864334B5D01135C95E14DCB23A0C421DCB4CC8 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Program Files (x86)\YTKaraoke\chrome.crx"
sh=DEADADD0239B0920AC3733849F85B122486A097F ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Program Files (x86)\YTKaraoke\FF\chrome\content\main.js"
sh=14D8E98CFD3B8FAF3A751DAD6F06550742FC6245 ft=1 fh=889337184973dd3d vn="Win32/Adware.Yontoo.B application" ac=I fn="C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll"
sh=14D8E98CFD3B8FAF3A751DAD6F06550742FC6245 ft=1 fh=889337184973dd3d vn="Win32/Adware.Yontoo.B application" ac=I fn="C:\Users\All Users\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll"
sh=852A0AC42C62F5F0E9AE51E07355825869AF2C46 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnhgbflngpggpmpfdkhmhmfdophhepe\1.112_0\contentscript.js"
sh=222147D4B0EB47C3A3BB2ED6CB7D544D76A3B808 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2011-3544.AY trojan" ac=I fn="C:\Users\lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\24ce83b4-3ac73ee6"
sh=222147D4B0EB47C3A3BB2ED6CB7D544D76A3B808 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2011-3544.AY trojan" ac=I fn="C:\Users\lisa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\6855197c-743faa87"
sh=C06E20D1363B13ABD11229D76431A8BC949EDE4A ft=1 fh=1345e3c7c994c689 vn="Win32/Adware.Bundlore application" ac=I fn="C:\Users\lisa\Downloads\setup.exe"

Sorry,
hab in Programme nachgeschaut!!
Hab es gerade gepostet!
Hab alles erledigt!
Gruß Lisa

Hallo Schrauber,
komme immer noch nicht ins normale Windows, nur im Abgesicherten Modus!!!
Gruß Lisa

Hallo Schraube,
bin jetzt doch reingekommen,
bringt eine Fehler Meldung! Strings.dat file is missing or corrupt!
Der Bildschirm meldet sich mit weiß und dann wird er hellblau!

Gruß Lisa

Er braucht auch lange bis er sich ladet,
schätze mal das da sehr viel geladen wird, was nicht zum Startmenü
gehört!

hallo schrauber,
FRST is in arbeit, log sende ich dir wenn es fertig ist!
Gruß Lisa

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-06-2013 03
Ran by lisa (administrator) on 02-07-2013 15:53:48
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\lpksetup.exe
() C:\Program Files (x86)\AAVUpdateManager\aavus.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
() C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Somoto) C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Facebook) C:\Users\lisa\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Systweak Inc) C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
(COMPANYVERS_NAME) C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2012\odscanui.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-03-11] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Easy-PrintToolBox] C:\Program Files (x86)\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon [398944 2006-10-17] (CANON INC.)
HKLM\...\Run: [BDAgent] "C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe" [1091200 2013-06-14] (Bitdefender)
HKCU\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-12-25] (Google Inc.)
HKCU\...\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-04-05] (Apple Inc.)
HKCU\...\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1104824 2012-11-12] (Samsung)
HKCU\...\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto  [200784 2012-05-31] (Somoto)
HKCU\...\Run: [HijackThis startup scan] G:\HijackThis.exe /startupscan [x]
MountPoints2: F - F:\AutoRun.exe
MountPoints2: G - G:\AutoRun.exe
MountPoints2: {1c5eb3cd-c4af-11e0-9a98-101f740a9c70} - F:\AutoRun.exe
MountPoints2: {1c5eb3e1-c4af-11e0-9a98-101f740a9c70} - F:\AutoRun.exe
MountPoints2: {1c5eb3ea-c4af-11e0-9a98-101f740a9c70} - F:\AutoRun.exe
MountPoints2: {1c5eb3fb-c4af-11e0-9a98-101f740a9c70} - G:\AutoRun.exe
MountPoints2: {2c9f57af-c764-11e0-9691-806e6f6e6963} - G:\AutoRun.exe
MountPoints2: {6af6a92d-e8fb-11e0-9dae-101f740a9c70} - G:\AutoRun.exe
MountPoints2: {869dbc6a-c764-11e0-99af-101f740a9c70} - G:\AutoRun.exe
MountPoints2: {cca738f2-58af-11e2-a74f-101f740a9c70} - G:\HTC_Sync_Manager_PC.exe
MountPoints2: {cca7392f-58af-11e2-a74f-101f740a9c70} - G:\setup.exe -a
MountPoints2: {f40ffb3a-bae1-11e2-8b31-101f740a9c70} - G:\HTC_Sync_Manager_PC.exe
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-05-29] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-04-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup [651264 2012-04-17] ()
HKLM-x32\...\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-05-23] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart [3460760 2012-07-30] (Babylon Ltd.)
HKLM-x32\...\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [574008 2011-07-11] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-11-02] (Apple Inc.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\lisa\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM SearchScopes: DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=266&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0243426645644892&q={searchTerms}
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {840CBA39-00BA-4137-9607-C2B1076209F6} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=266&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0243426645644892&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
HKLM-x32 SearchScopes: DefaultScope {03595C39-4494-4F94-8CEA-4C2C81D017D8} URL = 
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {840CBA39-00BA-4137-9607-C2B1076209F6} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=266&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0243426645644892&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2325506
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10001&barid={14F2BA14-FAA5-11E1-B933-101F740A9C70}
HKCU SearchScopes: DefaultScope {03595C39-4494-4F94-8CEA-4C2C81D017D8} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716
SearchScopes: HKCU - {03595C39-4494-4F94-8CEA-4C2C81D017D8} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119357&tl=gkn01384&tt=gc_&babsrc=SP_ss&mntrId=E241D0DF9A677698
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=NRO&o=&src=crm&q={searchTerms}&locale=
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {4F0EDE64-5B3B-4425-8598-3C26DF5FF8BF} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKCU - {840CBA39-00BA-4137-9607-C2B1076209F6} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=266&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=0243426645644892&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2426} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2325506
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10001&barid={14F2BA14-FAA5-11E1-B933-101F740A9C70}
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: DataMngr - {7DA17D5A-5718-4130-A605-FC316C827836} - C:\PROGRA~2\SEARCH~1\Datamngr\x64\BROWSE~1.DLL No File
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files (x86)\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (Ask.com)
BHO-x32: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO-x32: YTD Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YTD Toolbar\IE\7.1\ytdToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} -  No File
Toolbar: HKCU - No Name - {3BBD3C14-4C16-4989-8366-95BC9179779D} -  No File
Toolbar: HKCU - No Name - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL [52920 2011-05-07] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{00B87E99-B03B-47CF-851D-007197A54B75}: [NameServer]10.111.81.129 10.129.32.1
Tcpip\..\Interfaces\{0C73F8FF-16C6-4979-AA4A-6E199DF63EAA}: [NameServer]10.129.32.1 10.111.81.129
Tcpip\..\Interfaces\{8C58ABC7-4C7C-49AA-B65A-00C12433B4A4}: [NameServer]10.111.81.129 10.129.32.1
Tcpip\..\Interfaces\{C67691B4-649B-4EAD-A4F7-E0DA720B01B0}: [NameServer]10.111.81.129 10.129.32.1

FireFox:
========
FF ProfilePath: C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default
FF user.js: detected! => C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\user.js
FF NewTab: hxxp://www.delta-search.com/?affID=119357&tl=gkn01384&tt=gc_&babsrc=NT_ss&mntrId=E241D0DF9A677698
FF SearchEngine: Claro Search
FF Homepage: hxxp://search.babylon.com/?affID=119357&tl=gkn01384&tt=gc_&babsrc=HP_ss_gin2g&mntrId=E241D0DF9A677698
FF Keyword.URL: hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=BE58A421-DFF8-4387-900C-E3393174224A&n=77fce002&ind=2013061122&p2=^HJ^xdm255^S05931^de&si=CMXf5_OD2bcCFVMetAod_nsAwA&searchfor=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\lisa\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\lisa\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\lisa\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: No Name - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com
FF Extension: No Name - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\Extensions\engine@conduit.com
FF Extension: No Name - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\Extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\Extensions\ffxtlbr@claro.com
FF Extension: No Name - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\Extensions\ffxtlbr@delta.com
FF Extension: No Name - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\Extensions\{26647ca4-a2a7-4eac-8a72-761aa9141de7}
FF Extension: No Name - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
FF Extension: No Name - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\Extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
FF Extension: ytd - C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\Extensions\ytd@mybrowserbar.com
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
FF Extension: No Name - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
FF HKLM-x32\...\Firefox\Extensions: [4zffxtbr@VideoDownloadConverter_4z.com] C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin
FF Extension: No Name - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\
FF Extension: No Name - C:\Program Files\Bitdefender\Bitdefender 2012\bdtbext\
FF HKCU\...\Firefox\Extensions: [{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}] C:\Program Files (x86)\PriceGong\2.6.6\FF
FF Extension: No Name - C:\Program Files (x86)\PriceGong\2.6.6\FF
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF HKCU\...\Firefox\Extensions: [YTKaraoke@DacSoft.org] C:\Program Files (x86)\YTKaraoke\FF\
FF Extension: No Name - C:\Program Files (x86)\YTKaraoke\FF\

Chrome: 
=======
CHR HomePage: hxxp://search.babylon.com/?affID=119357&tl=gkn01384&tt=gc_&babsrc=HP_ss_gin2g&mntrId=E241D0DF9A677698
CHR RestoreOnStartup: "hxxp://search.babylon.com/?affID=119357&tl=gkn01384&tt=gc_&babsrc=HP_ss_gin2g&mntrId=E241D0DF9A677698", "hxxp://www.delta-search.com/?affID=119357&tl=gkn01384&tt=gc_&babsrc=HP_ss&mntrId=E241D0DF9A677698"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\lisa\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\lisa\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Wajam) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (MindSpark)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Facebook Desktop) - C:\Users\lisa\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Website Logon) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aepeildmfnnehghlknddebgjghlompfe\1.0_0
CHR Extension: (Toggle Chrome Toolbar) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgmjapfkjpfkeffiijiebgjhikjogem\1.0_0
CHR Extension: () - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\2.3.19.11_0
CHR Extension: () - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0
CHR Extension: (Tube Karaoke) - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnhgbflngpggpmpfdkhmhmfdophhepe\1.112_0
CHR Extension: () - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.2_0
CHR Extension: () - C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.3.0.2_0

==================== Services (Whitelisted) =================

R2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-04-01] (Advanced Micro Devices, Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [5814904 2012-11-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
R2 BrowserDefendert; C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2827728 2013-05-23] ()
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [344928 2011-01-28] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [99936 2006-11-10] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2011-08-13] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe [227232 2010-09-02] (McAfee, Inc.)
S2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [120728 2012-10-02] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
S3 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [75384 2013-06-14] (Bitdefender)
R2 StarMoney Business 5.0 OnlineUpdate; C:\Program Files (x86)\StarMoney Business 5.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 Update Server; C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [466736 2011-11-04] (BitDefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [67904 2013-06-14] (Bitdefender)
R2 VideoDownloadConverter_4zService; C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [42504 2013-06-10] (COMPANYVERS_NAME)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe [1957912 2013-06-14] (Bitdefender)
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2012-07-26] (Wajam)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [705552 2013-06-14] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2013-06-14] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [587024 2013-06-14] (BitDefender)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [154464 2012-10-22] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [63328 2012-10-15] (AVG Technologies CZ, s.r.o. )
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [185696 2012-10-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [225120 2012-09-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [111968 2012-11-15] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40800 2012-09-14] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [200032 2012-09-21] (AVG Technologies CZ, s.r.o.)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93160 2013-06-14] (BitDefender LLC)
R0 bdfsfltr; C:\Windows\System32\DRIVERS\bdfsfltr.sys [442088 2012-02-07] (BitDefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-23] (BitDefender LLC)
S3 bdsandbox; C:\Windows\system32\drivers\bdsandbox.sys [79952 2012-02-07] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [103944 2010-01-19] (BitDefender)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2011-08-13] (Bytemobile, Inc.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [212992 2011-08-13] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2011-08-13] (Bytemobile, Inc.)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2011-08-13] (Bytemobile, Inc.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [329800 2011-11-04] (BitDefender S.R.L.)
S3 CpqDfw; system32\drivers\CpqDfw.sys [x]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 15:41 - 2013-07-02 15:41 - 00000000 ____D C:\Users\lisa\AppData\Local\Babylon
2013-07-02 15:37 - 2013-07-02 15:37 - 00001548 ____A C:\Windows\PFRO.log
2013-07-02 15:23 - 2013-07-02 15:23 - 00000320 ____A C:\Users\lisa\Desktop\SecurityCheck - Verknüpfung.lnk
2013-07-02 10:57 - 2013-07-02 10:57 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-07-02 10:42 - 2013-07-02 10:42 - 00000812 ____A C:\Users\lisa\Desktop\Fixlist.txt
2013-07-02 10:25 - 2013-07-02 11:36 - 00001081 ____A C:\Users\lisa\Desktop\Continue Download Helper Installation.lnk
2013-07-02 08:57 - 2013-07-02 08:59 - 00000000 ____A C:\END
2013-07-02 08:50 - 2013-07-02 15:40 - 00000000 ____D C:\users\TEMP.lisa-lisa.002
2013-07-02 08:50 - 2013-07-02 15:37 - 00000168 ____A C:\Windows\setupact.log
2013-07-02 08:50 - 2013-07-02 08:50 - 00000000 ____A C:\Windows\setuperr.log
2013-07-02 08:03 - 2013-07-02 08:03 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Roaming\Bitdefender
2013-07-02 08:02 - 2013-07-02 08:02 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Local\VirtualStore
2013-07-02 08:01 - 2013-07-02 18:36 - 00000000 ____D C:\users\TEMP.lisa-lisa.000
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Vorlagen
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Startmenü
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Netzwerkumgebung
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Lokale Einstellungen
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Eigene Dateien
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Druckumgebung
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Documents\Eigene Musik
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Documents\Eigene Bilder
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\AppData\Local\Verlauf
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\AppData\Local\Anwendungsdaten
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Anwendungsdaten
2013-07-02 08:01 - 2012-02-26 21:28 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Roaming\Macromedia
2013-07-02 08:01 - 2011-08-18 13:48 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Local\Microsoft Help
2013-07-01 21:50 - 2013-07-01 21:54 - 00001458 ____A C:\AdwCleaner[S8].txt
2013-07-01 21:20 - 2013-07-01 21:20 - 00001437 ____A C:\AdwCleaner[S7].txt
2013-07-01 21:19 - 2013-07-01 21:19 - 00001374 ____A C:\AdwCleaner[R1].txt
2013-07-01 21:16 - 2013-07-01 21:16 - 00022109 ____A C:\Users\lisa\Desktop\JRT.txt
2013-07-01 21:13 - 2013-07-01 21:13 - 00000000 ____D C:\Windows\ERUNT
2013-07-01 21:08 - 2013-07-01 21:08 - 00065157 ____A C:\AdwCleaner[S6].txt
2013-07-01 20:09 - 2013-07-01 20:11 - 00000731 ____A C:\AdwCleaner[S5].txt
2013-07-01 19:12 - 2013-07-01 19:25 - 00006669 ____A C:\AdwCleaner[S4].txt
2013-07-01 18:44 - 2013-07-01 18:49 - 00000349 ____A C:\AdwCleaner[S3].txt
2013-07-01 18:44 - 2013-07-01 18:49 - 00000349 ____A C:\AdwCleaner[S2].txt
2013-07-01 18:33 - 2013-07-01 18:39 - 00000524 ____A C:\AdwCleaner[S1].txt
2013-07-01 16:29 - 2013-07-01 16:29 - 00084447 ____A C:\Users\lisa\Desktop\FRST.txt
2013-07-01 16:29 - 2013-07-01 16:29 - 00040844 ____A C:\Users\lisa\Desktop\Addition.txt
2013-07-01 16:27 - 2013-07-01 16:27 - 00084447 ____A C:\Users\lisa\Documents\FRST.txt
2013-07-01 16:27 - 2013-07-01 16:27 - 00040844 ____A C:\Users\lisa\Documents\Addition.txt
2013-07-01 14:38 - 2013-07-01 14:38 - 00000000 ____D C:\FRST
2013-07-01 10:46 - 2013-07-01 10:46 - 00297313 ____A C:\Users\lisa\Documents\Malwarebytes Anti-Malware 1.pptx
2013-07-01 08:54 - 2013-07-01 08:54 - 00000000 ____D C:\Users\TEMP.lisa-lisa.001\AppData\Roaming\Bitdefender
2013-07-01 08:52 - 2013-07-02 18:36 - 00000000 ____D C:\users\TEMP.lisa-lisa.001
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Vorlagen
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Startmenü
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Netzwerkumgebung
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Lokale Einstellungen
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Eigene Dateien
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Druckumgebung
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Documents\Eigene Musik
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Documents\Eigene Bilder
2013-07-01 08:52 - 2012-02-26 21:28 - 00000000 ____D C:\Users\TEMP.lisa-lisa.001\AppData\Roaming\Macromedia
2013-06-30 19:49 - 2013-07-02 18:36 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-06-30 19:38 - 2013-06-30 19:44 - 00029898 ____A C:\Users\lisa\Documents\cc_20130630_190551.reg
2013-06-30 19:32 - 2013-06-30 19:35 - 28181408 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE (2).exe
2013-06-30 18:58 - 2013-06-30 19:04 - 00005852 ____A C:\Users\lisa\Documents\cc_20130630_185817.reg
2013-06-30 17:41 - 2013-07-02 18:37 - 00000000 ___AD C:\Program Files (x86)\FromDocToPDF_65EI
2013-06-30 17:41 - 2013-07-02 18:36 - 00000000 ____D C:\JRT
2013-06-30 16:18 - 2013-06-30 16:18 - 00000000 ____D C:\ProgramData\bdch
2013-06-26 22:36 - 2013-07-02 15:46 - 00001426 ____A C:\Users\lisa\Desktop\Registry kostenlos entrümpeln!.lnk
2013-06-18 14:40 - 2013-06-18 14:40 - 00602112 ____A (OldTimer Tools) C:\Users\lisa\Downloads\OTL.exe
2013-06-17 21:23 - 2013-06-17 21:24 - 28211040 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE.exe
2013-06-17 20:56 - 2013-06-18 09:47 - 00000181 ____A C:\Users\lisa\Desktop\avgrep.txt
2013-06-17 18:53 - 2013-07-02 09:35 - 00255877 ____A C:\Windows\WindowsUpdate.log
2013-06-17 18:42 - 2013-06-17 18:42 - 00000176 ____A C:\Users\lisa\Documents\cc_20130617_184239.reg
2013-06-17 16:40 - 2013-06-17 16:42 - 00000429 ____A C:\Windows\System32\avgrep.txt
2013-06-17 13:23 - 2013-06-17 13:24 - 00130010 ____A C:\Users\lisa\Documents\cc_20130617_132325.reg
2013-06-17 11:50 - 2013-06-17 11:50 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-17 11:44 - 2013-06-17 11:45 - 00000634 ____A C:\Users\lisa\Desktop\ccsetup402 - Verknüpfung.lnk
2013-06-17 11:38 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files\CCleaner
2013-06-17 09:13 - 2013-07-01 21:23 - 00000000 ____D C:\users\TEMP.lisa-lisa
2013-06-17 05:22 - 2013-06-19 15:47 - 00000274 ____A C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-06-17 05:22 - 2013-06-17 09:14 - 00000282 ____A C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-06-16 21:28 - 2013-06-16 21:28 - 00001069 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-16 21:05 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-16 20:49 - 2013-06-16 20:54 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\lisa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-06-16 20:43 - 2013-06-16 20:50 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\lisa\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-16 20:09 - 2013-07-02 18:38 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Systweak
2013-06-16 19:55 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-06-16 12:54 - 2013-06-16 12:56 - 03758488 ____A (Systweak Inc                                                ) C:\Users\lisa\Downloads\rcpsetup_3335_ggde.exe
2013-06-16 10:00 - 2013-06-17 14:53 - 00000000 ____D C:\Windows\pss
2013-06-15 22:39 - 2013-06-15 22:40 - 00393048 ____A (Softonic                                        ) C:\Users\lisa\Downloads\SoftonicDownloader_fuer_hijackthis.exe
2013-06-15 22:03 - 2013-06-15 22:18 - 22562672 ____A C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE (1).exe
2013-06-15 21:53 - 2013-06-17 21:22 - 00002243 ____A C:\Windows\epplauncher.mif
2013-06-15 21:16 - 2013-06-15 21:36 - 28181408 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE(2).exe
2013-06-15 21:00 - 2013-06-15 21:38 - 13503464 ____A (Microsoft Corporation) C:\Users\lisa\Downloads\mseinstall.exe
2013-06-15 19:15 - 2013-06-15 19:19 - 00000000 ____D C:\Program Files (x86)\GUM8868.tmp
2013-06-15 19:15 - 2013-06-15 19:15 - 04167680 ____A C:\Program Files (x86)\GUT8869.tmp
2013-06-15 19:02 - 2013-06-15 19:06 - 00781800 ____A (Google Inc.) C:\Users\lisa\Downloads\ChromeSetup.exe
2013-06-14 14:45 - 2013-06-17 22:17 - 00000328 ____A C:\Windows\Tasks\HPCeeScheduleForlisa.job
2013-06-14 08:13 - 2013-06-14 15:37 - 00000000 ____D C:\Users\lisa\AppData\Roaming\AVG2013
2013-06-14 08:08 - 2013-06-14 08:08 - 00000941 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2013-06-14 08:07 - 2013-06-14 08:08 - 00000000 ____D C:\ProgramData\AVG2013
2013-06-14 08:07 - 2013-06-14 08:07 - 00000000 ___HD C:\$AVG
2013-06-14 08:06 - 2013-06-14 08:06 - 00000000 ____D C:\Program Files (x86)\AVG
2013-06-14 07:54 - 2013-07-02 15:49 - 00000000 ____D C:\ProgramData\MFAData
2013-06-14 07:54 - 2013-06-17 16:40 - 00000000 ____D C:\Users\lisa\AppData\Local\Avg2013
2013-06-14 07:54 - 2013-06-14 07:54 - 00000000 ____D C:\Users\lisa\AppData\Local\MFAData
2013-06-12 16:38 - 2013-07-01 20:24 - 00012666 ____A C:\Users\lisa\Documents\Staatliches Hochbauamt Traunstein 4. AZ 11.06.2013 Seite 2.xlsx
2013-06-12 15:38 - 2013-07-01 20:24 - 00013299 ____A C:\Users\lisa\Documents\Stattliches Hochbauamt  4.AZ  11.06.2013.xlsx
2013-06-12 10:22 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 10:22 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 10:22 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 10:22 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 10:22 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 10:22 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 10:22 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 10:22 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 10:22 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 10:22 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 10:22 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 10:22 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 10:22 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 10:21 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 10:21 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 10:21 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 10:21 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 10:21 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 10:21 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 10:21 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 10:20 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 10:20 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 10:20 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 10:20 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 10:20 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 10:20 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 10:20 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 10:20 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 10:19 - 2013-06-12 10:19 - 00127984 ____A C:\Users\lisa\Downloads\windowsupdate.diagcab
2013-06-12 09:39 - 2011-07-08 13:37 - 00014119 ____A C:\Windows\SysWOW64\RaCoInst.dat
2013-06-12 09:39 - 2011-07-08 13:37 - 00014119 ____A C:\Windows\System32\RaCoInst.dat
2013-06-12 08:37 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 08:37 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 08:37 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 08:37 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 08:37 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 08:36 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 08:36 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 08:36 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 08:36 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 08:36 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 08:36 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 08:36 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 08:36 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 08:36 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 08:36 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 08:36 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 08:36 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 08:36 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 08:36 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-10 18:37 - 2013-06-10 19:05 - 00012437 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 3.xlsx
2013-06-10 17:16 - 2013-06-10 19:04 - 00012641 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 2.xlsx
2013-06-10 17:10 - 2013-06-10 17:10 - 00014227 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 1.xlsx
2013-06-10 16:18 - 2013-06-10 19:30 - 00013431 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Angebot18.02.2013 pdf 1.xlsx
2013-06-10 12:59 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files\iTunes
2013-06-10 12:59 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-10 12:59 - 2013-06-14 14:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-10 12:59 - 2013-06-10 12:59 - 00001743 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-10 12:59 - 2013-06-10 12:59 - 00000000 ____D C:\Program Files\iPod
2013-06-10 10:07 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files (x86)\Video Download Converter
2013-06-10 10:06 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files (x86)\VideoDownloadConverter_4z
2013-06-05 16:08 - 2013-06-05 16:08 - 00006124 ____A C:\Users\lisa\Documents\bookmark.htm
2013-06-05 13:53 - 2013-06-05 13:53 - 00001979 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-06-04 15:29 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files (x86)\YTD Toolbar
2013-06-04 15:29 - 2013-07-02 18:36 - 00000000 ____D C:\Program Files (x86)\Application Updater
2013-06-03 18:49 - 2013-06-03 18:49 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-06-03 18:49 - 2013-06-03 18:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-06-03 18:47 - 2009-09-04 17:44 - 00517960 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_5.dll
2013-06-03 18:47 - 2009-09-04 17:44 - 00238936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2013-06-03 18:47 - 2009-09-04 17:44 - 00176968 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_5.dll
2013-06-03 18:47 - 2009-09-04 17:44 - 00073544 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_3.dll
2013-06-03 18:47 - 2009-09-04 17:29 - 05554512 ____A (Microsoft Corporation) C:\Windows\System32\d3dcsx_42.dll
2013-06-03 18:47 - 2009-09-04 17:29 - 05501792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2013-06-03 18:47 - 2009-09-04 17:29 - 02582888 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_42.dll
2013-06-03 18:47 - 2009-09-04 17:29 - 02475352 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_42.dll
2013-06-03 18:47 - 2009-09-04 17:29 - 00285024 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_42.dll
2013-06-03 18:47 - 2009-09-04 17:29 - 00235344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2013-06-03 18:47 - 2009-03-16 14:18 - 00521560 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_4.dll
2013-06-03 18:47 - 2009-03-16 14:18 - 00174936 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_4.dll
2013-06-03 18:47 - 2009-03-16 14:18 - 00024920 ____A (Microsoft Corporation) C:\Windows\System32\X3DAudio1_6.dll
2013-06-03 18:47 - 2009-03-09 15:27 - 05425496 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_41.dll
2013-06-03 18:47 - 2009-03-09 15:27 - 02430312 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_41.dll
2013-06-03 18:47 - 2009-03-09 15:27 - 00520544 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_41.dll
2013-06-03 18:47 - 2008-10-15 06:22 - 02605920 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_40.dll
2013-06-03 18:47 - 2008-10-15 06:22 - 00519000 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_40.dll
2013-06-03 18:46 - 2008-10-15 06:22 - 05631312 ____A (Microsoft Corporation) C:\Windows\System32\D3DX9_40.dll
2013-06-03 18:46 - 2008-07-31 10:41 - 00238088 ____A (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2013-06-03 18:46 - 2008-07-31 10:41 - 00177672 ____A (Microsoft Corporation) C:\Windows\System32\xactengine3_2.dll
2013-06-03 18:46 - 2008-07-31 10:41 - 00072200 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_1.dll
2013-06-03 18:46 - 2008-07-31 10:41 - 00068616 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-06-03 18:46 - 2008-07-31 10:40 - 00513544 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_2.dll
2013-06-03 18:46 - 2008-07-31 10:40 - 00509448 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2013-06-03 17:05 - 2013-06-03 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-03 17:05 - 2013-06-03 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-02 21:53 - 2013-02-17 01:40 - 00028672 ____A (Microsoft Corporation) C:\Windows\System32\IEUDINIT.EXE
2013-06-02 21:47 - 2013-06-02 21:47 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-02 21:47 - 2013-06-02 21:47 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-02 21:47 - 2013-06-02 21:47 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-02 21:47 - 2013-06-02 21:47 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-02 21:47 - 2013-06-02 21:47 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-02 21:47 - 2013-06-02 21:47 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-02 21:47 - 2013-06-02 21:47 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-02 21:47 - 2013-06-02 21:47 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-02 21:47 - 2013-06-02 21:47 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-02 21:47 - 2013-06-02 21:47 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-02 20:20 - 2013-07-02 18:37 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-06-02 20:19 - 2013-07-02 18:37 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Delta
2013-06-02 20:19 - 2013-07-02 18:37 - 00000000 ____D C:\Users\lisa\AppData\Roaming\BabSolution
2013-06-02 20:19 - 2013-07-02 18:36 - 00000000 ____D C:\Program Files (x86)\Delta
2013-06-02 20:14 - 2013-06-02 20:14 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Mipony Download Manager Packages
2013-06-02 20:12 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files (x86)\YTKaraoke
2013-06-02 20:12 - 2013-07-02 18:37 - 00000000 ____D C:\Program Files (x86)\PricePeep
2013-06-02 20:12 - 2013-06-15 18:17 - 00000000 ____D C:\Program Files (x86)\MiPony
2013-06-02 20:12 - 2013-06-15 10:53 - 00000282 ____A C:\Windows\Tasks\DSite.job
2013-06-02 20:12 - 2013-06-02 21:53 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-02 16:41 - 2013-07-02 18:38 - 00000000 ____D C:\Windows\SysWOW64\WNLT
2013-06-02 16:41 - 2013-06-02 16:41 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2013-06-02 16:41 - 2013-06-02 16:41 - 00000000 ____D C:\Windows\SysWOW64\ARFC
2013-06-02 16:41 - 2013-05-21 15:31 - 01447728 ____A C:\Windows\System32\dmwu.exe
2013-06-02 16:41 - 2013-05-21 15:30 - 00033792 ____A (IncrediMail, Ltd.) C:\Windows\System32\ImHttpComm.dll

==================== One Month Modified Files and Folders =======

2013-07-02 18:38 - 2013-06-16 20:09 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Systweak
2013-07-02 18:38 - 2013-06-02 16:41 - 00000000 ____D C:\Windows\SysWOW64\WNLT
2013-07-02 18:38 - 2012-04-08 00:18 - 00000000 ____D C:\Windows\Neon Skin Pack
2013-07-02 18:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-02 18:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-07-02 18:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-02 18:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2013-07-02 18:37 - 2013-06-30 17:41 - 00000000 ___AD C:\Program Files (x86)\FromDocToPDF_65EI
2013-07-02 18:37 - 2013-06-17 11:38 - 00000000 ____D C:\Program Files\CCleaner
2013-07-02 18:37 - 2013-06-16 21:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-02 18:37 - 2013-06-16 19:55 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-07-02 18:37 - 2013-06-10 12:59 - 00000000 ____D C:\Program Files\iTunes
2013-07-02 18:37 - 2013-06-10 12:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-02 18:37 - 2013-06-10 10:07 - 00000000 ____D C:\Program Files (x86)\Video Download Converter
2013-07-02 18:37 - 2013-06-10 10:06 - 00000000 ____D C:\Program Files (x86)\VideoDownloadConverter_4z
2013-07-02 18:37 - 2013-06-04 15:29 - 00000000 ____D C:\Program Files (x86)\YTD Toolbar
2013-07-02 18:37 - 2013-06-02 20:20 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-07-02 18:37 - 2013-06-02 20:19 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Delta
2013-07-02 18:37 - 2013-06-02 20:19 - 00000000 ____D C:\Users\lisa\AppData\Roaming\BabSolution
2013-07-02 18:37 - 2013-06-02 20:12 - 00000000 ____D C:\Program Files (x86)\YTKaraoke
2013-07-02 18:37 - 2013-06-02 20:12 - 00000000 ____D C:\Program Files (x86)\PricePeep
2013-07-02 18:37 - 2013-05-31 13:39 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-07-02 18:37 - 2013-03-14 16:18 - 00000000 ____D C:\Program Files (x86)\Wajam
2013-07-02 18:37 - 2013-01-21 22:01 - 00000000 ____D C:\Program Files (x86)\TornTV.com
2013-07-02 18:37 - 2013-01-21 21:14 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Claro LTD
2013-07-02 18:37 - 2013-01-06 18:02 - 00000000 ____D C:\Program Files (x86)\www.Freeware-download.com
2013-07-02 18:37 - 2013-01-05 16:52 - 00000000 ____D C:\Program Files (x86)\Steuersparer 2013
2013-07-02 18:37 - 2013-01-04 12:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 18:37 - 2013-01-02 12:24 - 00000000 ____D C:\Program Files\Babylon
2013-07-02 18:37 - 2012-12-27 16:01 - 00000000 ____D C:\Program Files (x86)\Recovery Toolbox for Excel
2013-07-02 18:37 - 2012-11-25 21:24 - 00000000 ____D C:\Users\lisa\AppData\Local\iLivid
2013-07-02 18:37 - 2012-11-25 21:24 - 00000000 ____D C:\Program Files (x86)\Search Results Toolbar
2013-07-02 18:37 - 2012-11-15 21:28 - 00000000 ____D C:\Users\lisa\AppData\Local\Ashampoo_DE
2013-07-02 18:37 - 2012-11-15 21:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2013-07-02 18:37 - 2012-09-09 19:37 - 00000000 ____D C:\ProgramData\SweetIM
2013-07-02 18:37 - 2012-09-09 19:37 - 00000000 ____D C:\Program Files (x86)\SweetIM
2013-07-02 18:37 - 2012-08-05 13:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 18:37 - 2012-07-24 19:56 - 00000000 ____D C:\Program Files (x86)\Portrait Professional 10 Test
2013-07-02 18:37 - 2012-07-24 18:54 - 00000000 ____D C:\Program Files (x86)\PriceGong
2013-07-02 18:37 - 2012-07-24 18:34 - 00000000 ____D C:\Users\lisa\AppData\Roaming\BrowserCompanion
2013-07-02 18:37 - 2012-07-24 18:25 - 00000000 ____D C:\Program Files (x86)\PhotoScape
2013-07-02 18:37 - 2012-07-24 18:22 - 00000000 ____D C:\Program Files (x86)\FLV_Runner
2013-07-02 18:37 - 2012-07-17 10:53 - 00000000 ____D C:\Program Files (x86)\iThmb Converter
2013-07-02 18:37 - 2012-07-17 10:30 - 00000000 ____D C:\Program Files (x86)\WiseConvert
2013-07-02 18:37 - 2012-05-30 09:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2013-07-02 18:37 - 2012-05-21 14:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-02 18:37 - 2012-05-13 13:04 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-02 18:37 - 2012-04-15 18:36 - 00000000 ____D C:\Program Files (x86)\VideoPerformer
2013-07-02 18:37 - 2012-04-15 18:34 - 00000000 ____D C:\Program Files (x86)\Searchcore Toolbar
2013-07-02 18:37 - 2012-04-15 18:32 - 00000000 ____D C:\Program Files (x86)\SpecialSavings
2013-07-02 18:37 - 2012-04-08 00:15 - 00000000 ____D C:\Program Files (x86)\Tango Skin Pack
2013-07-02 18:37 - 2012-04-08 00:10 - 00000000 ____D C:\Users\lisa\AppData\Local\TempDIR
2013-07-02 18:37 - 2012-04-07 21:16 - 00000000 ____D C:\Users\lisa\AppData\Local\Conduit
2013-07-02 18:37 - 2012-04-07 20:51 - 00000000 ____D C:\Program Files (x86)\YouTube Song Downloader
2013-07-02 18:37 - 2012-04-07 20:51 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2013-07-02 18:37 - 2012-04-07 10:52 - 00000000 ____D C:\Program Files (x86)\~BabylonToolbar
2013-07-02 18:37 - 2012-04-07 10:51 - 00000000 ____D C:\ProgramData\Babylon
2013-07-02 18:37 - 2012-04-03 17:43 - 00000000 ____D C:\Program Files (x86)\Software4u
2013-07-02 18:37 - 2012-04-02 22:50 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-07-02 18:37 - 2012-04-02 22:50 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-07-02 18:37 - 2011-12-25 12:20 - 00000000 ____D C:\Program Files (x86)\IrfanView
2013-07-02 18:37 - 2011-12-24 19:57 - 00000000 ____D C:\Program Files\Paint.NET
2013-07-02 18:37 - 2011-12-03 22:38 - 00000000 ____D C:\Program Files\Bonjour
2013-07-02 18:37 - 2011-10-05 19:49 - 00000000 ____D C:\Program Files (x86)\YouTube Downloader
2013-07-02 18:37 - 2011-09-08 21:52 - 00000000 ____D C:\Program Files (x86)\Safari
2013-07-02 18:37 - 2011-08-17 13:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2013-07-02 18:37 - 2011-08-13 10:28 - 00000000 ____D C:\ProgramData\DatacardService
2013-07-02 18:37 - 2011-07-10 18:20 - 00000000 ____D C:\Program Files (x86)\HP SimplePass 2011
2013-07-02 18:37 - 2011-07-10 18:19 - 00000000 ____D C:\Program Files\Common Files\AuthenTec
2013-07-02 18:37 - 2011-05-07 16:21 - 00000000 ____D C:\Program Files (x86)\HP Games
2013-07-02 18:36 - 2013-07-02 08:01 - 00000000 ____D C:\users\TEMP.lisa-lisa.000
2013-07-02 18:36 - 2013-07-01 08:52 - 00000000 ____D C:\users\TEMP.lisa-lisa.001
2013-07-02 18:36 - 2013-06-30 19:49 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-02 18:36 - 2013-06-30 17:41 - 00000000 ____D C:\JRT
2013-07-02 18:36 - 2013-06-04 15:29 - 00000000 ____D C:\Program Files (x86)\Application Updater
2013-07-02 18:36 - 2013-06-02 20:19 - 00000000 ____D C:\Program Files (x86)\Delta
2013-07-02 18:36 - 2013-01-21 21:14 - 00000000 ____D C:\Program Files (x86)\Claro LTD
2013-07-02 18:36 - 2013-01-21 21:12 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-07-02 18:36 - 2013-01-14 16:04 - 00000000 ____D C:\Program Files (x86)\AAVUpdateManager
2013-07-02 18:36 - 2013-01-06 18:03 - 00000000 ____D C:\KronosFaktura
2013-07-02 18:36 - 2013-01-02 12:24 - 00000000 ____D C:\Program Files (x86)\BabylonToolbar
2013-07-02 18:36 - 2013-01-02 12:24 - 00000000 ____D C:\Program Files (x86)\Babylon
2013-07-02 18:36 - 2012-10-11 20:50 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-07-02 18:36 - 2012-09-09 19:38 - 00000000 ____D C:\Program Files (x86)\FilesFrog Update Checker
2013-07-02 18:36 - 2012-07-13 14:54 - 00000000 ____D C:\Program Files (x86)\Dream Aquarium
2013-07-02 18:36 - 2012-05-27 14:07 - 00000000 ____D C:\Program Files (x86)\3RVX
2013-07-02 18:36 - 2012-05-27 14:05 - 00000000 ____D C:\Program Files (x86)\Desktop Media
2013-07-02 18:36 - 2012-05-21 11:52 - 00000000 ____D C:\Program Files (x86)\CD-LabelPrint
2013-07-02 18:36 - 2012-04-15 18:36 - 00000000 ____D C:\Program Files (x86)\AC3File
2013-07-02 18:36 - 2012-04-07 21:16 - 00000000 ____D C:\Program Files (x86)\Conduit
2013-07-02 18:36 - 2012-04-07 21:16 - 00000000 ____D C:\Program Files (x86)\Ashampoo_DE
2013-07-02 18:36 - 2011-12-03 22:38 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-07-02 18:36 - 2011-08-20 11:10 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-07-02 18:36 - 2011-08-17 16:12 - 00000000 ____D C:\Program Files (x86)\Ask.com
2013-07-02 18:36 - 2011-08-17 15:09 - 00000000 ____D C:\Program Files (x86)\AskTBar
2013-07-02 18:36 - 2011-05-07 16:37 - 00000000 ____D C:\Program Files (x86)\EasyBits For Kids
2013-07-02 18:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-07-02 16:34 - 2012-04-08 12:26 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-02 16:32 - 2011-09-30 21:55 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2416322015-1569237049-636745652-1002UA.job
2013-07-02 16:09 - 2011-12-25 11:53 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-02 15:50 - 2009-07-14 06:45 - 00031856 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 15:50 - 2009-07-14 06:45 - 00031856 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 15:49 - 2013-06-14 07:54 - 00000000 ____D C:\ProgramData\MFAData
2013-07-02 15:46 - 2013-06-26 22:36 - 00001426 ____A C:\Users\lisa\Desktop\Registry kostenlos entrümpeln!.lnk
2013-07-02 15:44 - 2013-01-07 20:02 - 00000000 ____D C:\Users\lisa\AppData\Local\Htc
2013-07-02 15:44 - 2011-08-11 13:17 - 00000376 ____A C:\Users\lisa\AppData\Roamingprivacy.xml
2013-07-02 15:41 - 2013-07-02 15:41 - 00000000 ____D C:\Users\lisa\AppData\Local\Babylon
2013-07-02 15:41 - 2011-12-25 11:53 - 00001102 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-02 15:40 - 2013-07-02 08:50 - 00000000 ____D C:\users\TEMP.lisa-lisa.002
2013-07-02 15:39 - 2012-04-07 10:51 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Babylon
2013-07-02 15:37 - 2013-07-02 15:37 - 00001548 ____A C:\Windows\PFRO.log
2013-07-02 15:37 - 2013-07-02 08:50 - 00000168 ____A C:\Windows\setupact.log
2013-07-02 15:37 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-02 15:23 - 2013-07-02 15:23 - 00000320 ____A C:\Users\lisa\Desktop\SecurityCheck - Verknüpfung.lnk
2013-07-02 11:36 - 2013-07-02 10:25 - 00001081 ____A C:\Users\lisa\Desktop\Continue Download Helper Installation.lnk
2013-07-02 11:25 - 2009-07-14 07:08 - 00032640 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-02 10:57 - 2013-07-02 10:57 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-07-02 10:42 - 2013-07-02 10:42 - 00000812 ____A C:\Users\lisa\Desktop\Fixlist.txt
2013-07-02 09:35 - 2013-06-17 18:53 - 00255877 ____A C:\Windows\WindowsUpdate.log
2013-07-02 08:59 - 2013-07-02 08:57 - 00000000 ____A C:\END
2013-07-02 08:50 - 2013-07-02 08:50 - 00000000 ____A C:\Windows\setuperr.log
2013-07-02 08:50 - 2011-08-09 19:28 - 00000000 ____D C:\users\lisa
2013-07-02 08:03 - 2013-07-02 08:03 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Roaming\Bitdefender
2013-07-02 08:02 - 2013-07-02 08:02 - 00000000 ____D C:\Users\TEMP.lisa-lisa.000\AppData\Local\VirtualStore
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Vorlagen
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Startmenü
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Netzwerkumgebung
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Lokale Einstellungen
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Eigene Dateien
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Druckumgebung
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Documents\Eigene Musik
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Documents\Eigene Bilder
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\AppData\Local\Verlauf
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\AppData\Local\Anwendungsdaten
2013-07-02 08:01 - 2013-07-02 08:01 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.000\Anwendungsdaten
2013-07-01 21:54 - 2013-07-01 21:50 - 00001458 ____A C:\AdwCleaner[S8].txt
2013-07-01 21:23 - 2013-06-17 09:13 - 00000000 ____D C:\users\TEMP.lisa-lisa
2013-07-01 21:20 - 2013-07-01 21:20 - 00001437 ____A C:\AdwCleaner[S7].txt
2013-07-01 21:19 - 2013-07-01 21:19 - 00001374 ____A C:\AdwCleaner[R1].txt
2013-07-01 21:16 - 2013-07-01 21:16 - 00022109 ____A C:\Users\lisa\Desktop\JRT.txt
2013-07-01 21:13 - 2013-07-01 21:13 - 00000000 ____D C:\Windows\ERUNT
2013-07-01 21:08 - 2013-07-01 21:08 - 00065157 ____A C:\AdwCleaner[S6].txt
2013-07-01 20:24 - 2013-06-12 16:38 - 00012666 ____A C:\Users\lisa\Documents\Staatliches Hochbauamt Traunstein 4. AZ 11.06.2013 Seite 2.xlsx
2013-07-01 20:24 - 2013-06-12 15:38 - 00013299 ____A C:\Users\lisa\Documents\Stattliches Hochbauamt  4.AZ  11.06.2013.xlsx
2013-07-01 20:11 - 2013-07-01 20:09 - 00000731 ____A C:\AdwCleaner[S5].txt
2013-07-01 19:25 - 2013-07-01 19:12 - 00006669 ____A C:\AdwCleaner[S4].txt
2013-07-01 18:49 - 2013-07-01 18:44 - 00000349 ____A C:\AdwCleaner[S3].txt
2013-07-01 18:49 - 2013-07-01 18:44 - 00000349 ____A C:\AdwCleaner[S2].txt
2013-07-01 18:39 - 2013-07-01 18:33 - 00000524 ____A C:\AdwCleaner[S1].txt
2013-07-01 16:29 - 2013-07-01 16:29 - 00084447 ____A C:\Users\lisa\Desktop\FRST.txt
2013-07-01 16:29 - 2013-07-01 16:29 - 00040844 ____A C:\Users\lisa\Desktop\Addition.txt
2013-07-01 16:27 - 2013-07-01 16:27 - 00084447 ____A C:\Users\lisa\Documents\FRST.txt
2013-07-01 16:27 - 2013-07-01 16:27 - 00040844 ____A C:\Users\lisa\Documents\Addition.txt
2013-07-01 14:49 - 2011-08-13 11:38 - 00000000 ____D C:\Users\lisa\AppData\Local\CrashDumps
2013-07-01 14:38 - 2013-07-01 14:38 - 00000000 ____D C:\FRST
2013-07-01 10:46 - 2013-07-01 10:46 - 00297313 ____A C:\Users\lisa\Documents\Malwarebytes Anti-Malware 1.pptx
2013-07-01 08:54 - 2013-07-01 08:54 - 00000000 ____D C:\Users\TEMP.lisa-lisa.001\AppData\Roaming\Bitdefender
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Vorlagen
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Startmenü
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Netzwerkumgebung
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Lokale Einstellungen
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Eigene Dateien
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Druckumgebung
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Documents\Eigene Musik
2013-07-01 08:52 - 2013-07-01 08:52 - 00000000 __SHD C:\Users\TEMP.lisa-lisa.001\Documents\Eigene Bilder
2013-06-30 19:44 - 2013-06-30 19:38 - 00029898 ____A C:\Users\lisa\Documents\cc_20130630_190551.reg
2013-06-30 19:35 - 2013-06-30 19:32 - 28181408 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE (2).exe
2013-06-30 19:04 - 2013-06-30 18:58 - 00005852 ____A C:\Users\lisa\Documents\cc_20130630_185817.reg
2013-06-30 18:09 - 2011-11-30 01:16 - 00000000 ____D C:\Program Files (x86)\StarMoney Business 5.0
2013-06-30 17:54 - 2013-04-24 23:45 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2416322015-1569237049-636745652-1002UA.job
2013-06-30 16:18 - 2013-06-30 16:18 - 00000000 ____D C:\ProgramData\bdch
2013-06-19 15:47 - 2013-06-17 05:22 - 00000274 ____A C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-06-19 14:38 - 2011-09-30 21:55 - 00001064 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2416322015-1569237049-636745652-1002Core.job
2013-06-18 14:40 - 2013-06-18 14:40 - 00602112 ____A (OldTimer Tools) C:\Users\lisa\Downloads\OTL.exe
2013-06-18 09:47 - 2013-06-17 20:56 - 00000181 ____A C:\Users\lisa\Desktop\avgrep.txt
2013-06-17 22:17 - 2013-06-14 14:45 - 00000328 ____A C:\Windows\Tasks\HPCeeScheduleForlisa.job
2013-06-17 21:24 - 2013-06-17 21:23 - 28211040 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE.exe
2013-06-17 21:22 - 2013-06-15 21:53 - 00002243 ____A C:\Windows\epplauncher.mif
2013-06-17 18:42 - 2013-06-17 18:42 - 00000176 ____A C:\Users\lisa\Documents\cc_20130617_184239.reg
2013-06-17 16:42 - 2013-06-17 16:40 - 00000429 ____A C:\Windows\System32\avgrep.txt
2013-06-17 16:40 - 2013-06-14 07:54 - 00000000 ____D C:\Users\lisa\AppData\Local\Avg2013
2013-06-17 14:53 - 2013-06-16 10:00 - 00000000 ____D C:\Windows\pss
2013-06-17 13:24 - 2013-06-17 13:23 - 00130010 ____A C:\Users\lisa\Documents\cc_20130617_132325.reg
2013-06-17 13:18 - 2012-09-09 19:38 - 00000000 ____D C:\Users\lisa\Tracing
2013-06-17 12:40 - 2007-01-02 03:25 - 00000000 ____D C:\Windows\Panther
2013-06-17 11:50 - 2013-06-17 11:50 - 00000822 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-17 11:45 - 2013-06-17 11:44 - 00000634 ____A C:\Users\lisa\Desktop\ccsetup402 - Verknüpfung.lnk
2013-06-17 09:14 - 2013-06-17 05:22 - 00000282 ____A C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-06-16 23:50 - 2013-04-24 23:45 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2416322015-1569237049-636745652-1002Core.job
2013-06-16 21:28 - 2013-06-16 21:28 - 00001069 ____A C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-06-16 20:54 - 2013-06-16 20:49 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\lisa\Downloads\mbam-setup-1.75.0.1300 (1).exe
2013-06-16 20:50 - 2013-06-16 20:43 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\lisa\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-16 17:40 - 2011-08-13 11:08 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2013-06-16 17:28 - 2011-05-07 16:19 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2013-06-16 17:22 - 2011-02-10 21:23 - 00000000 ____D C:\SWSetup
2013-06-16 16:05 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-16 15:52 - 2011-10-05 20:41 - 00000119 ____A C:\Users\lisa\AppData\Roaming\default.rss
2013-06-16 15:28 - 2011-05-08 01:56 - 05711570 ____A C:\Windows\System32\perfh007.dat
2013-06-16 15:28 - 2011-05-08 01:56 - 01753850 ____A C:\Windows\System32\perfc007.dat
2013-06-16 15:28 - 2009-07-14 07:13 - 00006256 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-16 13:15 - 2011-08-09 19:28 - 00000000 ____D C:\Users\lisa\AppData\Local\VirtualStore
2013-06-16 12:56 - 2013-06-16 12:54 - 03758488 ____A (Systweak Inc                                                ) C:\Users\lisa\Downloads\rcpsetup_3335_ggde.exe
2013-06-15 22:40 - 2013-06-15 22:39 - 00393048 ____A (Softonic                                        ) C:\Users\lisa\Downloads\SoftonicDownloader_fuer_hijackthis.exe
2013-06-15 22:18 - 2013-06-15 22:03 - 22562672 ____A C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE (1).exe
2013-06-15 22:07 - 2013-01-21 21:15 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-15 21:38 - 2013-06-15 21:00 - 13503464 ____A (Microsoft Corporation) C:\Users\lisa\Downloads\mseinstall.exe
2013-06-15 21:36 - 2013-06-15 21:16 - 28181408 ____A (TuneUp Software) C:\Users\lisa\Downloads\TuneUpUtilities2013_de-DE(2).exe
2013-06-15 19:19 - 2013-06-15 19:15 - 00000000 ____D C:\Program Files (x86)\GUM8868.tmp
2013-06-15 19:15 - 2013-06-15 19:15 - 04167680 ____A C:\Program Files (x86)\GUT8869.tmp
2013-06-15 19:06 - 2013-06-15 19:02 - 00781800 ____A (Google Inc.) C:\Users\lisa\Downloads\ChromeSetup.exe
2013-06-15 18:17 - 2013-06-02 20:12 - 00000000 ____D C:\Program Files (x86)\MiPony
2013-06-15 11:36 - 2012-02-08 09:27 - 00000000 ____D C:\ProgramData\BDLogging
2013-06-15 10:53 - 2013-06-02 20:12 - 00000282 ____A C:\Windows\Tasks\DSite.job
2013-06-14 16:28 - 2011-03-01 17:45 - 00093160 ____A (BitDefender LLC) C:\Windows\System32\Drivers\bdfndisf6.sys
2013-06-14 16:27 - 2012-03-01 20:22 - 00587024 ____A (BitDefender) C:\Windows\System32\Drivers\avckf.sys
2013-06-14 16:27 - 2012-02-07 14:51 - 00705552 ____A (BitDefender) C:\Windows\System32\Drivers\avc3.sys
2013-06-14 16:26 - 2011-07-15 16:12 - 00261056 ____A (BitDefender) C:\Windows\System32\Drivers\avchv.sys
2013-06-14 15:37 - 2013-06-14 08:13 - 00000000 ____D C:\Users\lisa\AppData\Roaming\AVG2013
2013-06-14 15:37 - 2012-11-14 11:46 - 00000000 ____D C:\Program Files (x86)\DC Software
2013-06-14 15:37 - 2011-08-09 19:31 - 00000000 ____D C:\Users\lisa\AppData\Local\Hewlett-Packard_Company
2013-06-14 15:37 - 2011-08-09 19:31 - 00000000 ____D C:\Users\lisa\AppData\Local\Hewlett-Packard
2013-06-14 15:37 - 2011-05-07 16:30 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2013-06-14 15:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 15:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-14 15:37 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-14 15:36 - 2012-02-24 16:54 - 00000000 ____D C:\Windows\System32\Macromed
2013-06-14 15:36 - 2011-05-07 16:20 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2013-06-14 15:36 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\System32\WinBioPlugIns
2013-06-14 15:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Speech
2013-06-14 14:41 - 2011-09-18 20:01 - 00001327 ____A C:\Windows\SysWOW64\logFile.xml
2013-06-14 14:32 - 2011-08-09 19:42 - 00000000 ____D C:\Users\lisa\AppData\Roaming\hpqlog
2013-06-14 14:00 - 2013-06-10 12:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-14 14:00 - 2011-08-17 13:22 - 00000000 ____D C:\Users\lisa\AppData\Local\Microsoft Help
2013-06-14 14:00 - 2011-07-10 18:08 - 00000000 ____D C:\Program Files\Validity Sensors
2013-06-14 13:59 - 2012-05-27 14:17 - 00000000 ____D C:\Users\lisa\AppData\Roaming\ArcSoft
2013-06-14 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2013-06-14 08:08 - 2013-06-14 08:08 - 00000941 ____A C:\Users\Public\Desktop\AVG 2013.lnk
2013-06-14 08:08 - 2013-06-14 08:07 - 00000000 ____D C:\ProgramData\AVG2013
2013-06-14 08:08 - 2013-01-21 21:15 - 00000000 ____D C:\Users\lisa\AppData\Roaming\TuneUp Software
2013-06-14 08:07 - 2013-06-14 08:07 - 00000000 ___HD C:\$AVG
2013-06-14 08:06 - 2013-06-14 08:06 - 00000000 ____D C:\Program Files (x86)\AVG
2013-06-14 07:54 - 2013-06-14 07:54 - 00000000 ____D C:\Users\lisa\AppData\Local\MFAData
2013-06-13 10:35 - 2013-03-05 12:30 - 00013729 ____A C:\Users\lisa\Documents\Staatl. Hochbauamt Aufmaß 01 18.02.2013.xlsx
2013-06-12 18:37 - 2012-04-08 12:26 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 18:37 - 2011-08-18 08:20 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 12:01 - 2013-02-27 19:46 - 00011549 ____A C:\Users\lisa\Documents\Regiebericht Staatliches Hochbauamt 18.02.2013  R3.xlsx
2013-06-12 10:37 - 2011-11-04 15:06 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-06-12 10:22 - 2011-08-21 09:41 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 10:19 - 2013-06-12 10:19 - 00127984 ____A C:\Users\lisa\Downloads\windowsupdate.diagcab
2013-06-12 09:39 - 2011-07-10 18:09 - 00008045 ____A C:\Windows\System32\RaCoInst.log
2013-06-10 19:30 - 2013-06-10 16:18 - 00013431 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Angebot18.02.2013 pdf 1.xlsx
2013-06-10 19:05 - 2013-06-10 18:37 - 00012437 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 3.xlsx
2013-06-10 19:04 - 2013-06-10 17:16 - 00012641 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 2.xlsx
2013-06-10 17:10 - 2013-06-10 17:10 - 00014227 ____A C:\Users\lisa\Documents\Grieche Lilly Ellenberger Schlussrechnung 01.06..2013 pdf 1.xlsx
2013-06-10 12:59 - 2013-06-10 12:59 - 00001743 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-10 12:59 - 2013-06-10 12:59 - 00000000 ____D C:\Program Files\iPod
2013-06-08 16:08 - 2013-06-12 10:20 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:06 - 2013-06-12 10:20 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-12 10:20 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 13:42 - 2013-06-12 10:20 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-12 10:20 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-12 10:20 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-12 10:20 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-12 10:20 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-12 10:21 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-06 08:32 - 2012-12-05 09:29 - 00000344 ____A C:\Windows\Tasks\HPCeeScheduleForLISA-LISA$.job
2013-06-05 16:08 - 2013-06-05 16:08 - 00006124 ____A C:\Users\lisa\Documents\bookmark.htm
2013-06-05 13:54 - 2011-08-18 08:54 - 00000000 ____D C:\Users\lisa\AppData\Local\Adobe
2013-06-05 13:53 - 2013-06-05 13:53 - 00001979 ____A C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-06-05 13:53 - 2011-05-07 16:36 - 00000000 ____D C:\ProgramData\Adobe
2013-06-05 13:53 - 2011-05-07 16:36 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-03 18:49 - 2013-06-03 18:49 - 00000000 ____D C:\Windows\SysWOW64\xlive
2013-06-03 18:49 - 2013-06-03 18:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2013-06-03 17:05 - 2013-06-03 17:05 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-06-03 17:05 - 2013-06-03 17:05 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-06-02 22:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-02 21:53 - 2013-06-02 20:12 - 00000000 ____D C:\Program Files (x86)\LyricsFinder
2013-06-02 21:47 - 2013-06-02 21:47 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-02 21:47 - 2013-06-02 21:47 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-06-02 21:47 - 2013-06-02 21:47 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-06-02 21:47 - 2013-06-02 21:47 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-06-02 21:47 - 2013-06-02 21:47 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-06-02 21:47 - 2013-06-02 21:47 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-02 21:47 - 2013-06-02 21:47 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-06-02 21:47 - 2013-06-02 21:47 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-06-02 21:47 - 2013-06-02 21:47 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-06-02 21:47 - 2013-06-02 21:47 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-06-02 21:47 - 2013-06-02 21:47 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-06-02 20:15 - 2011-12-25 12:40 - 00000000 ____D C:\Users\lisa\AppData\Local\Downloaded Installations
2013-06-02 20:14 - 2013-06-02 20:14 - 00000000 ____D C:\Users\lisa\AppData\Roaming\Mipony Download Manager Packages
2013-06-02 16:41 - 2013-06-02 16:41 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2013-06-02 16:41 - 2013-06-02 16:41 - 00000000 ____D C:\Windows\SysWOW64\ARFC

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-01 16:53

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 02.07.2013, 16:26

Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Program Files (x86)\YTKaraoke
C:\ProgramData\Tarma Installer
C:\Users\All Users\Tarma Installer
C:\Users\lisa\Downloads\setup.exe
C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnhgbflngpggpmpfdkhmhmfdophhepe\1.112_0\contentscript.js

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Fix Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

AdwCleaner löschen, neu laden, laufen und löschen lassen. Logfile posten.

Downloade dir bitte Rogue Killer von hier.

Speichere das Tool auf deinem Desktop !
Schließe alle laufenden Programme.
Starte die RogueKiller.exe
Warte bis Prescan abgeschlossen erscheint und klicke dann auf Scannen.
Wenn der Scan beendet wurde, klicke auf Bericht und poste diesen hier.
Du findest die Logdatei RKreport[1].txt auch auf deinem Desktop.

lisei · 02.07.2013, 17:09

Hallo Schrauber,
der macht mir keinen Fix!
Bringt mir obwohl ich nach Anleitung alles gemacht habe
diese Meldung: No fixlist.txt found
The fixlist.txt should be made and saved in the same Directory the tool is.
Habe das Fabar Tool auf meinen USB Stick und nicht auf den Laptop gespeichert!
Gruß
Lisa

Hat noch gefehlt! the tool is locatet!!!

Problem gelöst!
Der Hacken war beim Fix Ad...txt nich drin

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-07-2013
Ran by lisa at 2013-07-02 18:33:40 Run:2
Running from C:\Users\lisa\Downloads
Boot Mode: Normal
==============================================

C:\Program Files (x86)\YTKaraoke => Moved successfully.
C:\ProgramData\Tarma Installer => Moved successfully.
C:\Users\All Users\Tarma Installer => File/Directory not found.
C:\Users\lisa\Downloads\setup.exe => Moved successfully.
C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgnhgbflngpggpmpfdkhmhmfdophhepe\1.112_0\contentscript.js => Moved successfully.

==== End of Fixlog ====

Code:

ATTFilter

# AdwCleaner v2.303 - Datei am 02/07/2013 um 18:55:05 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : lisa - LISA-LISA
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\lisa\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : Application Updater
Gefunden : BrowserDefendert
Gefunden : VideoDownloadConverter_4zService
Gefunden : WajamUpdater

***** [Dateien / Ordner] *****

Datei Gefunden : C:\user.js
Datei Gefunden : C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Datei Gefunden : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\bprotector_prefs.js
Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Datei Gefunden : C:\Windows\Tasks\DSite.job
Datei Gefunden : C:\Windows\Tasks\RegClean Pro_DEFAULT.job
Ordner Gefunden : C:\Program Files (x86)\~BabylonToolbar
Ordner Gefunden : C:\Program Files (x86)\Application Updater
Ordner Gefunden : C:\Program Files (x86)\Ashampoo_DE
Ordner Gefunden : C:\Program Files (x86)\Ask.com
Ordner Gefunden : C:\Program Files (x86)\AskTBar
Ordner Gefunden : C:\Program Files (x86)\Babylon
Ordner Gefunden : C:\Program Files (x86)\BabylonToolbar
Ordner Gefunden : C:\Program Files (x86)\Claro LTD
Ordner Gefunden : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden : C:\Program Files (x86)\Common Files\spigot
Ordner Gefunden : C:\Program Files (x86)\Conduit
Ordner Gefunden : C:\Program Files (x86)\DealPly
Ordner Gefunden : C:\Program Files (x86)\Delta
Ordner Gefunden : C:\Program Files (x86)\FilesFrog Update Checker
Ordner Gefunden : C:\Program Files (x86)\FLV_Runner
Ordner Gefunden : C:\Program Files (x86)\PriceGong
Ordner Gefunden : C:\Program Files (x86)\PricePeep
Ordner Gefunden : C:\Program Files (x86)\RegClean Pro
Ordner Gefunden : C:\Program Files (x86)\Search Results Toolbar
Ordner Gefunden : C:\Program Files (x86)\searchcore toolbar
Ordner Gefunden : C:\Program Files (x86)\software4u
Ordner Gefunden : C:\Program Files (x86)\SpecialSavings
Ordner Gefunden : C:\Program Files (x86)\SweetIM
Ordner Gefunden : C:\Program Files (x86)\TornTV.com
Ordner Gefunden : C:\Program Files (x86)\VideoDownloadConverter_4z
Ordner Gefunden : C:\Program Files (x86)\Wajam
Ordner Gefunden : C:\Program Files (x86)\WiseConvert
Ordner Gefunden : C:\Program Files (x86)\www.Freeware-download.com
Ordner Gefunden : C:\Program Files\Babylon
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\ProgramData\BrowserDefender
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Ordner Gefunden : C:\ProgramData\SweetIM
Ordner Gefunden : C:\Users\lisa\AppData\Local\Ashampoo_DE
Ordner Gefunden : C:\Users\lisa\AppData\Local\Babylon
Ordner Gefunden : C:\Users\lisa\AppData\Local\Conduit
Ordner Gefunden : C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Ordner Gefunden : C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Ordner Gefunden : C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Ordner Gefunden : C:\Users\lisa\AppData\Local\Ilivid
Ordner Gefunden : C:\Users\lisa\AppData\Local\TempDir
Ordner Gefunden : C:\Users\lisa\AppData\LocalLow\Ashampoo_DE
Ordner Gefunden : C:\Users\lisa\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\lisa\AppData\LocalLow\FLV_Runner
Ordner Gefunden : C:\Users\lisa\AppData\LocalLow\ilividtoolbarguid
Ordner Gefunden : C:\Users\lisa\AppData\LocalLow\VideoDownloadConverter_4z
Ordner Gefunden : C:\Users\lisa\AppData\LocalLow\WiseConvert
Ordner Gefunden : C:\Users\lisa\AppData\LocalLow\www.Freeware-download.com
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\BabSolution
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\BrowserCompanion
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Claro LTD
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Delta
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\extensions\engine@conduit.com
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\extensions\ffxtlbr@babylon.com
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\extensions\ffxtlbr@claro.com
Ordner Gefunden : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\extensions\ffxtlbr@delta.com
Ordner Gefunden : C:\Windows\Installer\{069B290F-5398-4629-A009-85B4BCB4B1B9}
Ordner Gefunden : C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Ordner Gefunden : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Ordner Gefunden : C:\Windows\SysWOW64\WNLT

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\1ClickDownload
Schlüssel Gefunden : HKCU\Software\APN DTX
Schlüssel Gefunden : HKCU\Software\AppDataLow\AskToolbarInfo
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Ashampoo_DE
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\FLV_Runner
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ilividtoolbarguid
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PricePeep
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SpecialSavings
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\WiseConvert
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\www.Freeware-download.com
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Ashampoo_DE
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\BabSolution
Schlüssel Gefunden : HKCU\Software\Babylon
Schlüssel Gefunden : HKCU\Software\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\Blabbers
Schlüssel Gefunden : HKCU\Software\Claro LTD
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\DealPly
Schlüssel Gefunden : HKCU\Software\Delta
Schlüssel Gefunden : HKCU\Software\delta LTD
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gefunden : HKCU\Software\ilivid
Schlüssel Gefunden : HKCU\Software\ilividtoolbarguid
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\ClaroDirectory
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07CCC0CB-0D67-4570-8109-CF55D360CB42}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7DA17D5A-5718-4130-A605-FC316C827836}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DA17D5A-5718-4130-A605-FC316C827836}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Somoto
Schlüssel Gefunden : HKCU\Software\Wajam
Schlüssel Gefunden : HKCU\Software\WNLT
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKCU\Software\e4dad8b735ec49
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\Software\Application Updater
Schlüssel Gefunden : HKLM\Software\Ashampoo_DE
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\BabylonToolbar
Schlüssel Gefunden : HKLM\Software\BrowserCompanion
Schlüssel Gefunden : HKLM\Software\Claro LTD
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\PricePeep.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\b
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabyDict
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabyGloss
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BabyOptFile
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\claro.claroappCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\claro.claroappCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\claro.clarodskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\claro.clarodskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.claroESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.claroESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\F092B960893592640A90584BCB4B1B9B
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\F092B960893592640A90584BCB4B1B9B
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2325506
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2481020
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3196716
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT3201318
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\Software\DealPly
Schlüssel Gefunden : HKLM\Software\Delta
Schlüssel Gefunden : HKLM\Software\FLV_Runner
Schlüssel Gefunden : HKLM\Software\iLividSRTB
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07CEA379-7178-4758-9C80-969876E32395}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{415EEC38-D86B-4F2B-921D-1ED78A4666C0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71B1DF81-18D9-4E5B-9493-CAB02B6E9D8F}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F6477D09-A529-4EEC-993D-BAAEB71AE111}
Schlüssel Gefunden : HKLM\Software\Search Settings
Schlüssel Gefunden : HKLM\Software\SearchcoreMediabarTb
Schlüssel Gefunden : HKLM\Software\Wajam
Schlüssel Gefunden : HKLM\Software\WiseConvert
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{07CCC0CB-0D67-4570-8109-CF55D360CB42}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\e4dad8b735ec49
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0B76C4F9-B539-4787-988A-F742633BA794}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44693A8A-BA14-4151-BC0A-347F121490E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DB3A8C8-CB1D-43A6-B603-7C1DF06F116E}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86028F74-F127-49E3-A48D-21C3D785872C}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A61DADD6-6525-437B-90B3-8112891A0C5D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF6AC4F2-9825-4FB6-A600-92BC5361F209}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFE2509D-7C6E-4459-B903-7B791DB50407}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B59C5B3E-1345-473C-9058-26001B890A31}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2C7FF6E-4323-4324-A9D8-6BDADE123976}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{069B290F-5398-4629-A009-85B4BCB4B1B9}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Ashampoo_DE Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\claro
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbarguid
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchcore Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WiseConvert Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\www.Freeware-download.com Toolbar
Schlüssel Gefunden : HKLM\Software\www.Freeware-download.com
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{64B00DAC-870D-4E6A-8D34-3A6E3E427A30}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{7DA17D5A-5718-4130-A605-FC316C827836}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Schlüssel Gefunden : HKLM\SOFTWARE\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DA17D5A-5718-4130-A605-FC316C827836}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gefunden : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gefunden : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-2416322015-1569237049-636745652-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-2416322015-1569237049-636745652-1002\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKU\S-1-5-21-2416322015-1569237049-636745652-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gefunden : HKU\S-1-5-21-2416322015-1569237049-636745652-1002\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gefunden : HKU\S-1-5-21-2416322015-1569237049-636745652-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKU\S-1-5-21-2416322015-1569237049-636745652-1002\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2426}
Schlüssel Gefunden : HKU\S-1-5-21-2416322015-1569237049-636745652-1002\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gefunden : HKU\S-1-5-21-2416322015-1569237049-636745652-1002\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gefunden : HKU\S-1-5-21-2416322015-1569237049-636745652-1002\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Schlüssel Gefunden : HKU\S-1-5-21-2416322015-1569237049-636745652-1002\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{26647CA4-A2A7-4EAC-8A72-761AA9141DE7}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{5786D022-540E-4699-B350-B4BE0AE94B79}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{8a9386b4-e958-4c4c-adf4-8f26db3e4829}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{26647CA4-A2A7-4EAC-8A72-761AA9141DE7}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{5786D022-540E-4699-B350-B4BE0AE94B79}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://search.babylon.com/?affID=119357&tl=gkn01384&tt=gc_&babsrc=HP_ss_gin2g&mntrId=E241D0DF9A677698

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\lisa\AppData\Roaming\Mozilla\Firefox\Profiles\hkgxigbt.default\prefs.js

Gefunden : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119357&tl=gkn01384&tt=gc_&babsrc[...]
Gefunden : user_pref("browser.search.defaultenginename", "My Web Search");
Gefunden : user_pref("browser.search.order.1", "Claro Search");
Gefunden : user_pref("browser.search.selectedEngine", "Claro Search");
Gefunden : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=119357&tl=gkn01384&tt=gc_&ba[...]
Gefunden : user_pref("extensions.BabylonToolbar.admin", false);
Gefunden : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gefunden : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gefunden : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Gefunden : user_pref("extensions.BabylonToolbar.dfltLng", "de");
Gefunden : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gefunden : user_pref("extensions.BabylonToolbar.id", "e2413908000000000000d0df9a677698");
Gefunden : user_pref("extensions.BabylonToolbar.instlDay", "15707");
Gefunden : user_pref("extensions.BabylonToolbar.instlRef", "na");
Gefunden : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gefunden : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gefunden : user_pref("extensions.BabylonToolbar.rvrt", "false");
Gefunden : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gefunden : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gefunden : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Gefunden : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Gefunden : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gefunden : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=10588&tl=gkn01384&tt=0113_5");
Gefunden : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Gefunden : user_pref("extensions.BabylonToolbar_i.newTab", false);
Gefunden : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gefunden : user_pref("extensions.BabylonToolbar_i.srcExt", "def");
Gefunden : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.211:24:10");
Gefunden : user_pref("extensions.claro.admin", false);
Gefunden : user_pref("extensions.claro.aflt", "babsst");
Gefunden : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Gefunden : user_pref("extensions.claro.autoRvrt", "false");
Gefunden : user_pref("extensions.claro.babTrack", "affID=10588&tl=gkn01384&tt=0113_5");
Gefunden : user_pref("extensions.claro.bbDpng", "17");
Gefunden : user_pref("extensions.claro.cntry", "DE");
Gefunden : user_pref("extensions.claro.dfltLng", "en");
Gefunden : user_pref("extensions.claro.excTlbr", false);
Gefunden : user_pref("extensions.claro.hdrMd5", "4D0C1CAA221DB0C993FF736D4B5D25E2");
Gefunden : user_pref("extensions.claro.id", "e2413908000000000000d0df9a677698");
Gefunden : user_pref("extensions.claro.instlDay", "15726");
Gefunden : user_pref("extensions.claro.instlRef", "sst");
Gefunden : user_pref("extensions.claro.lastVrsnTs", "1.8.8.520:14:51");
Gefunden : user_pref("extensions.claro.prdct", "claro");
Gefunden : user_pref("extensions.claro.prtnrId", "claro");
Gefunden : user_pref("extensions.claro.rvrt", "false");
Gefunden : user_pref("extensions.claro.sg", "none");
Gefunden : user_pref("extensions.claro.tlbrId", "base");
Gefunden : user_pref("extensions.claro.tlbrSrchUrl", "");
Gefunden : user_pref("extensions.claro.vrsn", "1.8.8.5");
Gefunden : user_pref("extensions.claro.vrsni", "1.8.8.5");
Gefunden : user_pref("extensions.claro_i.excTlbr", false);
Gefunden : user_pref("extensions.claro_i.newTab", false);
Gefunden : user_pref("extensions.claro_i.smplGrp", "none");
Gefunden : user_pref("extensions.claro_i.vrsnTs", "1.8.8.520:14:52");
Gefunden : user_pref("extensions.delta.babTrack", "affID=10588&tl=gkn01384&tt=0113_5");
Gefunden : user_pref("extensions.delta.bbDpng", "17");
Gefunden : user_pref("extensions.delta.cntry", "DE");
Gefunden : user_pref("extensions.delta.hdrMd5", "");
Gefunden : user_pref("extensions.delta.lastVrsnTs", "");
Gefunden : user_pref("extensions.delta.sg", "er");
Gefunden : user_pref("extensions.delta.smplGrp", "er");
Gefunden : user_pref("extensions.enabledAddons", "ffxtlbr%40claro.com:1.5.0,ffxtlbr%40delta.com:1.5.0,pricepeep[...]
Gefunden : user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
Gefunden : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Gefunden : user_pref("extensions.mywebsearch.prevSelectedEngine", "Claro Search");
Gefunden : user_pref("extensions.toggle.hpOld0", "hxxp://www.claro-search.com/?affID=114506&tl=gkn01384&tt=0413[...]
Gefunden : user_pref("extensions.toggle.srchPrvdr", "Search the web (toggle)");
Gefunden : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]
Gefunden : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=BE58A421[...]
Gefunden : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Gefunden : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Gefunden : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Gefunden : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Gefunden : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...]
Gefunden : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Gefunden : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Gefunden : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Gefunden : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...]
Gefunden : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Gefunden : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Gefunden : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...]
Gefunden : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Gefunden : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Gefunden : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Gefunden : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...]
Gefunden : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Gefunden : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Gefunden : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...]
Gefunden : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Gefunden : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Gefunden : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Gefunden : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Gefunden : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Gefunden : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...]
Gefunden : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Gefunden : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Gefunden : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Gefunden : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Gefunden : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Gefunden : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Gefunden : user_pref("sweetim.toolbar.mode.debug", "false");
Gefunden : user_pref("sweetim.toolbar.newtab.created", "false");
Gefunden : user_pref("sweetim.toolbar.newtab.enable", "true");
Gefunden : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Gefunden : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...]
Gefunden : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Gefunden : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Gefunden : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Gefunden : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Gefunden : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Gefunden : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Gefunden : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Gefunden : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Gefunden : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Gefunden : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Gefunden : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Gefunden : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Gefunden : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Gefunden : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Gefunden : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Gefunden : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Gefunden : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Gefunden : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Gefunden : user_pref("sweetim.toolbar.scripts.2.callback", "");
Gefunden : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...]
Gefunden : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Gefunden : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Gefunden : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Gefunden : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Gefunden : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...]
Gefunden : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]
Gefunden : user_pref("sweetim.toolbar.search.history.capacity", "10");
Gefunden : user_pref("sweetim.toolbar.searchguard.enable", "false");
Gefunden : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Gefunden : user_pref("sweetim.toolbar.simapp_id", "{14F2BA14-FAA5-11E1-B933-101F740A9C70}");
Gefunden : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Gefunden : user_pref("sweetim.toolbar.version", "1.9.0.0");
Gefunden : user_pref("sweetim.toolbar.Visibility.enable", "true");
Gefunden : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Gefunden : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\lisa\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gefunden [l.2262] : homepage = "hxxp://search.babylon.com/?affID=119357&tl=gkn01384&tt=gc_&babsrc=HP_ss_gin2g&mntrId=E241D0DF9A677698",
Gefunden [l.2541] : urls_to_restore_on_startup = [ "hxxp://search.babylon.com/?affID=119357&tl=gkn01384&tt=gc_&babsrc=HP_ss_gin2g&mntrId=E241D0DF9A677698", "hxxp://www.delta-search.com/?affID=119357&tl=gkn01384&tt=gc_&babsrc=HP_ss&mntrId=E241D0DF9A677698" ]

*************************

AdwCleaner[R1].txt - [226 octets] - [02/07/2013 18:53:29]
AdwCleaner[R2].txt - [75386 octets] - [02/07/2013 18:55:05]

########## EOF - C:\AdwCleaner[R2].txt - [75447 octets] ##########

schrauber · 02.07.2013, 18:27

Dann RogueKiller bitte

lisei · 02.07.2013, 18:34

Habe den Scan gemacht und gelöscht wie du geschrieben hast.
jetzt bringt er wieder bei der Anmeldung die Fehlermeldung! IEADVPACK.dell fehtl!!!
Was soll ich machen!!
Lisa

schrauber · 02.07.2013, 18:49

Screenshot bitte.

lisei · 02.07.2013, 19:42

Hallo Schauer,
Fehlermeldung wie beschrieben, jedoch bei Abgesicherten Modus mit Netzwerk ( Neu start)
hat sich Windows ganz normal wieder angemeldet!Hab jetzt den RogueKiller am laufen!
Meld mich wenn alles erledigt ist!
lisa

Code:

ATTFilter

RogueKiller V8.6.1 [Jun 17 2013] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Webseite : hxxp://tigzy.geekstogo.com/roguekiller.php
Blog : hxxp://tigzyrk.blogspot.com/

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : lisa [Admin Rechte]
Funktion : Scannen -- Datum : 07/02/2013 20:56:06
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 23 ¤¤¤
[SERVICE][BLVALUE] HKLM\[...]\CS001\[...]\Services : IBUpdaterService (C:\Windows\system32\dmwu.exe [x]) -> GEFUNDEN
[DNS] HKLM\[...]\CCSet\[...]\{00B87E99-B03B-47CF-851D-007197A54B75} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CCSet\[...]\{0C73F8FF-16C6-4979-AA4A-6E199DF63EAA} : NameServer (10.129.32.1 10.111.81.129) -> GEFUNDEN
[DNS] HKLM\[...]\CCSet\[...]\{8C58ABC7-4C7C-49AA-B65A-00C12433B4A4} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CCSet\[...]\{C67691B4-649B-4EAD-A4F7-E0DA720B01B0} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CS001\[...]\{00B87E99-B03B-47CF-851D-007197A54B75} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CS001\[...]\{0C73F8FF-16C6-4979-AA4A-6E199DF63EAA} : NameServer (10.129.32.1 10.111.81.129) -> GEFUNDEN
[DNS] HKLM\[...]\CS001\[...]\{8C58ABC7-4C7C-49AA-B65A-00C12433B4A4} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CS001\[...]\{C67691B4-649B-4EAD-A4F7-E0DA720B01B0} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CS002\[...]\{00B87E99-B03B-47CF-851D-007197A54B75} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CS002\[...]\{0C73F8FF-16C6-4979-AA4A-6E199DF63EAA} : NameServer (10.129.32.1 10.111.81.129) -> GEFUNDEN
[DNS] HKLM\[...]\CS002\[...]\{8C58ABC7-4C7C-49AA-B65A-00C12433B4A4} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CS002\[...]\{C67691B4-649B-4EAD-A4F7-E0DA720B01B0} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CS003\[...]\{00B87E99-B03B-47CF-851D-007197A54B75} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CS003\[...]\{0C73F8FF-16C6-4979-AA4A-6E199DF63EAA} : NameServer (10.129.32.1 10.111.81.129) -> GEFUNDEN
[DNS] HKLM\[...]\CS003\[...]\{8C58ABC7-4C7C-49AA-B65A-00C12433B4A4} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[DNS] HKLM\[...]\CS003\[...]\{C67691B4-649B-4EAD-A4F7-E0DA720B01B0} : NameServer (10.111.81.129 10.129.32.1) -> GEFUNDEN
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> GEFUNDEN
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> GEFUNDEN
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> GEFUNDEN
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> GEFUNDEN
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> GEFUNDEN
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN

¤¤¤ Geplante Tasks : 2 ¤¤¤
[V2][SUSP PATH] DSite : C:\Users\lisa\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE - /Check [x] -> GEFUNDEN
[V2][SUSP PATH] EPUpdater : C:\Users\lisa\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [x] -> GEFUNDEN

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion :  ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR überprüfen: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 SATA Disk Device +++++
--- User ---
[MBR] ea23dff32c426d5d25872c568edfa001
[BSP] 574057387e4677818344d318a7706ea5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 699308 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1432592384 | Size: 15793 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] ca963d178f3884681f32b871c762d5b8
[BSP] 574057387e4677818344d318a7706ea5 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

+++++ PhysicalDrive1: Hitachi HTS547575A9E384 SATA Disk Device +++++
--- User ---
[MBR] dac71a16ccfdde5e913e8d184fd4fed6
[BSP] 2e07ea6f3d63201e1f0fa1dbff99b13e : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 29509 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Abgeschlossen : << RKreport[0]_S_07022013_205606.txt >>

schrauber · 03.07.2013, 07:26

Roguekiller nochmal lafen lassen, nach dem Scannen auf löschen klicken, Logfile posten.

Von der Fehlermeldung brauch ich nen Screenshot.

lisei · 03.07.2013, 08:20

Guten Morgen Schrauber,
an Screenshot mach ich mit der fn Taste und Druck, hab es versucht aber des haut bei
mir ned so hin. Lässt sich nirgendswo öffnen. Übrigens habe ich jetzt in der früh keine
Fehlermeldung gehabt. Der Bildschirm ist erst schwarz dann weiß bis ich mein Passwort
eingebe, dann wird er himmelblau! Hab einen ganz anderen Bildschirm gehabt bevor ich de Trojaner drauf hatte! Trau mich jetzt noch nicht dies zu verändern! Übrigens zeigt er mir jetzt das Netzwerke an, HP Connection Manager zeigt wieder Wi-Fi (Wireless LAN´)
Fritz!Box Fon WLAN 7390 an. War die ganze Zeit nicht verbunden! Wo ich mich nicht auskenne ist: Startprogramme alle raushauen die das Hochfahren verlangsamen den Rechner entmüllen!!
Gruß Lisa

Code:

ATTFilter

RogueKiller V8.6.1 [Jun 17 2013] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://www.geekstogo.com/forum/files/file/413-roguekiller/
Webseite : hxxp://tigzy.geekstogo.com/roguekiller.php
Blog : hxxp://tigzyrk.blogspot.com/

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : lisa [Admin Rechte]
Funktion : Entfernen -- Datum : 07/03/2013 09:17:46
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 23 ¤¤¤
[SERVICE][BLVALUE] HKLM\[...]\CS001\[...]\Services : IBUpdaterService (C:\Windows\system32\dmwu.exe [x]) -> GELÖSCHT
[DNS] HKLM\[...]\CCSet\[...]\{00B87E99-B03B-47CF-851D-007197A54B75} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CCSet\[...]\{0C73F8FF-16C6-4979-AA4A-6E199DF63EAA} : NameServer (10.129.32.1 10.111.81.129) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CCSet\[...]\{8C58ABC7-4C7C-49AA-B65A-00C12433B4A4} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CCSet\[...]\{C67691B4-649B-4EAD-A4F7-E0DA720B01B0} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS001\[...]\{00B87E99-B03B-47CF-851D-007197A54B75} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS001\[...]\{0C73F8FF-16C6-4979-AA4A-6E199DF63EAA} : NameServer (10.129.32.1 10.111.81.129) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS001\[...]\{8C58ABC7-4C7C-49AA-B65A-00C12433B4A4} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS001\[...]\{C67691B4-649B-4EAD-A4F7-E0DA720B01B0} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS002\[...]\{00B87E99-B03B-47CF-851D-007197A54B75} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS002\[...]\{0C73F8FF-16C6-4979-AA4A-6E199DF63EAA} : NameServer (10.129.32.1 10.111.81.129) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS002\[...]\{8C58ABC7-4C7C-49AA-B65A-00C12433B4A4} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS002\[...]\{C67691B4-649B-4EAD-A4F7-E0DA720B01B0} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS003\[...]\{00B87E99-B03B-47CF-851D-007197A54B75} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS003\[...]\{0C73F8FF-16C6-4979-AA4A-6E199DF63EAA} : NameServer (10.129.32.1 10.111.81.129) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS003\[...]\{8C58ABC7-4C7C-49AA-B65A-00C12433B4A4} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[DNS] HKLM\[...]\CS003\[...]\{C67691B4-649B-4EAD-A4F7-E0DA720B01B0} : NameServer (10.111.81.129 10.129.32.1) -> NICHT ENTFERNT, DNS REPARIEREN BENUTZEN
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowUser (0) -> ERSETZT (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> ERSETZT (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> ERSETZT (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> ERSETZT (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> ERSETZT (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ERSETZT (0)

¤¤¤ Geplante Tasks : 2 ¤¤¤
[V2][SUSP PATH] DSite : C:\Users\lisa\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE - /Check [x] -> GELÖSCHT
[V2][SUSP PATH] EPUpdater : C:\Users\lisa\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [x] -> GELÖSCHT

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion :  ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR überprüfen: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS547575A9E384 SATA Disk Device +++++
--- User ---
[MBR] ea23dff32c426d5d25872c568edfa001
[BSP] 574057387e4677818344d318a7706ea5 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 699308 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1432592384 | Size: 15793 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1464936448 | Size: 102 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] ca963d178f3884681f32b871c762d5b8
[BSP] 574057387e4677818344d318a7706ea5 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 77824 Mo
1 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 159793152 | Size: 400 Mo

+++++ PhysicalDrive1: Hitachi HTS547575A9E384 SATA Disk Device +++++
--- User ---
[MBR] dac71a16ccfdde5e913e8d184fd4fed6
[BSP] 2e07ea6f3d63201e1f0fa1dbff99b13e : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 29509 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Abgeschlossen : << RKreport[0]_D_07032013_091746.txt >>
RKreport[0]_S_07022013_205606.txt;RKreport[0]_S_07022013_221037.txt;RKreport[0]_S_07032013_091429.txt

schrauber · 03.07.2013, 08:23

Jetzt bleib mal locker, erst entfernen wir Malware, dann kümmern wir uns um den Rest

Mach zur Not en Handy-Bild.

lisei · 03.07.2013, 08:28

Ok, ich bleib locker von Hocker!

gestern hat er mir gemeldet, auf dem Laptop von meinen Sohn, dass auf meinen USB Stick eine
Gefährdung ist die der Vieren Scanner in einen extra Ordner auf den Stick verschoben hat! Habe die ganze Zeit die Programme von meinen Sohn seinen Laptop auf den USB Stick gezogen! Glaub ich bin die totale Seuchen verbreiterin!!Anti Malerware Bytes, meldet das die Testversion
zu ende ist und ich keinen Schutz mehr habe! Habe den Bitdefinder Total Security der mir den
ganzen Schrott an Vieren Trojaner rein ließ! Brauche unbedingt einen Top Schutz für mich und meinen Sohn! Kaspersky is das gut?

lisei · 03.07.2013, 09:15

das Bild mit dem Handy! Da ist der Rechner schon hochgefahren! Is kein gutes Foto!

lisei · 03.07.2013, 09:29

Was mir gerade einfällt, kann das sein das ich über ein Update von Adobe
Flash Player mir den Trojaner geladen habe? Ich selber, gehe ja fast gar nicht
mit dem Laptop ins Internet! Mein Sohn wo er noch keines hatte bis vor 3 Wochen
war ständig im Internet Steam oder so! Meine Tochter auch mit Ihre Sims3! Kann
mich aber gut erinnern, seit ich das Update von Adobe Player gemacht habe, hat das
Laptop eine Macke gehabt! Da denkst du an nicht`s böses gehst auf Updaten in der Meinung
das der Bitdefinder das schon gecheckt hat, und wirst belohnt mit einen Trojaner!

schrauber · 03.07.2013, 10:33

Mach mal bitte einen neuen Scan mit FRST.

02.07.2013, 13:27	#16
schrauber /// the machine /// TB-Ausbilder	Hilfe! Trojaner Generic Befall Wenn ESET fertig ist das komplette Logfile bitte __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

02.07.2013, 18:27	#20
schrauber /// the machine /// TB-Ausbilder	Hilfe! Trojaner Generic Befall Dann RogueKiller bitte __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

02.07.2013, 18:49	#22
schrauber /// the machine /// TB-Ausbilder	Hilfe! Trojaner Generic Befall Screenshot bitte. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

03.07.2013, 07:26	#24
schrauber /// the machine /// TB-Ausbilder	Hilfe! Trojaner Generic Befall Roguekiller nochmal lafen lassen, nach dem Scannen auf löschen klicken, Logfile posten. Von der Fehlermeldung brauch ich nen Screenshot. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

03.07.2013, 08:23	#26
schrauber /// the machine /// TB-Ausbilder	Hilfe! Trojaner Generic Befall Jetzt bleib mal locker, erst entfernen wir Malware, dann kümmern wir uns um den Rest Mach zur Not en Handy-Bild. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Hilfe! Trojaner Generic Befall

Log-Analyse und Auswertung: Hilfe! Trojaner Generic Befall