Seit Tagen bekomme ich die Meldung " C:/ProgrammFilex86/HomeTab/TABupdater.DLL

lobowolf · 16.09.2013, 12:59

Hallo wer kann mir bitte helfen
System W7 homepremium 64bit
Windows startet zwar, bekomme aber die im Titel angeführte Meldung. Das Notebook arbeitet am Anfang ca 1 Stunde normal , aber danach kann ich meinen Firefox und Skype nicht mehr öffnen, bzw im FB nicht mehr auf andre Seiten gehen .... Vielen Dank im Voraus

schrauber · 16.09.2013, 15:40

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

lobowolf · 16.09.2013, 17:12

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 01
Ran by melsy (administrator) on MELSY-HP on 16-09-2013 18:04:25
Running from C:\Users\melsy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Users\melsy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Spotify Ltd) C:\Users\melsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Ocs_SM] - C:\Users\melsy\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-08-02] (OCS)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Google Update] - C:\Users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-17] (Google Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\melsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-10-28] (Spotify Ltd)
HKCU\...\Run: [EssentialPIM] - C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe [13912056 2013-03-08] ()
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {075fc578-9294-11e2-b468-ec9a74f5fc5d} - H:\Setup.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
AppInit_DLLs-x32: c:\progra~3\browserdefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserdefender.dll [ ] ()
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHTS545050B9A300_111202PBN408P7H1543EX&ts=1376282951
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHTS545050B9A300_111202PBN408P7H1543EX&ts=1376282951
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
URLSearchHook: (No Name) - {32b29df0-2237-4370-9a29-37cebb730e9b} -  No File
URLSearchHook: (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHTS545050B9A300_111202PBN408P7H1543EX&ts=1376282951
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHTS545050B9A300_111202PBN408P7H1543EX&ts=1376282952
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHTS545050B9A300_111202PBN408P7H1543EX&ts=1376282952
SearchScopes: HKLM - {8262B94D-0FB8-44AE-AA96-7114154C01C3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHTS545050B9A300_111202PBN408P7H1543EX&ts=1376282952
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHTS545050B9A300_111202PBN408P7H1543EX&ts=1376282952
SearchScopes: HKLM-x32 - {8262B94D-0FB8-44AE-AA96-7114154C01C3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=UXxdm018YYat&ptnrS=UXxdm018YYat&si=maps4pc&ptb=20F2348D-FE56-4A09-AE5D-517CC951BED5&ind=2012072715&n=77edcb0b&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHTS545050B9A300_111202PBN408P7H1543EX&ts=1376282952
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D43504E5444462670633D43504E544446267372633D49452D536561726368426F78&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {0E0DBFCD-7DDD-4792-9F42-2DFF3E266C26} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=96ABE4D53D2D1F10&affID=119523&tsp=4960
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com.anonymize-me.de/?anonymto=687474703A2F2F65752E61736B2E636F6D2F7765623F713D7B7365617263687465726D737D266C3D646973266F3D43504E544446&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&from=cor&uid=HitachiXHTS545050B9A300_111202PBN408P7H1543EX&ts=1376282952
SearchScopes: HKCU - {5DAD9BF3-1DB3-4915-899F-52C1FB45E7A5} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {8262B94D-0FB8-44AE-AA96-7114154C01C3} URL = 
SearchScopes: HKCU - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6D797765627365617263682E636F6D2F6D797765627365617263682F47476D61696E2E6A68746D6C3F69643D555878646D303138595961742670746E72533D555878646D303138595961742673693D6D617073347063267074623D32304632333438442D464535362D344130392D414535442D35313743433935314245443526696E643D32303132303732373135266E3D3737656463623062267073613D2673743D736226736561726368666F723D7B7365617263685465726D737D&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F61742E7365617263682E7961686F6F2E636F6D2F7365617263683F703D7B7365617263685465726D737D2665693D7B696E707574456E636F64696E677D2666723D6368722D68702D70736726747970653D43504E544446&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {CABAEECD-ADAE-4D8C-96D8-B72FB977BC57} URL = hxxp://search.conduit.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E636F6E647569742E636F6D2F526573756C74734578742E617370783F713D7B7365617263685465726D737D26536561726368536F757263653D3426637469643D435432373336343736&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org.anonymize-me.de/?anonymto=687474703A2F2F64652E77696B6970656469612E6F72672F77696B692F5370656369616C3A5365617263683F7365617263683D7B7365617263685465726D737D&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com.anonymize-me.de/?anonymto=687474703A2F2F726F7665722E656261792E636F6D2F726F7665722F312F353232312D3131313037322D373833332D332F343F6D7072653D687474703A2F2F73686F702E656261792E636F6D2F3F5F6E6B773D7B7365617263685465726D737D&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {F0F2CF65-4A0B-4150-836E-781B9B2532D8} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10397&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABV&apn_dtid=^YYYYYY^YY^AT&apn_uid=8e4ecc86-1479-4e5b-a1c9-34b6ce24ddf2&apn_sauid=E4195978-B757-4776-9B04-E87DC08BC106
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Search Results Toolbar - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll (Ask.com)
BHO-x32: HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} - C:\Users\melsy\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\Web Check\WebCheck.dll (Web Check)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 -  No Name - {32b29df0-2237-4370-9a29-37cebb730e9b} -  No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM-x32 -  No Name - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
Toolbar: HKLM-x32 -  No Name - {364ea597-e728-4ce4-bb4a-ed846ef47970} -  No File
Toolbar: HKLM-x32 - Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - Search Results Toolbar - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll (Ask.com)
Toolbar: HKLM-x32 -  No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} - C:\Users\melsy\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.)
Toolbar: HKCU -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU -  No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU -  No Name - {32B29DF0-2237-4370-9A29-37CEBB730E9B} -  No File
Toolbar: HKCU -  No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} -  No File
Toolbar: HKCU -  No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()

FireFox:
========
FF ProfilePath: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default
FF user.js: detected! => C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\user.js
FF NewTab: about:home
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @MapsGalaxy_39.com/Plugin - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\melsy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\melsy\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\melsy\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\melsy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\melsy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\babylon1.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\the-pirate-bay.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MEGA EXTENSION - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firefox@mega.co.nz
FF Extension: FireJump - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firejump@firejump.net
FF Extension: Facebook Privacy Watcher - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\fpw@informatik.tu-darmstadt.de
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\ich@maltegoetz.de
FF Extension: WebCake - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\plugin@getwebcake.com
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\staged
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\youtubeunblocker@unblocker.yt
FF Extension: NoScript - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF Extension: Search Results Toolbar - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{94366e2c-9923-431c-b0d6-747447dd0f2b}
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: HomeTab - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
FF Extension: Greasemonkey - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF Extension: firefox - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firefox@ghostery.com.xpi
FF Extension: firefox - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firefox@mega.co.nz.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firejump_1027.zip
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firejump_1028.zip
FF Extension: fpw - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\fpw@informatik.tu-darmstadt.de.xpi
FF Extension: freehdsport - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\freehdsport@freehdsport.tv.xpi
FF Extension: info - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\info@convert2mp3.net.xpi
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: nishan.naseer.googimagesearch - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\nishan.naseer.googimagesearch@gmail.com.xpi
FF Extension: requestpolicy - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\requestpolicy@requestpolicy.com.xpi
FF Extension: stealthyextension - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: youtubeunblocker - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\youtubeunblocker@unblocker.yt.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [39ffxtbr@MapsGalaxy_39.com] - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin
FF Extension: MapsGalaxy - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF Extension: No Name - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF Extension: No Name - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\firejump@firejump.net
FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\mail@shopping-preise.de
FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\extension@preispilot.com
FF HKCU\...\Firefox\Extensions: [inlinetranslate@inlinetranslate.com] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\inlinetranslate@inlinetranslate.com
FF HKCU\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\sparpilot@sparpilot.com

Chrome: 
=======
CHR HomePage: about:newtab?source=home
CHR Extension: () - C:\Users\melsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.1
CHR Extension: (Iminent) - C:\Users\melsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1
CHR Extension: () - C:\Users\melsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.4
CHR HKLM-x32\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx
CHR HKLM-x32\...\Chrome\Extension: [dcillohgikpecbmgioknapdpcjofaafl] - C:\Users\melsy\AppData\Roaming\Claro\claro.crx
CHR HKLM-x32\...\Chrome\Extension: [dhdepfaagokllfmhfbcfmocaeigmoebo] - C:\Users\melsy\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\melsy\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx
CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2011-08-12] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-05] (Advanced Micro Devices, Inc.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432080 2013-09-04] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany)
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
S4 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3665752 2012-01-26] ()
R2 SearchAnonymizer; C:\Users\melsy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2012-08-02] ()
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-09-02] (soft Xpansion)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [x]

==================== Drivers (Whitelisted) ====================

R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133160 2011-06-16] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-21] (Broadcom Corporation.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2011-11-07] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-03] (Anchorfree Inc.)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [51016 2011-11-01] (Yamaha Corporation)
S3 CpqDfw; system32\drivers\CpqDfw.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-16 18:03 - 2013-09-16 18:03 - 00000000 ____D C:\FRST
2013-09-16 18:02 - 2013-09-16 18:02 - 01951150 _____ (Farbar) C:\Users\melsy\Downloads\FRST64.exe
2013-09-16 13:29 - 2013-09-16 13:29 - 00000378 _____ C:\Windows\PFRO.log
2013-09-16 13:29 - 2013-09-16 13:29 - 00000056 _____ C:\Windows\setupact.log
2013-09-16 04:36 - 2013-09-16 04:38 - 00001203 _____ C:\DelFix.txt
2013-09-16 04:36 - 2013-09-16 04:36 - 00000000 ____D C:\Windows\ERUNT
2013-09-15 10:28 - 2013-09-16 13:59 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-09-15 10:28 - 2013-09-16 13:59 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-09-15 10:28 - 2013-09-16 13:59 - 00000000 ____D C:\Users\melsy\AppData\Roaming\HomeTab
2013-09-15 10:28 - 2013-09-15 17:10 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SimplyTech
2013-09-15 10:28 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-09-11 15:04 - 2013-09-11 15:04 - 04054000 _____ (LionSea Software                                            ) C:\Users\melsy\Downloads\setup(2).exe
2013-09-11 14:49 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 14:49 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 14:49 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 14:49 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 14:49 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 14:49 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-11 14:49 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-11 14:49 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 14:49 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-11 14:49 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 14:49 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-11 14:49 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 14:49 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 14:49 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-11 14:49 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 14:49 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 14:49 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 14:49 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 14:49 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 14:49 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 14:49 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-11 14:49 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 14:49 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-11 14:49 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 14:49 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 14:49 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-11 14:49 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-11 14:49 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 14:49 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 14:49 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 14:49 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-11 14:49 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 13:49 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 13:49 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k(2052).sys
2013-09-11 13:49 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 13:49 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 13:49 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 13:49 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 13:49 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 13:49 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 13:49 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 13:49 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 13:49 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 13:49 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0(2044).dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0(2043).dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 13:49 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 13:49 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 13:49 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 13:49 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 13:49 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0(2056).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0(2059).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0(2057).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0(2058).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0(2055).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0(2054).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0(2053).dll
2013-09-11 13:49 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 13:49 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 13:49 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 13:49 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 13:49 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 13:49 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 13:49 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 13:47 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 13:47 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 13:47 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 13:47 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-05 01:43 - 2013-09-05 01:43 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2013-09-02 15:08 - 2013-09-02 15:08 - 00957112 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\SaveAsPDFandXPS.exe
2013-09-02 15:08 - 2013-09-02 15:08 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-09-02 14:31 - 2013-09-02 14:31 - 00002138 _____ C:\Users\melsy\Desktop\Free PDF Perfect.lnk
2013-09-02 14:30 - 2013-09-02 14:30 - 00010464 _____ C:\Windows\SysWOW64\sx_p2d.tlb
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\ProgramData\Freemium
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\Program Files (x86)\Freemium
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Users\melsy\Downloads\freepdf
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\SoftwareUpdater
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-09-02 14:27 - 2013-09-02 14:27 - 00000000 ____D C:\Program Files (x86)\Web Check
2013-09-02 14:26 - 2013-09-02 14:28 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-02 14:21 - 2013-09-16 13:59 - 00000000 ____D C:\Users\melsy\AppData\Local\DownloadGuide
2013-09-02 14:21 - 2013-09-02 14:21 - 00444400 _____ C:\Users\melsy\Downloads\DLG_free-pdf-perfect_chip_de-DE10.exe
2013-08-29 14:49 - 2013-08-29 14:49 - 00000000 _____ C:\Windows\setuperr.log
2013-08-28 16:41 - 2013-08-29 13:12 - 00000000 ____D C:\Program Files\Hear
2013-08-28 16:41 - 2011-11-07 16:18 - 00046728 _____ C:\Windows\system32\Drivers\ren2cap.sys
2013-08-26 06:04 - 2013-08-26 06:26 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Betcat
2013-08-26 03:38 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2013-08-26 03:38 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2013-08-26 03:38 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2013-08-26 03:38 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2013-08-26 03:38 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2013-08-26 03:38 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2013-08-26 03:38 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2013-08-26 03:38 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2013-08-26 03:38 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2013-08-26 03:38 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2013-08-26 03:38 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2013-08-26 03:38 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2013-08-26 03:15 - 2013-08-26 03:16 - 50352408 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotnetfx45_full_x86_x64.exe
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\system32\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\inetpub
2013-08-26 02:30 - 2013-08-26 02:30 - 00003144 _____ C:\Windows\System32\Tasks\{963AFCB0-77B1-4C30-B305-F56C7A0EBB2B}
2013-08-26 02:28 - 2013-08-26 02:29 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup(1).exe
2013-08-26 02:26 - 2013-08-26 02:26 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup.exe
2013-08-26 02:21 - 2013-08-26 02:22 - 41580520 _____ (Hewlett-Packard                                             ) C:\Users\melsy\Downloads\sp58915.exe
2013-08-26 02:10 - 2012-02-14 15:24 - 00286426 _____ C:\Users\melsy\Downloads\Language.de.xml
2013-08-26 02:10 - 2010-07-19 22:13 - 00001283 _____ C:\Users\melsy\Downloads\Readme.txt
2013-08-26 02:09 - 2013-08-26 02:09 - 00069183 _____ C:\Users\melsy\Downloads\langpack-de-1.0.1-for-truecrypt-7.1a(1).zip
2013-08-26 02:08 - 2013-08-26 02:10 - 00000000 ____D C:\Users\melsy\AppData\Roaming\TrueCrypt
2013-08-26 02:07 - 2013-08-26 02:07 - 00000875 _____ C:\Users\Public\Desktop\TrueCrypt.lnk
2013-08-26 02:06 - 2013-08-26 02:06 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2013-08-26 02:06 - 2013-08-26 02:06 - 00000000 ____D C:\Program Files\TrueCrypt
2013-08-26 01:30 - 2013-08-26 01:30 - 00000649 _____ C:\Users\melsy\Documents\CyberGhostPUK.html
2013-08-26 01:26 - 2013-08-26 01:26 - 00000872 _____ C:\Users\Public\Desktop\CyberGhost VPN.lnk
2013-08-26 01:25 - 2013-08-26 01:29 - 00000000 ____D C:\Program Files\CyberGhost VPN
2013-08-26 01:25 - 2011-12-15 20:29 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys

==================== One Month Modified Files and Folders =======

2013-09-16 18:03 - 2013-09-16 18:03 - 00000000 ____D C:\FRST
2013-09-16 18:02 - 2013-09-16 18:02 - 01951150 _____ (Farbar) C:\Users\melsy\Downloads\FRST64.exe
2013-09-16 17:39 - 2012-08-29 02:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-16 17:39 - 2012-07-27 21:04 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-16 17:39 - 2012-05-18 13:08 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Skype
2013-09-16 17:36 - 2013-01-24 00:10 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001UA.job
2013-09-16 17:11 - 2012-08-13 23:06 - 00000386 _____ C:\Windows\Tasks\WpsUpdateTask_melsy.job
2013-09-16 16:31 - 2011-12-10 06:03 - 01756979 _____ C:\Windows\WindowsUpdate.log
2013-09-16 16:13 - 2013-05-07 18:00 - 00000000 ____D C:\ProgramData\MFAData
2013-09-16 15:39 - 2012-07-27 21:04 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-16 15:36 - 2013-01-24 00:10 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001Core.job
2013-09-16 13:59 - 2013-09-15 10:28 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-09-16 13:59 - 2013-09-15 10:28 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-09-16 13:59 - 2013-09-15 10:28 - 00000000 ____D C:\Users\melsy\AppData\Roaming\HomeTab
2013-09-16 13:59 - 2013-09-02 14:21 - 00000000 ____D C:\Users\melsy\AppData\Local\DownloadGuide
2013-09-16 13:59 - 2013-08-12 06:53 - 00000000 ____D C:\Users\melsy\AppData\Roaming\dp3d
2013-09-16 13:59 - 2013-07-31 10:20 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-09-16 13:59 - 2013-05-18 22:52 - 00000000 ____D C:\Users\melsy\AppData\Roaming\EssentialPIM
2013-09-16 13:59 - 2013-02-03 16:59 - 00000000 ____D C:\Users\melsy\.tuxguitar-1.2
2013-09-16 13:59 - 2012-12-18 15:30 - 00000000 ____D C:\Program Files (x86)\AntiPhotoSpy
2013-09-16 13:59 - 2012-06-23 14:51 - 00000000 ____D C:\Windows\system32\Macromed
2013-09-16 13:59 - 2012-06-17 15:14 - 00000000 ____D C:\Users\melsy\AppData\Local\Abelssoft
2013-09-16 13:59 - 2012-05-25 15:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-16 13:59 - 2012-05-20 13:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-16 13:59 - 2012-05-19 14:23 - 00000000 ____D C:\Program Files (x86)\ScanIT-Client
2013-09-16 13:59 - 2012-05-18 16:55 - 00000000 ____D C:\Users\melsy\AppData\Roaming\vlc
2013-09-16 13:59 - 2012-05-18 16:45 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Audacity
2013-09-16 13:59 - 2012-05-18 12:50 - 00000000 ___RD C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-16 13:59 - 2012-05-18 12:50 - 00000000 ___RD C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-16 13:59 - 2012-05-18 12:45 - 00000000 ____D C:\Users\melsy\AppData\Local\Hewlett-Packard
2013-09-16 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-16 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-16 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-09-16 13:55 - 2012-05-25 15:55 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SUPERAntiSpyware.com
2013-09-16 13:37 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-16 13:37 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-16 13:29 - 2013-09-16 13:29 - 00000378 _____ C:\Windows\PFRO.log
2013-09-16 13:29 - 2013-09-16 13:29 - 00000056 _____ C:\Windows\setupact.log
2013-09-16 13:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-16 13:21 - 2012-08-21 10:03 - 00000000 ____D C:\Windows\Minidump
2013-09-16 12:11 - 2013-03-05 14:41 - 00000000 ____D C:\Users\melsy\AppData\Roaming\TS3Client
2013-09-16 04:38 - 2013-09-16 04:36 - 00001203 _____ C:\DelFix.txt
2013-09-16 04:36 - 2013-09-16 04:36 - 00000000 ____D C:\Windows\ERUNT
2013-09-16 04:27 - 2012-05-18 12:43 - 00000000 ____D C:\Users\melsy
2013-09-15 17:37 - 2012-05-20 17:38 - 00000000 ____D C:\Users\melsy\AppData\Local\CrashDumps
2013-09-15 17:10 - 2013-09-15 10:28 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SimplyTech
2013-09-15 17:10 - 2013-07-28 19:54 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Web Cake
2013-09-15 17:10 - 2013-07-28 19:54 - 00000000 ____D C:\Program Files (x86)\Web Cake
2013-09-15 11:20 - 2013-04-27 18:33 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleFormelsy
2013-09-15 11:20 - 2013-04-27 18:33 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleFormelsy.job
2013-09-15 10:27 - 2012-08-21 16:29 - 00001409 _____ C:\Users\melsy\Desktop\Internet Explorer.lnk
2013-09-15 10:27 - 2012-06-02 19:17 - 00001107 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-15 10:27 - 2012-05-18 12:51 - 00001405 _____ C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-09-15 10:27 - 2012-05-18 12:50 - 00001439 _____ C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-14 13:03 - 2012-05-20 13:12 - 00000000 ____D C:\Users\melsy\Documents\Gitarre
2013-09-14 11:58 - 2012-05-19 17:43 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-09-14 11:57 - 2012-05-26 17:23 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-09-13 18:40 - 2012-08-29 02:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-13 18:40 - 2012-05-20 17:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 18:40 - 2011-08-09 13:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 08:37 - 2013-07-26 01:28 - 00000941 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-09-12 13:07 - 2011-08-09 22:16 - 00772974 _____ C:\Windows\system32\perfh007.dat
2013-09-12 13:07 - 2011-08-09 22:16 - 00175058 _____ C:\Windows\system32\perfc007.dat
2013-09-12 13:07 - 2009-07-14 07:13 - 01804214 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-11 15:04 - 2013-09-11 15:04 - 04054000 _____ (LionSea Software                                            ) C:\Users\melsy\Downloads\setup(2).exe
2013-09-11 14:54 - 2013-05-20 19:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 14:51 - 2013-01-13 17:21 - 00001979 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-09-11 14:21 - 2009-07-14 06:45 - 00544232 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 14:12 - 2012-05-20 13:51 - 01831832 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-11 14:11 - 2013-07-11 12:55 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 14:03 - 2012-05-21 04:56 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 02:58 - 2012-07-02 02:36 - 00000410 _____ C:\Windows\Tasks\EasyShare Registration Task.job
2013-09-05 01:43 - 2013-09-05 01:43 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2013-09-04 13:50 - 2012-08-09 23:07 - 00000000 ____D C:\Users\melsy\Documents\My Downloaded Video
2013-09-02 15:08 - 2013-09-02 15:08 - 00957112 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\SaveAsPDFandXPS.exe
2013-09-02 15:08 - 2013-09-02 15:08 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-09-02 14:31 - 2013-09-02 14:31 - 00002138 _____ C:\Users\melsy\Desktop\Free PDF Perfect.lnk
2013-09-02 14:30 - 2013-09-02 14:30 - 00010464 _____ C:\Windows\SysWOW64\sx_p2d.tlb
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\ProgramData\Freemium
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\Program Files (x86)\Freemium
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Users\melsy\Downloads\freepdf
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\SoftwareUpdater
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-09-02 14:28 - 2013-09-02 14:26 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-02 14:27 - 2013-09-02 14:27 - 00000000 ____D C:\Program Files (x86)\Web Check
2013-09-02 14:21 - 2013-09-02 14:21 - 00444400 _____ C:\Users\melsy\Downloads\DLG_free-pdf-perfect_chip_de-DE10.exe
2013-08-30 19:36 - 2012-05-20 18:06 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Mozilla
2013-08-29 14:49 - 2013-08-29 14:49 - 00000000 _____ C:\Windows\setuperr.log
2013-08-29 14:47 - 2012-05-20 13:52 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SoftGrid Client
2013-08-29 14:00 - 2013-03-05 14:40 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-29 13:40 - 2013-06-02 20:51 - 00000000 ____D C:\Users\melsy\AppData\Local\Freenet
2013-08-29 13:13 - 2012-05-22 00:39 - 00000000 ___RD C:\Users\melsy\Desktop\TONSTUDIO
2013-08-29 13:12 - 2013-08-28 16:41 - 00000000 ____D C:\Program Files\Hear
2013-08-29 13:11 - 2012-08-21 18:03 - 00000000 ____D C:\Windows\pss
2013-08-26 06:26 - 2013-08-26 06:04 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Betcat
2013-08-26 06:17 - 2011-02-10 21:23 - 00000000 ____D C:\SWSetup
2013-08-26 05:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2013-08-26 05:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2013-08-26 03:16 - 2013-08-26 03:15 - 50352408 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotnetfx45_full_x86_x64.exe
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\system32\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\inetpub
2013-08-26 02:30 - 2013-08-26 02:30 - 00003144 _____ C:\Windows\System32\Tasks\{963AFCB0-77B1-4C30-B305-F56C7A0EBB2B}
2013-08-26 02:29 - 2013-08-26 02:28 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup(1).exe
2013-08-26 02:26 - 2013-08-26 02:26 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup.exe
2013-08-26 02:22 - 2013-08-26 02:21 - 41580520 _____ (Hewlett-Packard                                             ) C:\Users\melsy\Downloads\sp58915.exe
2013-08-26 02:10 - 2013-08-26 02:08 - 00000000 ____D C:\Users\melsy\AppData\Roaming\TrueCrypt
2013-08-26 02:09 - 2013-08-26 02:09 - 00069183 _____ C:\Users\melsy\Downloads\langpack-de-1.0.1-for-truecrypt-7.1a(1).zip
2013-08-26 02:07 - 2013-08-26 02:07 - 00000875 _____ C:\Users\Public\Desktop\TrueCrypt.lnk
2013-08-26 02:06 - 2013-08-26 02:06 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2013-08-26 02:06 - 2013-08-26 02:06 - 00000000 ____D C:\Program Files\TrueCrypt
2013-08-26 01:30 - 2013-08-26 01:30 - 00000649 _____ C:\Users\melsy\Documents\CyberGhostPUK.html
2013-08-26 01:29 - 2013-08-26 01:25 - 00000000 ____D C:\Program Files\CyberGhost VPN
2013-08-26 01:26 - 2013-08-26 01:26 - 00000872 _____ C:\Users\Public\Desktop\CyberGhost VPN.lnk
2013-08-24 02:33 - 2012-10-07 00:30 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SpaceShooter
2013-08-21 15:57 - 2012-06-02 19:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-20 13:46 - 2012-05-20 18:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-20 12:52 - 2012-07-18 03:06 - 00000000 ___RD C:\Users\melsy\Desktop\Foto Video
2013-08-20 11:36 - 2012-05-18 14:31 - 00000000 ____D C:\Users\melsy\AppData\Local\Windows Live

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 01:20

==================== End Of Log ============================

--- --- ---
FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 01
Ran by melsy at 2013-09-16 18:06:09
Running from C:\Users\melsy\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (x32 Version: 3.5.0.600)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Photoshop CS5 (x32 Version: 12.0)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.620)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95)
Aiseesoft PDF to Word Converter 3.1.8 (x32)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Fuel (Version: 2011.0705.1115.18310)
AMD Media Foundation Decoders (Version: 1.0.60705.1113)
AMD VISION Engine Control Center (x32 Version: 2011.0705.1115.18310)
AntiPhotoSpy 2013 (x32 Version: 1.6)
Artensoft Photo Mosaic Wizard (Version: 1.6)
Ashampoo Music Studio 2012 v.1.0.0 (x32 Version: 1.0.0)
Ashampoo Photo Commander 9 v.9.4.3 (x32 Version: 9.4.3)
Ashampoo Video Styler 2013 v.1.0.1 (x32 Version: 1.0.1)
Ashampoo WinOptimizer 6.60 (x32 Version: 6.6.0)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Audacity 2.0.2 (x32 Version: 2.0.2)
Audio Record Wizard (x32 Version: 6.8)
AUDIOzilla v1.1 (x32)
AVG 2013 (Version: 13.0.3222)
AVG 2013 (Version: 13.0.3408)
AVG 2013 (Version: 2013.0.3408)
AVS Audio Converter 7 (x32)
AVS Audio Recorder version 4.0 (x32)
AVS Update Manager 1.0 (x32)
AVS4YOU Software Navigator 1.4 (x32)
AX3000G SoundEditor (x32 Version: 1.00.0.2)
B109a-m (x32 Version: 140.0.690.000)
Balabolka (x32 Version: 2.05)
Bejeweled 3 (x32 Version: 2.2.0.97)
Blasterball 3 (x32 Version: 2.2.0.97)
Bounce Symphony (x32 Version: 2.2.0.97)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.100.82.86)
Broadcom Bluetooth Software (Version: 6.5.0.1300)
Broadcom InConcert Maestro (Version: 1.0.1.1300)
BufferChm (x32 Version: 140.0.212.000)
BusinessCards MX (x32 Version: 4.73)
Cake Mania (x32 Version: 2.2.0.95)
Calme Version 2013 (x32 Version: 2013)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0705.1115.18310)
Catalyst Control Center InstallProxy (x32 Version: 2011.0705.1115.18310)
Catalyst Control Center Localization All (x32 Version: 2011.0705.1115.18310)
CCC Help Chinese Standard (x32 Version: 2011.0705.1114.18310)
CCC Help Chinese Traditional (x32 Version: 2011.0705.1114.18310)
CCC Help Czech (x32 Version: 2011.0705.1114.18310)
CCC Help Danish (x32 Version: 2011.0705.1114.18310)
CCC Help Dutch (x32 Version: 2011.0705.1114.18310)
CCC Help English (x32 Version: 2011.0705.1114.18310)
CCC Help Finnish (x32 Version: 2011.0705.1114.18310)
CCC Help French (x32 Version: 2011.0705.1114.18310)
CCC Help German (x32 Version: 2011.0705.1114.18310)
CCC Help Greek (x32 Version: 2011.0705.1114.18310)
CCC Help Hungarian (x32 Version: 2011.0705.1114.18310)
CCC Help Italian (x32 Version: 2011.0705.1114.18310)
CCC Help Japanese (x32 Version: 2011.0705.1114.18310)
CCC Help Korean (x32 Version: 2011.0705.1114.18310)
CCC Help Norwegian (x32 Version: 2011.0705.1114.18310)
CCC Help Polish (x32 Version: 2011.0705.1114.18310)
CCC Help Portuguese (x32 Version: 2011.0705.1114.18310)
CCC Help Russian (x32 Version: 2011.0705.1114.18310)
CCC Help Spanish (x32 Version: 2011.0705.1114.18310)
CCC Help Swedish (x32 Version: 2011.0705.1114.18310)
CCC Help Thai (x32 Version: 2011.0705.1114.18310)
CCC Help Turkish (x32 Version: 2011.0705.1114.18310)
ccc-utility64 (Version: 2011.0705.1115.18310)
CCFinder (x32 Version: 2013)
CCleaner (Version: 4.01)
CCScore (x32 Version: 7.00.0000.0001)
Chronicles of Albian (x32 Version: 2.2.0.95)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Claro Chrome Toolbar (x32 Version: 1.0.0.2)
Claro LTD toolbar   (x32)
Communism Muscle Cars (x32)
Compaq Setup Manager (x32 Version: 1.1.13476.3753)
Cradle of Rome 2 (x32 Version: 2.2.0.95)
CyberGhost VPN
CyberLink YouCam (x32 Version: 3.5.1.4119)
D3DX10 (x32 Version: 15.4.2368.0902)
DarkWave Studio 4.0.7 (x32 Version: 4.0.7)
Data Wipe  (x32 Version: )
Destinations (x32 Version: 140.0.77.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
Dream Pinball 3D Demo (x32 Version: 1.00)
Easy Drive Data Recovery (x32 Version: 3.0)
Easy Flyer Creator 3.0 (x32 Version: 3.0.0)
eSpeak version 1.45.05 (x32)
ESSBrwr (x32 Version: 8.00.0000.0001)
ESSCDBK (x32 Version: 8.00.0000.0001)
ESScore (x32 Version: 8.00.0000.0001)
EssentialPIM (x32 Version: 5.51)
ESSgui (x32 Version: 8.00.0000.0001)
ESSini (x32 Version: 8.00.0000.0001)
ESSPCD (x32 Version: 7.01.0000.0001)
ESSPDock (x32 Version: 6.03.0001.0004)
ESSTOOLS (x32 Version: 5.00.0000.0004)
essvatgt (x32 Version: 8.00.0000.0001)
ESU for Microsoft Windows 7 SP1 (x32 Version: 2.1.1)
Evernote v. 4.2.3 (x32 Version: 4.2.3.22)
Farm Frenzy (x32 Version: 2.2.0.95)
FATE (x32 Version: 2.2.0.97)
fflink (x32 Version: 6.02.1001.0001)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
FireJump (x32 Version: 1.0.2.5)
First PDF (x32)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free Audio Converter version 5.0.11.504 (x32 Version: 5.0.11.504)
Free Audio Editor v7.9.4 (x32)
Free Opener (Version: 1.4)
Free Pdf Perfect Prereq (x32 Version: 1.1.0.80)
Free Video Converter V 3.1 (x32 Version: 3.1.0.0)
Free YouTube Download version 3.1.27.508 (x32 Version: 3.1.27.508)
Freemake Video Converter Version 3.1.2 (x32 Version: 3.1.2)
Freemium Free PDF Perfect (x32 Version: 1.0)
Freenet (HKCU)
FreeSoundRecorder Toolbar (x32 Version: 6.8.9.0)
Freeware.de Toolbar (x32 Version: 6.8.9.0)
Galaxy Invaders (x32)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Talk Plugin (x32 Version: 4.5.3.14917)
Google Update Helper (x32 Version: 1.3.21.153)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95)
GPBaseService2 (x32 Version: 140.0.211.000)
Grand Prix Racing (x32)
Guitar and Bass (x32 Version: 1.0.4)
Guitar Explorer 1.0 (x32)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Hilfe (x32 Version: 140.0.61.61)
HP Documentation (x32 Version: 1.1.0.0)
HP Games (x32 Version: 1.0.2.5)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Launch Box (Version: 1.0.11)
HP On Screen Display (x32 Version: 1.3.5)
HP Photo Creations (x32 Version: 1.0.0.3781)
HP Photosmart B109a-m All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Power Manager (x32 Version: 1.2.3)
HP Product Detection (x32 Version: 11.14.0001)
HP Quick Launch (x32 Version: 2.7.2)
HP QuickWeb (x32 Version: 3.1.0.9742)
HP Setup (x32 Version: 8.7.4751.3798)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Software Framework (x32 Version: 4.6.10.1)
HP Solution Center 14.0 (Version: 14.0)
HP Support Assistant (x32 Version: 7.0.39.15)
HP Update (x32 Version: 5.003.001.001)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
HTC BMP USB Driver (x32 Version: 1.0.5375)
HTC Driver Installer (x32 Version: 3.0.0.021)
HTC Sync (x32 Version: 3.2.20)
ICQ6.5 (x32 Version: 6.5)
InlineTranslate für Firefox (x32 Version: 2.0)
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0003)
Java Auto Updater (x32 Version: 2.0.7.1)
Java(TM) 6 Update 33 (x32 Version: 6.0.330)
JDownloader 0.9 (x32 Version: 0.9)
Jet Lane Racing (x32)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Kingsoft Presentation  (8.1.0.3019) (x32 Version: 8.1.0.3019)
K-Lite Codec Pack 7.0.0 (Standard) (x32 Version: 7.0.0)
Kodak EasyShare Software (x32)
L&H TTS3000 Deutsch (x32)
Last Space Fighter (x32)
LogMeIn Hamachi (x32 Version: 2.1.0.166)
MagicScore (x32)
MAGIX Content und Soundpools (x32 Version: 1.0.0.0)
MAGIX Foto Manager MX (x32 Version: 9.0.1.238)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0)
MAGIX Goya burnR (MSI) (x32 Version: 4.3.2.0)
MAGIX Music Maker 2013 (Version: 19.0.1.36)
MAGIX Music Maker 2013 (x32 Version: 19.0.1.36)
MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download-Version (x32 Version: 18.0.1.11)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
Mah Jong Medley (x32 Version: 2.2.0.95)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 140.0.212.000)
MFC RunTime files (x32 Version: 1.0.0)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (x32 Version: 12.0.4518.1014)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5128.5002)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC100_CRT_x64 (Version: 1.0.0)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MP4 To MP3 Converter V3.0.4 (x32)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
MuseScore 1.2 MuseScore score typesetter (x32 Version: 1.2.0)
MyPhoneExplorer (x32 Version: 1.8.2)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97)
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95)
netbrdg (x32 Version: 7.01.0000.0001)
Nexus Radio (x32 Version: 5.6.6)
Nuclear Coffee - VideoGet (x32 Version: 2012)
OfotoXMI (x32 Version: 7.02.0000.0001)
ooVoo (x32 Version: 3.5.9041)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Panopreter Basic version 3.0.9 (x32)
PC Rambazamba (x32 Version: 1.00.0000)
Penguins! (x32 Version: 2.2.0.95)
Photo Gallery (x32 Version: 16.4.3505.0912)
PhotoStitcher 1.2 (x32)
Picture-Kit 3 Version 3.0 (x32 Version: 3.0)
Pidgin (x32 Version: 2.10.7)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Polar Bowler (x32 Version: 2.2.0.97)
Preispilot für Firefox (x32 Version: 2.0)
PS_AIO_06_B109a-m_SW_Min (x32 Version: 140.0.690.000)
PT Portrait version 1.0.0 (Version: 1.0.0)
puush (x32 Version: 1.0.0.0)
Q-Dir
Quick Stego 1.2 (x32)
QuickTime (x32 Version: 7.50.61.0)
QuickTransfer (x32 Version: 140.0.98.000)
Radio.fx (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.42.304.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6287)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.77)
Recovery Manager (x32 Version: 2.0.0)
Scan (x32 Version: 140.0.80.000)
ScanIT-Client 3.2 (x32)
Screen Capturer (x32 Version: 1.0.4.42)
Search Results Toolbar (x32 Version: 1.0.0.12)
SearchAnonymizer (Version: 1.0.1 (de))
SFR (x32 Version: 7.01.0000.0003)
Shape Collage (x32)
SHASTA (x32 Version: 7.01.0000.0001)
shopping-preise.de AddOn Firefox (x32 Version: 2.81)
Shortcut Racers (x32)
SimplyGoodPictures (x32 Version: 1.0.12.426)
skin0001 (x32 Version: 8.00.0000.0001)
SKINXSDK (x32 Version: 7.01.0000.0001)
Skype™ 6.6 (x32 Version: 6.6.106)
Slingo Deluxe (x32 Version: 2.2.0.95)
SmartWebPrinting (x32 Version: 140.0.186.000)
SolutionCenter (x32 Version: 140.0.213.000)
Songr (x32 Version: 1.9.36)
Sothink Logo Maker Special (x32 Version: 3.5)
Speed Racers (x32)
Spotify (HKCU Version: 0.8.5.1333.g822e0de8)
Star Warship (x32)
staticcr (x32 Version: 8.00.0000.0001)
Status (x32 Version: 140.0.212.000)
SUPERAntiSpyware (Version: 5.0.1150)
SuperEasy Audio Converter 2 v.2.1.2143 (x32 Version: 2.1.2143)
SView5 for Windows
SweetIM for Messenger 3.7 (x32 Version: 3.7.0005)
Synaptics TouchPad Driver (Version: 15.3.29.0)
TeamSpeak 3 Client (Version: 3.0.11.1)
TeamViewer 8 (x32 Version: 8.0.19045)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
Tipard Video Converter Platinum 6.2.16 (x32 Version: 6.2.16)
Toolbox (x32 Version: 140.0.428.000)
TrayApp (x32 Version: 140.0.212.000)
TrueCrypt (x32 Version: 7.1a)
TuxGuitar (x32 Version: 1.2)
Ultra Drag Racing (x32)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Update Installer for WildTangent Games App (x32)
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97)
Video Rotator V1.0.9 (x32)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.6 (Version: 2.0.6)
VPRINTOL (x32 Version: 7.01.0000.0001)
WaveShop (x64) (Version: 1.0.0)
Web Check (x32)
WebReg (x32 Version: 140.0.212.017)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live Family Safety (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
WinX Mobile Video Converter 3.0.0 (x32)
WIRELESS (x32 Version: 7.02.0000.0001)
XnConvert 1.51 (Version: 1.51)
XnView 1.99.1 (x32 Version: 1.99.1)
Yahoo! Messenger (x32)
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)
YAMAHA Musicsoft Downloader 5 (x32 Version: )
Yamaha USB-MIDI Driver (Version: 3.1.2.3)
Yamaha USB-MIDI Driver (x32 Version: 3.1.2.3)
ZD Soft Screen Recorder 4.1.3.0 (x32 Version: 4.1.3.0)
Zoosk Messenger (x32 Version: 4.152.1)
Zuma Deluxe (x32 Version: 2.2.0.95)

==================== Restore Points  =========================

16-09-2013 02:37:48 Ende der Bereinigung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01129378-72E4-4875-94D9-3244AA84053B} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files (x86)\Norton Management\Engine\2.1.2.13\SymErr.exe
Task: {03E0F7C9-378E-4A6E-9734-912A1191CECC} - System32\Tasks\{4BF1A8B8-CB82-4534-9A28-D08628C5E143} => C:\Programme\jCalendar\jCalendar.exe
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {0C8FCBD4-45B6-4908-BCA1-C2C7A18677BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {0DACDC6D-9900-4C51-A8E6-B8E16FA3D043} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files (x86)\Norton Management\Engine\2.1.2.13\SymErr.exe
Task: {12671161-6449-4349-A52D-3D90185B578F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27] (Google Inc.)
Task: {1954378E-9A0C-4732-9BAE-2C1486D3047B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {1C933C6B-7E1B-4D5A-884E-312C03E52C6B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-06-15] (CyberLink)
Task: {20960428-4821-470E-B356-ADE61D278E74} - System32\Tasks\{DA63B10A-4AA4-415D-B14F-20882B020224} => C:\Users\melsy\Downloads\lhttsged.exe [2012-06-25] (Microsoft Corporation)
Task: {2275559B-C5E5-422D-AA45-9FFA455E05C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {243D7A47-C7F3-449F-A4B3-1A47C931B022} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {2D893AD3-F4BE-423A-BBD0-755B2B87AB23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated)
Task: {3010AD89-86DF-48F8-809F-7F0AB43C5091} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001UA => C:\Users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17] (Google Inc.)
Task: {46A34A3E-FE2B-48B5-AEAA-BDA3D2C4C6CD} - System32\Tasks\{7571068C-F497-4FC5-ADD4-35E7096DFB57} => C:\Program Files (x86)\Norton Internet Security\Engine64\19.7.1.5\uistub.exe
Task: {51D55B4D-67DF-40FA-A4FE-DE3CC1944C3E} - System32\Tasks\Browser Updater\Browser Updater => Rundll32.exe "C:\Program Files (x86)\HomeTab\TBUpdater.dll",TBCheckForUpdate
Task: {5A2BDD2B-322E-472A-8739-C7A17567F997} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {5BEC0A14-800A-4444-BE42-ACC444F20731} - System32\Tasks\{2A792A14-06ED-4493-81D7-2A64E97EA462} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar
Task: {60081FEC-B90C-4BA1-A4E4-5EC3F0F87609} - System32\Tasks\{8DC528DF-C668-44A2-A31C-93B2FFB13B0A} => C:\Users\melsy\AppData\Local\Freenet\freenetlauncher.exe [2013-05-21] ()
Task: {65D575BE-410A-447D-B330-5443692346AB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001Core => C:\Users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17] (Google Inc.)
Task: {6DFD1216-9460-447B-B912-4EC7A58883D3} - System32\Tasks\WpsUpdateTask_melsy => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-10-29] (Zhuhai Kingsoft Office-software Co.,Ltd)
Task: {84B95D3A-8154-47D0-8655-F1209591C404} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation)
Task: {8515EC2B-C62E-413B-A428-6F858025BC21} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {8E52F36D-3CBE-4443-AF9D-53F564C3B7F5} - System32\Tasks\{9F7FA772-FD2E-4158-A4C5-6337F924BF71} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2013-07-23] (Microsoft Corporation)
Task: {8E7F327F-12F6-4D75-9D7F-0B671653AE79} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] ()
Task: {90E77342-600D-4A4F-BF59-D61B7053855C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {92CE2904-5D89-42DD-B487-579244164EE4} - System32\Tasks\{22E33B45-0371-4117-ABFB-FEA73B3FE9A8} => C:\Programme\jCalendar\jCalendar.exe
Task: {9BCCA73A-EF82-4843-B3CD-A7B5BB0CBC56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27] (Google Inc.)
Task: {A1D18125-AD28-4922-AD84-41931526BB19} - System32\Tasks\HPCeeScheduleFormelsy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {A3DEBCE1-D5BE-471A-A2D8-1A1C61B3C499} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe [2013-08-20] (Hewlett-Packard)
Task: {BC0FD5F5-2ED6-4BB5-AF88-B0B6140C2852} - System32\Tasks\EasyShare Registration Task => C:\PROGRA~3\Kodak\EasyShareSetup\$Registration\Registration_8.0.20.1.sxt [2012-07-02] (Eastman Kodak Company)
Task: {BD89F47A-50C6-4051-8B84-126CDFEB0DCE} - System32\Tasks\{69CD82CA-4612-410F-907D-CE1E674B652E} => Firefox.exe 
Task: {C176E98E-B970-46B2-9F4D-ACAC41FB6E98} - System32\Tasks\{390AF46B-3743-4BF4-B011-EA592787C6B7} => C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
Task: {CA893ED1-E431-4340-A415-4DFFF3F4D0DA} - System32\Tasks\{AA7F026B-C42A-4E6F-B2DB-FCDAF10D2524} => C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe [2013-03-08] ()
Task: {D89AD17C-10FC-4DD5-8120-B85CD2DC8F25} - System32\Tasks\{196512D0-AEDD-4F4D-82E4-FCEF076F1057} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2013-07-23] (Microsoft Corporation)
Task: {D9CD8EF1-5ADD-4F91-8527-5EFA8009EDC6} - System32\Tasks\{E41BC0B8-6500-4D58-95D6-ECEDB1C3A9D5} => C:\Users\melsy\Downloads\lhttsged.exe [2012-06-25] (Microsoft Corporation)
Task: {E01D35B2-A251-44C7-838B-EB65E38D6E2E} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {E451466A-3491-4B89-8E2A-4477D4DA17C0} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\ProtectedSearch.exe
Task: {E6F8C8B4-6095-4F02-82B5-332CF71AEEF2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E80BC21A-6500-4F42-A32D-48AC06402F6A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-21] (Microsoft Corporation)
Task: {EE74F28E-DE62-48C6-8627-8144ECE20501} - System32\Tasks\PC Rambazamba => C:\Program Files (x86)\Langmeier Software\PC Rambazamba\pcrambazamba.exe
Task: {EF07459B-FD41-4C1A-8587-798773836EB9} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {FFE3FE28-EE03-4DF8-8144-3C66979D3375} - System32\Tasks\{670A25EF-5F02-41BB-BB0D-827A205D5869} => Firefox.exe 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EasyShare Registration Task.job => “7BfGDµÀ™g:×6Fh<
 sÀ €!Ý		:‘!C:\Windows\system32\rundll32.exe_C:\PROGRA~3\Kodak\EasyShareSetup\$Registration\Registration_8.0.20.1.sxt _RegistrationOffer@16melsy0Ü:
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001Core.job => C:\Users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001UA.job => C:\Users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleFormelsy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\WpsUpdateTask_melsy.job => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe

==================== Loaded Modules (whitelisted) =============

2009-07-14 02:18 - 2009-07-14 03:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\imaadp32.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\msg711.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\msgsm32.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm
2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2012-12-03 02:11 - 2012-12-03 02:11 - 00244696 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
2012-12-03 02:11 - 2012-12-03 02:11 - 00661448 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCP110.dll
2012-12-03 02:11 - 2012-12-03 02:11 - 00828872 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCR110.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll
2012-12-03 02:10 - 2012-12-03 02:10 - 00220632 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
2012-12-03 02:10 - 2012-12-03 02:10 - 00534480 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCP110.dll
2012-12-03 02:10 - 2012-12-03 02:10 - 00862664 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCR110.dll
2012-12-03 02:11 - 2012-12-03 02:11 - 00537560 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\Telemetry.dll
2012-12-03 02:10 - 2012-12-03 02:10 - 00038360 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\logging.dll
2010-03-09 16:22 - 2010-03-09 16:22 - 01228800 _____ (ZD Soft) C:\Program Files (x86)\ZD Soft\Screen Recorder\ScnCap.ax
2012-06-02 18:37 - 2013-08-20 13:46 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-11 15:40 - 2013-09-11 15:40 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
2013-09-15 10:28 - 2013-08-13 08:38 - 01232968 _____ (Simply Tech Ltd.) C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}\plugins\npwiddit.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2013 03:33:14 AM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Installed Microsoft Fix it 50123). Zusätzliche Informationen: 0x80070005.

Error: (09/15/2013 07:00:11 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (09/15/2013 01:59:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/15/2013 01:37:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.6.73.106, Zeitstempel: 0x51c414cb
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x1005752c
ID des fehlerhaften Prozesses: 0x1160
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3

Error: (09/08/2013 07:00:01 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (09/04/2013 03:53:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 23.0.1.4974, Zeitstempel: 0x520bc252
Name des fehlerhaften Moduls: xul.dll, Version: 23.0.1.4974, Zeitstempel: 0x520bc166
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017af08
ID des fehlerhaften Prozesses: 0x1448
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (09/01/2013 07:00:05 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (08/28/2013 06:32:24 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/28/2013 04:38:45 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/28/2013 04:38:32 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/16/2013 01:26:53 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (09/16/2013 01:26:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (09/16/2013 01:26:12 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/16/2013 06:39:32 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (09/16/2013 04:40:19 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (09/16/2013 04:40:11 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/16/2013 04:27:11 AM) (Source: BugCheck) (User: )
Description: 0x0000006b (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP091613-44959-01

Error: (09/16/2013 03:38:19 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/16/2013 03:22:24 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (09/16/2013 03:22:20 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-11-25 15:01:32.976
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 50%
Total physical RAM: 3690.91 MB
Available physical RAM: 1818.4 MB
Total Pagefile: 7380 MB
Available Pagefile: 4781 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.09 GB) (Free:276.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:15.51 GB) (Free:1.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F2DC90A7)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================

--- --- ---

lobowolf · 16.09.2013, 17:37

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-09-2013 01
Ran by melsy (administrator) on MELSY-HP on 16-09-2013 18:04:25
Running from C:\Users\melsy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Users\melsy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Spotify Ltd) C:\Users\melsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Ocs_SM] - C:\Users\melsy\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-08-02] (OCS)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Google Update] - C:\Users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-17] (Google Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\melsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-10-28] (Spotify Ltd)
HKCU\...\Run: [EssentialPIM] - C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe [13912056 2013-03-08] ()
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
MountPoints2: {075fc578-9294-11e2-b468-ec9a74f5fc5d} - H:\Setup.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
AppInit_DLLs-x32: c:\progra~3\browserdefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\browserdefender.dll [ ] ()
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Bing
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
URLSearchHook: (No Name) - {32b29df0-2237-4370-9a29-37cebb730e9b} -  No File
URLSearchHook: (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = QVO6
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = QVO6
SearchScopes: HKLM - {8262B94D-0FB8-44AE-AA96-7114154C01C3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = QVO6
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPNTDF
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = QVO6
SearchScopes: HKLM-x32 - {8262B94D-0FB8-44AE-AA96-7114154C01C3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=UXxdm018YYat&ptnrS=UXxdm018YYat&si=maps4pc&ptb=20F2348D-FE56-4A09-AE5D-517CC951BED5&ind=2012072715&n=77edcb0b&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = QVO6
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D43504E5444462670633D43504E544446267372633D49452D536561726368426F78&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {0E0DBFCD-7DDD-4792-9F42-2DFF3E266C26} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=96ABE4D53D2D1F10&affID=119523&tsp=4960
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com.anonymize-me.de/?anonymto=687474703A2F2F65752E61736B2E636F6D2F7765623F713D7B7365617263687465726D737D266C3D646973266F3D43504E544446&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = QVO6
SearchScopes: HKCU - {5DAD9BF3-1DB3-4915-899F-52C1FB45E7A5} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {8262B94D-0FB8-44AE-AA96-7114154C01C3} URL = 
SearchScopes: HKCU - {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.mywebsearch.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6D797765627365617263682E636F6D2F6D797765627365617263682F47476D61696E2E6A68746D6C3F69643D555878646D303138595961742670746E72533D555878646D303138595961742673693D6D617073347063267074623D32304632333438442D464535362D344130392D414535442D35313743433935314245443526696E643D32303132303732373135266E3D3737656463623062267073613D2673743D736226736561726368666F723D7B7365617263685465726D737D&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F61742E7365617263682E7961686F6F2E636F6D2F7365617263683F703D7B7365617263685465726D737D2665693D7B696E707574456E636F64696E677D2666723D6368722D68702D70736726747970653D43504E544446&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {CABAEECD-ADAE-4D8C-96D8-B72FB977BC57} URL = hxxp://search.conduit.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E636F6E647569742E636F6D2F526573756C74734578742E617370783F713D7B7365617263685465726D737D26536561726368536F757263653D3426637469643D435432373336343736&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org.anonymize-me.de/?anonymto=687474703A2F2F64652E77696B6970656469612E6F72672F77696B692F5370656369616C3A5365617263683F7365617263683D7B7365617263685465726D737D&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com.anonymize-me.de/?anonymto=687474703A2F2F726F7665722E656261792E636F6D2F726F7665722F312F353232312D3131313037322D373833332D332F343F6D7072653D687474703A2F2F73686F702E656261792E636F6D2F3F5F6E6B773D7B7365617263685465726D737D&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {F0F2CF65-4A0B-4150-836E-781B9B2532D8} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10397&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABV&apn_dtid=^YYYYYY^YY^AT&apn_uid=8e4ecc86-1479-4e5b-a1c9-34b6ce24ddf2&apn_sauid=E4195978-B757-4776-9B04-E87DC08BC106
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Claro LTD Helper Object - {000F18F2-09EB-4A59-82B2-5AE4184C39C3} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll (Montera Technologeis LTD)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Search Results Toolbar - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll (Ask.com)
BHO-x32: HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} - C:\Users\melsy\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\Web Check\WebCheck.dll (Web Check)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 -  No Name - {32b29df0-2237-4370-9a29-37cebb730e9b} -  No File
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM-x32 -  No Name - {7e111a5c-3d11-4f56-9463-5310c3c69025} -  No File
Toolbar: HKLM-x32 -  No Name - {364ea597-e728-4ce4-bb4a-ed846ef47970} -  No File
Toolbar: HKLM-x32 - Claro LTD Toolbar - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - C:\Program Files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - Search Results Toolbar - {94366e2c-9923-431c-b0d6-747447dd0f2b} - C:\Program Files (x86)\searchresults1\searchresultsDx.dll (Ask.com)
Toolbar: HKLM-x32 -  No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} - C:\Users\melsy\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.)
Toolbar: HKCU -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU -  No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU -  No Name - {32B29DF0-2237-4370-9A29-37CEBB730E9B} -  No File
Toolbar: HKCU -  No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} -  No File
Toolbar: HKCU -  No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()

FireFox:
========
FF ProfilePath: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default
FF user.js: detected! => C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\user.js
FF NewTab: about:home
FF DefaultSearchEngine: qvo6
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @MapsGalaxy_39.com/Plugin - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin\NP39Stub.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\melsy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\melsy\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\melsy\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\melsy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\melsy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\babylon1.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\the-pirate-bay.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MEGA EXTENSION - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firefox@mega.co.nz
FF Extension: FireJump - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firejump@firejump.net
FF Extension: Facebook Privacy Watcher - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\fpw@informatik.tu-darmstadt.de
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\ich@maltegoetz.de
FF Extension: WebCake - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\plugin@getwebcake.com
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\staged
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\youtubeunblocker@unblocker.yt
FF Extension: NoScript - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF Extension: Search Results Toolbar - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{94366e2c-9923-431c-b0d6-747447dd0f2b}
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
FF Extension: HomeTab - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
FF Extension: Greasemonkey - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF Extension: firefox - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firefox@ghostery.com.xpi
FF Extension: firefox - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firefox@mega.co.nz.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firejump_1027.zip
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firejump_1028.zip
FF Extension: fpw - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\fpw@informatik.tu-darmstadt.de.xpi
FF Extension: freehdsport - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\freehdsport@freehdsport.tv.xpi
FF Extension: info - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\info@convert2mp3.net.xpi
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: nishan.naseer.googimagesearch - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\nishan.naseer.googimagesearch@gmail.com.xpi
FF Extension: requestpolicy - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\requestpolicy@requestpolicy.com.xpi
FF Extension: stealthyextension - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: youtubeunblocker - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\youtubeunblocker@unblocker.yt.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [39ffxtbr@MapsGalaxy_39.com] - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin
FF Extension: MapsGalaxy - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF Extension: No Name - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF Extension: No Name - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\firejump@firejump.net
FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\mail@shopping-preise.de
FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\extension@preispilot.com
FF HKCU\...\Firefox\Extensions: [inlinetranslate@inlinetranslate.com] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\inlinetranslate@inlinetranslate.com
FF HKCU\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\sparpilot@sparpilot.com

Chrome: 
=======
CHR HomePage: about:newtab?source=home
CHR Extension: () - C:\Users\melsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl\1.1
CHR Extension: (Iminent) - C:\Users\melsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.16.5.1
CHR Extension: () - C:\Users\melsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.2.0.4
CHR HKLM-x32\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx
CHR HKLM-x32\...\Chrome\Extension: [dcillohgikpecbmgioknapdpcjofaafl] - C:\Users\melsy\AppData\Roaming\Claro\claro.crx
CHR HKLM-x32\...\Chrome\Extension: [dhdepfaagokllfmhfbcfmocaeigmoebo] - C:\Users\melsy\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx
CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\melsy\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx
CHR HKLM-x32\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2011-08-12] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-05] (Advanced Micro Devices, Inc.)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432080 2013-09-04] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany)
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
S4 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3665752 2012-01-26] ()
R2 SearchAnonymizer; C:\Users\melsy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2012-08-02] ()
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-09-02] (soft Xpansion)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [x]

==================== Drivers (Whitelisted) ====================

R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133160 2011-06-16] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-21] (Broadcom Corporation.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2011-11-07] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-03] (Anchorfree Inc.)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [51016 2011-11-01] (Yamaha Corporation)
S3 CpqDfw; system32\drivers\CpqDfw.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-16 18:03 - 2013-09-16 18:03 - 00000000 ____D C:\FRST
2013-09-16 18:02 - 2013-09-16 18:02 - 01951150 _____ (Farbar) C:\Users\melsy\Downloads\FRST64.exe
2013-09-16 13:29 - 2013-09-16 13:29 - 00000378 _____ C:\Windows\PFRO.log
2013-09-16 13:29 - 2013-09-16 13:29 - 00000056 _____ C:\Windows\setupact.log
2013-09-16 04:36 - 2013-09-16 04:38 - 00001203 _____ C:\DelFix.txt
2013-09-16 04:36 - 2013-09-16 04:36 - 00000000 ____D C:\Windows\ERUNT
2013-09-15 10:28 - 2013-09-16 13:59 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-09-15 10:28 - 2013-09-16 13:59 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-09-15 10:28 - 2013-09-16 13:59 - 00000000 ____D C:\Users\melsy\AppData\Roaming\HomeTab
2013-09-15 10:28 - 2013-09-15 17:10 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SimplyTech
2013-09-15 10:28 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-09-11 15:04 - 2013-09-11 15:04 - 04054000 _____ (LionSea Software                                            ) C:\Users\melsy\Downloads\setup(2).exe
2013-09-11 14:49 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 14:49 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 14:49 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 14:49 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 14:49 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 14:49 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-11 14:49 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-11 14:49 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 14:49 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-11 14:49 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 14:49 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-11 14:49 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 14:49 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 14:49 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-11 14:49 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 14:49 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 14:49 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 14:49 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 14:49 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 14:49 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 14:49 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-11 14:49 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 14:49 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-11 14:49 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 14:49 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 14:49 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-11 14:49 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-11 14:49 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 14:49 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 14:49 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 14:49 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-11 14:49 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 13:49 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 13:49 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k(2052).sys
2013-09-11 13:49 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 13:49 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 13:49 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 13:49 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 13:49 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 13:49 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 13:49 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 13:49 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 13:49 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 13:49 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0(2044).dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0(2043).dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 13:49 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 13:49 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 13:49 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 13:49 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 13:49 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0(2056).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0(2059).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0(2057).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0(2058).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0(2055).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0(2054).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0(2053).dll
2013-09-11 13:49 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 13:49 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 13:49 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 13:49 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 13:49 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 13:49 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 13:49 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 13:47 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 13:47 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 13:47 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 13:47 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-05 01:43 - 2013-09-05 01:43 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2013-09-02 15:08 - 2013-09-02 15:08 - 00957112 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\SaveAsPDFandXPS.exe
2013-09-02 15:08 - 2013-09-02 15:08 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-09-02 14:31 - 2013-09-02 14:31 - 00002138 _____ C:\Users\melsy\Desktop\Free PDF Perfect.lnk
2013-09-02 14:30 - 2013-09-02 14:30 - 00010464 _____ C:\Windows\SysWOW64\sx_p2d.tlb
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\ProgramData\Freemium
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\Program Files (x86)\Freemium
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Users\melsy\Downloads\freepdf
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\SoftwareUpdater
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-09-02 14:27 - 2013-09-02 14:27 - 00000000 ____D C:\Program Files (x86)\Web Check
2013-09-02 14:26 - 2013-09-02 14:28 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-02 14:21 - 2013-09-16 13:59 - 00000000 ____D C:\Users\melsy\AppData\Local\DownloadGuide
2013-09-02 14:21 - 2013-09-02 14:21 - 00444400 _____ C:\Users\melsy\Downloads\DLG_free-pdf-perfect_chip_de-DE10.exe
2013-08-29 14:49 - 2013-08-29 14:49 - 00000000 _____ C:\Windows\setuperr.log
2013-08-28 16:41 - 2013-08-29 13:12 - 00000000 ____D C:\Program Files\Hear
2013-08-28 16:41 - 2011-11-07 16:18 - 00046728 _____ C:\Windows\system32\Drivers\ren2cap.sys
2013-08-26 06:04 - 2013-08-26 06:26 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Betcat
2013-08-26 03:38 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2013-08-26 03:38 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2013-08-26 03:38 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2013-08-26 03:38 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2013-08-26 03:38 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2013-08-26 03:38 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2013-08-26 03:38 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2013-08-26 03:38 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2013-08-26 03:38 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2013-08-26 03:38 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2013-08-26 03:38 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2013-08-26 03:38 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2013-08-26 03:15 - 2013-08-26 03:16 - 50352408 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotnetfx45_full_x86_x64.exe
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\system32\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\inetpub
2013-08-26 02:30 - 2013-08-26 02:30 - 00003144 _____ C:\Windows\System32\Tasks\{963AFCB0-77B1-4C30-B305-F56C7A0EBB2B}
2013-08-26 02:28 - 2013-08-26 02:29 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup(1).exe
2013-08-26 02:26 - 2013-08-26 02:26 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup.exe
2013-08-26 02:21 - 2013-08-26 02:22 - 41580520 _____ (Hewlett-Packard                                             ) C:\Users\melsy\Downloads\sp58915.exe
2013-08-26 02:10 - 2012-02-14 15:24 - 00286426 _____ C:\Users\melsy\Downloads\Language.de.xml
2013-08-26 02:10 - 2010-07-19 22:13 - 00001283 _____ C:\Users\melsy\Downloads\Readme.txt
2013-08-26 02:09 - 2013-08-26 02:09 - 00069183 _____ C:\Users\melsy\Downloads\langpack-de-1.0.1-for-truecrypt-7.1a(1).zip
2013-08-26 02:08 - 2013-08-26 02:10 - 00000000 ____D C:\Users\melsy\AppData\Roaming\TrueCrypt
2013-08-26 02:07 - 2013-08-26 02:07 - 00000875 _____ C:\Users\Public\Desktop\TrueCrypt.lnk
2013-08-26 02:06 - 2013-08-26 02:06 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2013-08-26 02:06 - 2013-08-26 02:06 - 00000000 ____D C:\Program Files\TrueCrypt
2013-08-26 01:30 - 2013-08-26 01:30 - 00000649 _____ C:\Users\melsy\Documents\CyberGhostPUK.html
2013-08-26 01:26 - 2013-08-26 01:26 - 00000872 _____ C:\Users\Public\Desktop\CyberGhost VPN.lnk
2013-08-26 01:25 - 2013-08-26 01:29 - 00000000 ____D C:\Program Files\CyberGhost VPN
2013-08-26 01:25 - 2011-12-15 20:29 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys

==================== One Month Modified Files and Folders =======

2013-09-16 18:03 - 2013-09-16 18:03 - 00000000 ____D C:\FRST
2013-09-16 18:02 - 2013-09-16 18:02 - 01951150 _____ (Farbar) C:\Users\melsy\Downloads\FRST64.exe
2013-09-16 17:39 - 2012-08-29 02:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-16 17:39 - 2012-07-27 21:04 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-16 17:39 - 2012-05-18 13:08 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Skype
2013-09-16 17:36 - 2013-01-24 00:10 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001UA.job
2013-09-16 17:11 - 2012-08-13 23:06 - 00000386 _____ C:\Windows\Tasks\WpsUpdateTask_melsy.job
2013-09-16 16:31 - 2011-12-10 06:03 - 01756979 _____ C:\Windows\WindowsUpdate.log
2013-09-16 16:13 - 2013-05-07 18:00 - 00000000 ____D C:\ProgramData\MFAData
2013-09-16 15:39 - 2012-07-27 21:04 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-16 15:36 - 2013-01-24 00:10 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001Core.job
2013-09-16 13:59 - 2013-09-15 10:28 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-09-16 13:59 - 2013-09-15 10:28 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-09-16 13:59 - 2013-09-15 10:28 - 00000000 ____D C:\Users\melsy\AppData\Roaming\HomeTab
2013-09-16 13:59 - 2013-09-02 14:21 - 00000000 ____D C:\Users\melsy\AppData\Local\DownloadGuide
2013-09-16 13:59 - 2013-08-12 06:53 - 00000000 ____D C:\Users\melsy\AppData\Roaming\dp3d
2013-09-16 13:59 - 2013-07-31 10:20 - 00000000 ____D C:\ProgramData\BrowserDefender
2013-09-16 13:59 - 2013-05-18 22:52 - 00000000 ____D C:\Users\melsy\AppData\Roaming\EssentialPIM
2013-09-16 13:59 - 2013-02-03 16:59 - 00000000 ____D C:\Users\melsy\.tuxguitar-1.2
2013-09-16 13:59 - 2012-12-18 15:30 - 00000000 ____D C:\Program Files (x86)\AntiPhotoSpy
2013-09-16 13:59 - 2012-06-23 14:51 - 00000000 ____D C:\Windows\system32\Macromed
2013-09-16 13:59 - 2012-06-17 15:14 - 00000000 ____D C:\Users\melsy\AppData\Local\Abelssoft
2013-09-16 13:59 - 2012-05-25 15:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-16 13:59 - 2012-05-20 13:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-16 13:59 - 2012-05-19 14:23 - 00000000 ____D C:\Program Files (x86)\ScanIT-Client
2013-09-16 13:59 - 2012-05-18 16:55 - 00000000 ____D C:\Users\melsy\AppData\Roaming\vlc
2013-09-16 13:59 - 2012-05-18 16:45 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Audacity
2013-09-16 13:59 - 2012-05-18 12:50 - 00000000 ___RD C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-16 13:59 - 2012-05-18 12:50 - 00000000 ___RD C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-16 13:59 - 2012-05-18 12:45 - 00000000 ____D C:\Users\melsy\AppData\Local\Hewlett-Packard
2013-09-16 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-16 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-16 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-09-16 13:55 - 2012-05-25 15:55 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SUPERAntiSpyware.com
2013-09-16 13:37 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-16 13:37 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-16 13:29 - 2013-09-16 13:29 - 00000378 _____ C:\Windows\PFRO.log
2013-09-16 13:29 - 2013-09-16 13:29 - 00000056 _____ C:\Windows\setupact.log
2013-09-16 13:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-16 13:21 - 2012-08-21 10:03 - 00000000 ____D C:\Windows\Minidump
2013-09-16 12:11 - 2013-03-05 14:41 - 00000000 ____D C:\Users\melsy\AppData\Roaming\TS3Client
2013-09-16 04:38 - 2013-09-16 04:36 - 00001203 _____ C:\DelFix.txt
2013-09-16 04:36 - 2013-09-16 04:36 - 00000000 ____D C:\Windows\ERUNT
2013-09-16 04:27 - 2012-05-18 12:43 - 00000000 ____D C:\Users\melsy
2013-09-15 17:37 - 2012-05-20 17:38 - 00000000 ____D C:\Users\melsy\AppData\Local\CrashDumps
2013-09-15 17:10 - 2013-09-15 10:28 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SimplyTech
2013-09-15 17:10 - 2013-07-28 19:54 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Web Cake
2013-09-15 17:10 - 2013-07-28 19:54 - 00000000 ____D C:\Program Files (x86)\Web Cake
2013-09-15 11:20 - 2013-04-27 18:33 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleFormelsy
2013-09-15 11:20 - 2013-04-27 18:33 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleFormelsy.job
2013-09-15 10:27 - 2012-08-21 16:29 - 00001409 _____ C:\Users\melsy\Desktop\Internet Explorer.lnk
2013-09-15 10:27 - 2012-06-02 19:17 - 00001107 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-15 10:27 - 2012-05-18 12:51 - 00001405 _____ C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-09-15 10:27 - 2012-05-18 12:50 - 00001439 _____ C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-14 13:03 - 2012-05-20 13:12 - 00000000 ____D C:\Users\melsy\Documents\Gitarre
2013-09-14 11:58 - 2012-05-19 17:43 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-09-14 11:57 - 2012-05-26 17:23 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-09-13 18:40 - 2012-08-29 02:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-13 18:40 - 2012-05-20 17:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-13 18:40 - 2011-08-09 13:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-13 08:37 - 2013-07-26 01:28 - 00000941 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-09-12 13:07 - 2011-08-09 22:16 - 00772974 _____ C:\Windows\system32\perfh007.dat
2013-09-12 13:07 - 2011-08-09 22:16 - 00175058 _____ C:\Windows\system32\perfc007.dat
2013-09-12 13:07 - 2009-07-14 07:13 - 01804214 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-11 15:04 - 2013-09-11 15:04 - 04054000 _____ (LionSea Software                                            ) C:\Users\melsy\Downloads\setup(2).exe
2013-09-11 14:54 - 2013-05-20 19:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 14:51 - 2013-01-13 17:21 - 00001979 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-09-11 14:21 - 2009-07-14 06:45 - 00544232 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 14:12 - 2012-05-20 13:51 - 01831832 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-11 14:11 - 2013-07-11 12:55 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 14:03 - 2012-05-21 04:56 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 02:58 - 2012-07-02 02:36 - 00000410 _____ C:\Windows\Tasks\EasyShare Registration Task.job
2013-09-05 01:43 - 2013-09-05 01:43 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2013-09-04 13:50 - 2012-08-09 23:07 - 00000000 ____D C:\Users\melsy\Documents\My Downloaded Video
2013-09-02 15:08 - 2013-09-02 15:08 - 00957112 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\SaveAsPDFandXPS.exe
2013-09-02 15:08 - 2013-09-02 15:08 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-09-02 14:31 - 2013-09-02 14:31 - 00002138 _____ C:\Users\melsy\Desktop\Free PDF Perfect.lnk
2013-09-02 14:30 - 2013-09-02 14:30 - 00010464 _____ C:\Windows\SysWOW64\sx_p2d.tlb
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\ProgramData\Freemium
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\Program Files (x86)\Freemium
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Users\melsy\Downloads\freepdf
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\SoftwareUpdater
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-09-02 14:28 - 2013-09-02 14:26 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-02 14:27 - 2013-09-02 14:27 - 00000000 ____D C:\Program Files (x86)\Web Check
2013-09-02 14:21 - 2013-09-02 14:21 - 00444400 _____ C:\Users\melsy\Downloads\DLG_free-pdf-perfect_chip_de-DE10.exe
2013-08-30 19:36 - 2012-05-20 18:06 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Mozilla
2013-08-29 14:49 - 2013-08-29 14:49 - 00000000 _____ C:\Windows\setuperr.log
2013-08-29 14:47 - 2012-05-20 13:52 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SoftGrid Client
2013-08-29 14:00 - 2013-03-05 14:40 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-29 13:40 - 2013-06-02 20:51 - 00000000 ____D C:\Users\melsy\AppData\Local\Freenet
2013-08-29 13:13 - 2012-05-22 00:39 - 00000000 ___RD C:\Users\melsy\Desktop\TONSTUDIO
2013-08-29 13:12 - 2013-08-28 16:41 - 00000000 ____D C:\Program Files\Hear
2013-08-29 13:11 - 2012-08-21 18:03 - 00000000 ____D C:\Windows\pss
2013-08-26 06:26 - 2013-08-26 06:04 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Betcat
2013-08-26 06:17 - 2011-02-10 21:23 - 00000000 ____D C:\SWSetup
2013-08-26 05:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2013-08-26 05:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2013-08-26 03:16 - 2013-08-26 03:15 - 50352408 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotnetfx45_full_x86_x64.exe
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\system32\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\inetpub
2013-08-26 02:30 - 2013-08-26 02:30 - 00003144 _____ C:\Windows\System32\Tasks\{963AFCB0-77B1-4C30-B305-F56C7A0EBB2B}
2013-08-26 02:29 - 2013-08-26 02:28 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup(1).exe
2013-08-26 02:26 - 2013-08-26 02:26 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup.exe
2013-08-26 02:22 - 2013-08-26 02:21 - 41580520 _____ (Hewlett-Packard                                             ) C:\Users\melsy\Downloads\sp58915.exe
2013-08-26 02:10 - 2013-08-26 02:08 - 00000000 ____D C:\Users\melsy\AppData\Roaming\TrueCrypt
2013-08-26 02:09 - 2013-08-26 02:09 - 00069183 _____ C:\Users\melsy\Downloads\langpack-de-1.0.1-for-truecrypt-7.1a(1).zip
2013-08-26 02:07 - 2013-08-26 02:07 - 00000875 _____ C:\Users\Public\Desktop\TrueCrypt.lnk
2013-08-26 02:06 - 2013-08-26 02:06 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2013-08-26 02:06 - 2013-08-26 02:06 - 00000000 ____D C:\Program Files\TrueCrypt
2013-08-26 01:30 - 2013-08-26 01:30 - 00000649 _____ C:\Users\melsy\Documents\CyberGhostPUK.html
2013-08-26 01:29 - 2013-08-26 01:25 - 00000000 ____D C:\Program Files\CyberGhost VPN
2013-08-26 01:26 - 2013-08-26 01:26 - 00000872 _____ C:\Users\Public\Desktop\CyberGhost VPN.lnk
2013-08-24 02:33 - 2012-10-07 00:30 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SpaceShooter
2013-08-21 15:57 - 2012-06-02 19:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-20 13:46 - 2012-05-20 18:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-20 12:52 - 2012-07-18 03:06 - 00000000 ___RD C:\Users\melsy\Desktop\Foto Video
2013-08-20 11:36 - 2012-05-18 14:31 - 00000000 ____D C:\Users\melsy\AppData\Local\Windows Live

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 01:20

==================== End Of Log ============================

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 01
Ran by melsy at 2013-09-16 18:06:09
Running from C:\Users\melsy\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (x32 Version: 3.5.0.600)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Photoshop CS5 (x32 Version: 12.0)
Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.620)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95)
Aiseesoft PDF to Word Converter 3.1.8 (x32)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Fuel (Version: 2011.0705.1115.18310)
AMD Media Foundation Decoders (Version: 1.0.60705.1113)
AMD VISION Engine Control Center (x32 Version: 2011.0705.1115.18310)
AntiPhotoSpy 2013 (x32 Version: 1.6)
Artensoft Photo Mosaic Wizard (Version: 1.6)
Ashampoo Music Studio 2012 v.1.0.0 (x32 Version: 1.0.0)
Ashampoo Photo Commander 9 v.9.4.3 (x32 Version: 9.4.3)
Ashampoo Video Styler 2013 v.1.0.1 (x32 Version: 1.0.1)
Ashampoo WinOptimizer 6.60 (x32 Version: 6.6.0)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Audacity 2.0.2 (x32 Version: 2.0.2)
Audio Record Wizard (x32 Version: 6.8)
AUDIOzilla v1.1 (x32)
AVG 2013 (Version: 13.0.3222)
AVG 2013 (Version: 13.0.3408)
AVG 2013 (Version: 2013.0.3408)
AVS Audio Converter 7 (x32)
AVS Audio Recorder version 4.0 (x32)
AVS Update Manager 1.0 (x32)
AVS4YOU Software Navigator 1.4 (x32)
AX3000G SoundEditor (x32 Version: 1.00.0.2)
B109a-m (x32 Version: 140.0.690.000)
Balabolka (x32 Version: 2.05)
Bejeweled 3 (x32 Version: 2.2.0.97)
Blasterball 3 (x32 Version: 2.2.0.97)
Bounce Symphony (x32 Version: 2.2.0.97)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.100.82.86)
Broadcom Bluetooth Software (Version: 6.5.0.1300)
Broadcom InConcert Maestro (Version: 1.0.1.1300)
BufferChm (x32 Version: 140.0.212.000)
BusinessCards MX (x32 Version: 4.73)
Cake Mania (x32 Version: 2.2.0.95)
Calme Version 2013 (x32 Version: 2013)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0705.1115.18310)
Catalyst Control Center InstallProxy (x32 Version: 2011.0705.1115.18310)
Catalyst Control Center Localization All (x32 Version: 2011.0705.1115.18310)
CCC Help Chinese Standard (x32 Version: 2011.0705.1114.18310)
CCC Help Chinese Traditional (x32 Version: 2011.0705.1114.18310)
CCC Help Czech (x32 Version: 2011.0705.1114.18310)
CCC Help Danish (x32 Version: 2011.0705.1114.18310)
CCC Help Dutch (x32 Version: 2011.0705.1114.18310)
CCC Help English (x32 Version: 2011.0705.1114.18310)
CCC Help Finnish (x32 Version: 2011.0705.1114.18310)
CCC Help French (x32 Version: 2011.0705.1114.18310)
CCC Help German (x32 Version: 2011.0705.1114.18310)
CCC Help Greek (x32 Version: 2011.0705.1114.18310)
CCC Help Hungarian (x32 Version: 2011.0705.1114.18310)
CCC Help Italian (x32 Version: 2011.0705.1114.18310)
CCC Help Japanese (x32 Version: 2011.0705.1114.18310)
CCC Help Korean (x32 Version: 2011.0705.1114.18310)
CCC Help Norwegian (x32 Version: 2011.0705.1114.18310)
CCC Help Polish (x32 Version: 2011.0705.1114.18310)
CCC Help Portuguese (x32 Version: 2011.0705.1114.18310)
CCC Help Russian (x32 Version: 2011.0705.1114.18310)
CCC Help Spanish (x32 Version: 2011.0705.1114.18310)
CCC Help Swedish (x32 Version: 2011.0705.1114.18310)
CCC Help Thai (x32 Version: 2011.0705.1114.18310)
CCC Help Turkish (x32 Version: 2011.0705.1114.18310)
ccc-utility64 (Version: 2011.0705.1115.18310)
CCFinder (x32 Version: 2013)
CCleaner (Version: 4.01)
CCScore (x32 Version: 7.00.0000.0001)
Chronicles of Albian (x32 Version: 2.2.0.95)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Claro Chrome Toolbar (x32 Version: 1.0.0.2)
Claro LTD toolbar   (x32)
Communism Muscle Cars (x32)
Compaq Setup Manager (x32 Version: 1.1.13476.3753)
Cradle of Rome 2 (x32 Version: 2.2.0.95)
CyberGhost VPN
CyberLink YouCam (x32 Version: 3.5.1.4119)
D3DX10 (x32 Version: 15.4.2368.0902)
DarkWave Studio 4.0.7 (x32 Version: 4.0.7)
Data Wipe  (x32 Version: )
Destinations (x32 Version: 140.0.77.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
Dream Pinball 3D Demo (x32 Version: 1.00)
Easy Drive Data Recovery (x32 Version: 3.0)
Easy Flyer Creator 3.0 (x32 Version: 3.0.0)
eSpeak version 1.45.05 (x32)
ESSBrwr (x32 Version: 8.00.0000.0001)
ESSCDBK (x32 Version: 8.00.0000.0001)
ESScore (x32 Version: 8.00.0000.0001)
EssentialPIM (x32 Version: 5.51)
ESSgui (x32 Version: 8.00.0000.0001)
ESSini (x32 Version: 8.00.0000.0001)
ESSPCD (x32 Version: 7.01.0000.0001)
ESSPDock (x32 Version: 6.03.0001.0004)
ESSTOOLS (x32 Version: 5.00.0000.0004)
essvatgt (x32 Version: 8.00.0000.0001)
ESU for Microsoft Windows 7 SP1 (x32 Version: 2.1.1)
Evernote v. 4.2.3 (x32 Version: 4.2.3.22)
Farm Frenzy (x32 Version: 2.2.0.95)
FATE (x32 Version: 2.2.0.97)
fflink (x32 Version: 6.02.1001.0001)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
FireJump (x32 Version: 1.0.2.5)
First PDF (x32)
Fotogalerie (x32 Version: 16.4.3505.0912)
Free Audio Converter version 5.0.11.504 (x32 Version: 5.0.11.504)
Free Audio Editor v7.9.4 (x32)
Free Opener (Version: 1.4)
Free Pdf Perfect Prereq (x32 Version: 1.1.0.80)
Free Video Converter V 3.1 (x32 Version: 3.1.0.0)
Free YouTube Download version 3.1.27.508 (x32 Version: 3.1.27.508)
Freemake Video Converter Version 3.1.2 (x32 Version: 3.1.2)
Freemium Free PDF Perfect (x32 Version: 1.0)
Freenet (HKCU)
FreeSoundRecorder Toolbar (x32 Version: 6.8.9.0)
Freeware.de Toolbar (x32 Version: 6.8.9.0)
Galaxy Invaders (x32)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Talk Plugin (x32 Version: 4.5.3.14917)
Google Update Helper (x32 Version: 1.3.21.153)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95)
GPBaseService2 (x32 Version: 140.0.211.000)
Grand Prix Racing (x32)
Guitar and Bass (x32 Version: 1.0.4)
Guitar Explorer 1.0 (x32)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (Version: 22.50.231.0)
HP Deskjet 2050 J510 series Hilfe (x32 Version: 140.0.61.61)
HP Documentation (x32 Version: 1.1.0.0)
HP Games (x32 Version: 1.0.2.5)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Launch Box (Version: 1.0.11)
HP On Screen Display (x32 Version: 1.3.5)
HP Photo Creations (x32 Version: 1.0.0.3781)
HP Photosmart B109a-m All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Power Manager (x32 Version: 1.2.3)
HP Product Detection (x32 Version: 11.14.0001)
HP Quick Launch (x32 Version: 2.7.2)
HP QuickWeb (x32 Version: 3.1.0.9742)
HP Setup (x32 Version: 8.7.4751.3798)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Software Framework (x32 Version: 4.6.10.1)
HP Solution Center 14.0 (Version: 14.0)
HP Support Assistant (x32 Version: 7.0.39.15)
HP Update (x32 Version: 5.003.001.001)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
HTC BMP USB Driver (x32 Version: 1.0.5375)
HTC Driver Installer (x32 Version: 3.0.0.021)
HTC Sync (x32 Version: 3.2.20)
ICQ6.5 (x32 Version: 6.5)
InlineTranslate für Firefox (x32 Version: 2.0)
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0003)
Java Auto Updater (x32 Version: 2.0.7.1)
Java(TM) 6 Update 33 (x32 Version: 6.0.330)
JDownloader 0.9 (x32 Version: 0.9)
Jet Lane Racing (x32)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 16.4.3505.0912)
Kingsoft Presentation  (8.1.0.3019) (x32 Version: 8.1.0.3019)
K-Lite Codec Pack 7.0.0 (Standard) (x32 Version: 7.0.0)
Kodak EasyShare Software (x32)
L&H TTS3000 Deutsch (x32)
Last Space Fighter (x32)
LogMeIn Hamachi (x32 Version: 2.1.0.166)
MagicScore (x32)
MAGIX Content und Soundpools (x32 Version: 1.0.0.0)
MAGIX Foto Manager MX (x32 Version: 9.0.1.238)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0)
MAGIX Goya burnR (MSI) (x32 Version: 4.3.2.0)
MAGIX Music Maker 2013 (Version: 19.0.1.36)
MAGIX Music Maker 2013 (x32 Version: 19.0.1.36)
MAGIX Music Maker 2013 Trial Soundpools (Version: 1.0.0.0)
MAGIX Music Maker MX Production Suite Download-Version (x32 Version: 18.0.1.11)
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
Mah Jong Medley (x32 Version: 2.2.0.95)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 140.0.212.000)
MFC RunTime files (x32 Version: 1.0.0)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (x32 Version: 12.0.4518.1014)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.5128.5002)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (x32 Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC100_CRT_x64 (Version: 1.0.0)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Movie Maker (x32 Version: 16.4.3505.0912)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
MP4 To MP3 Converter V3.0.4 (x32)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
MuseScore 1.2 MuseScore score typesetter (x32 Version: 1.2.0)
MyPhoneExplorer (x32 Version: 1.8.2)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97)
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95)
netbrdg (x32 Version: 7.01.0000.0001)
Nexus Radio (x32 Version: 5.6.6)
Nuclear Coffee - VideoGet (x32 Version: 2012)
OfotoXMI (x32 Version: 7.02.0000.0001)
ooVoo (x32 Version: 3.5.9041)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Panopreter Basic version 3.0.9 (x32)
PC Rambazamba (x32 Version: 1.00.0000)
Penguins! (x32 Version: 2.2.0.95)
Photo Gallery (x32 Version: 16.4.3505.0912)
PhotoStitcher 1.2 (x32)
Picture-Kit 3 Version 3.0 (x32 Version: 3.0)
Pidgin (x32 Version: 2.10.7)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Polar Bowler (x32 Version: 2.2.0.97)
Preispilot für Firefox (x32 Version: 2.0)
PS_AIO_06_B109a-m_SW_Min (x32 Version: 140.0.690.000)
PT Portrait version 1.0.0 (Version: 1.0.0)
puush (x32 Version: 1.0.0.0)
Q-Dir
Quick Stego 1.2 (x32)
QuickTime (x32 Version: 7.50.61.0)
QuickTransfer (x32 Version: 140.0.98.000)
Radio.fx (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.42.304.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6287)
Realtek PCIE Card Reader (x32 Version: 6.1.7600.77)
Recovery Manager (x32 Version: 2.0.0)
Scan (x32 Version: 140.0.80.000)
ScanIT-Client 3.2 (x32)
Screen Capturer (x32 Version: 1.0.4.42)
Search Results Toolbar (x32 Version: 1.0.0.12)
SearchAnonymizer (Version: 1.0.1 (de))
SFR (x32 Version: 7.01.0000.0003)
Shape Collage (x32)
SHASTA (x32 Version: 7.01.0000.0001)
shopping-preise.de AddOn Firefox (x32 Version: 2.81)
Shortcut Racers (x32)
SimplyGoodPictures (x32 Version: 1.0.12.426)
skin0001 (x32 Version: 8.00.0000.0001)
SKINXSDK (x32 Version: 7.01.0000.0001)
Skype™ 6.6 (x32 Version: 6.6.106)
Slingo Deluxe (x32 Version: 2.2.0.95)
SmartWebPrinting (x32 Version: 140.0.186.000)
SolutionCenter (x32 Version: 140.0.213.000)
Songr (x32 Version: 1.9.36)
Sothink Logo Maker Special (x32 Version: 3.5)
Speed Racers (x32)
Spotify (HKCU Version: 0.8.5.1333.g822e0de8)
Star Warship (x32)
staticcr (x32 Version: 8.00.0000.0001)
Status (x32 Version: 140.0.212.000)
SUPERAntiSpyware (Version: 5.0.1150)
SuperEasy Audio Converter 2 v.2.1.2143 (x32 Version: 2.1.2143)
SView5 for Windows
SweetIM for Messenger 3.7 (x32 Version: 3.7.0005)
Synaptics TouchPad Driver (Version: 15.3.29.0)
TeamSpeak 3 Client (Version: 3.0.11.1)
TeamViewer 8 (x32 Version: 8.0.19045)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
Tipard Video Converter Platinum 6.2.16 (x32 Version: 6.2.16)
Toolbox (x32 Version: 140.0.428.000)
TrayApp (x32 Version: 140.0.212.000)
TrueCrypt (x32 Version: 7.1a)
TuxGuitar (x32 Version: 1.2)
Ultra Drag Racing (x32)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
Update Installer for WildTangent Games App (x32)
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97)
Video Rotator V1.0.9 (x32)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
VLC media player 2.0.6 (Version: 2.0.6)
VPRINTOL (x32 Version: 7.01.0000.0001)
WaveShop (x64) (Version: 1.0.0)
Web Check (x32)
WebReg (x32 Version: 140.0.212.017)
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912)
Windows Live Essentials (x32 Version: 16.4.3505.0912)
Windows Live Family Safety (Version: 16.4.3505.0912)
Windows Live Family Safety (x32 Version: 16.4.3505.0912)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3505.0912)
Windows Live Mail (x32 Version: 16.4.3505.0912)
Windows Live Messenger (x32 Version: 16.4.3505.0912)
Windows Live MIME IFilter (Version: 16.4.3505.0912)
Windows Live Photo Common (x32 Version: 16.4.3505.0912)
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912)
Windows Live SOXE (x32 Version: 16.4.3505.0912)
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912)
Windows Live UX Platform (x32 Version: 16.4.3505.0912)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912)
Windows Live Writer (x32 Version: 16.4.3505.0912)
Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
WinX Mobile Video Converter 3.0.0 (x32)
WIRELESS (x32 Version: 7.02.0000.0001)
XnConvert 1.51 (Version: 1.51)
XnView 1.99.1 (x32 Version: 1.99.1)
Yahoo! Messenger (x32)
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)
YAMAHA Musicsoft Downloader 5 (x32 Version: )
Yamaha USB-MIDI Driver (Version: 3.1.2.3)
Yamaha USB-MIDI Driver (x32 Version: 3.1.2.3)
ZD Soft Screen Recorder 4.1.3.0 (x32 Version: 4.1.3.0)
Zoosk Messenger (x32 Version: 4.152.1)
Zuma Deluxe (x32 Version: 2.2.0.95)

==================== Restore Points  =========================

16-09-2013 02:37:48 Ende der Bereinigung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01129378-72E4-4875-94D9-3244AA84053B} - System32\Tasks\Norton Management\Norton Error Analyzer => C:\Program Files (x86)\Norton Management\Engine\2.1.2.13\SymErr.exe
Task: {03E0F7C9-378E-4A6E-9734-912A1191CECC} - System32\Tasks\{4BF1A8B8-CB82-4534-9A28-D08628C5E143} => C:\Programme\jCalendar\jCalendar.exe
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {0C8FCBD4-45B6-4908-BCA1-C2C7A18677BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {0DACDC6D-9900-4C51-A8E6-B8E16FA3D043} - System32\Tasks\Norton Management\Norton Error Processor => C:\Program Files (x86)\Norton Management\Engine\2.1.2.13\SymErr.exe
Task: {12671161-6449-4349-A52D-3D90185B578F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27] (Google Inc.)
Task: {1954378E-9A0C-4732-9BAE-2C1486D3047B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {1C933C6B-7E1B-4D5A-884E-312C03E52C6B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-06-15] (CyberLink)
Task: {20960428-4821-470E-B356-ADE61D278E74} - System32\Tasks\{DA63B10A-4AA4-415D-B14F-20882B020224} => C:\Users\melsy\Downloads\lhttsged.exe [2012-06-25] (Microsoft Corporation)
Task: {2275559B-C5E5-422D-AA45-9FFA455E05C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {243D7A47-C7F3-449F-A4B3-1A47C931B022} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {2D893AD3-F4BE-423A-BBD0-755B2B87AB23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated)
Task: {3010AD89-86DF-48F8-809F-7F0AB43C5091} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001UA => C:\Users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17] (Google Inc.)
Task: {46A34A3E-FE2B-48B5-AEAA-BDA3D2C4C6CD} - System32\Tasks\{7571068C-F497-4FC5-ADD4-35E7096DFB57} => C:\Program Files (x86)\Norton Internet Security\Engine64\19.7.1.5\uistub.exe
Task: {51D55B4D-67DF-40FA-A4FE-DE3CC1944C3E} - System32\Tasks\Browser Updater\Browser Updater => Rundll32.exe "C:\Program Files (x86)\HomeTab\TBUpdater.dll",TBCheckForUpdate
Task: {5A2BDD2B-322E-472A-8739-C7A17567F997} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {5BEC0A14-800A-4444-BE42-ACC444F20731} - System32\Tasks\{2A792A14-06ED-4493-81D7-2A64E97EA462} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?page=tsProgressBar
Task: {60081FEC-B90C-4BA1-A4E4-5EC3F0F87609} - System32\Tasks\{8DC528DF-C668-44A2-A31C-93B2FFB13B0A} => C:\Users\melsy\AppData\Local\Freenet\freenetlauncher.exe [2013-05-21] ()
Task: {65D575BE-410A-447D-B330-5443692346AB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001Core => C:\Users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-17] (Google Inc.)
Task: {6DFD1216-9460-447B-B912-4EC7A58883D3} - System32\Tasks\WpsUpdateTask_melsy => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-10-29] (Zhuhai Kingsoft Office-software Co.,Ltd)
Task: {84B95D3A-8154-47D0-8655-F1209591C404} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-21] (Microsoft Corporation)
Task: {8515EC2B-C62E-413B-A428-6F858025BC21} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-04-01] (Hewlett-Packard Company)
Task: {8E52F36D-3CBE-4443-AF9D-53F564C3B7F5} - System32\Tasks\{9F7FA772-FD2E-4158-A4C5-6337F924BF71} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2013-07-23] (Microsoft Corporation)
Task: {8E7F327F-12F6-4D75-9D7F-0B671653AE79} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] ()
Task: {90E77342-600D-4A4F-BF59-D61B7053855C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {92CE2904-5D89-42DD-B487-579244164EE4} - System32\Tasks\{22E33B45-0371-4117-ABFB-FEA73B3FE9A8} => C:\Programme\jCalendar\jCalendar.exe
Task: {9BCCA73A-EF82-4843-B3CD-A7B5BB0CBC56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27] (Google Inc.)
Task: {A1D18125-AD28-4922-AD84-41931526BB19} - System32\Tasks\HPCeeScheduleFormelsy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {A3DEBCE1-D5BE-471A-A2D8-1A1C61B3C499} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe [2013-08-20] (Hewlett-Packard)
Task: {BC0FD5F5-2ED6-4BB5-AF88-B0B6140C2852} - System32\Tasks\EasyShare Registration Task => C:\PROGRA~3\Kodak\EasyShareSetup\$Registration\Registration_8.0.20.1.sxt [2012-07-02] (Eastman Kodak Company)
Task: {BD89F47A-50C6-4051-8B84-126CDFEB0DCE} - System32\Tasks\{69CD82CA-4612-410F-907D-CE1E674B652E} => Firefox.exe 
Task: {C176E98E-B970-46B2-9F4D-ACAC41FB6E98} - System32\Tasks\{390AF46B-3743-4BF4-B011-EA592787C6B7} => C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
Task: {CA893ED1-E431-4340-A415-4DFFF3F4D0DA} - System32\Tasks\{AA7F026B-C42A-4E6F-B2DB-FCDAF10D2524} => C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe [2013-03-08] ()
Task: {D89AD17C-10FC-4DD5-8120-B85CD2DC8F25} - System32\Tasks\{196512D0-AEDD-4F4D-82E4-FCEF076F1057} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2013-07-23] (Microsoft Corporation)
Task: {D9CD8EF1-5ADD-4F91-8527-5EFA8009EDC6} - System32\Tasks\{E41BC0B8-6500-4D58-95D6-ECEDB1C3A9D5} => C:\Users\melsy\Downloads\lhttsged.exe [2012-06-25] (Microsoft Corporation)
Task: {E01D35B2-A251-44C7-838B-EB65E38D6E2E} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {E451466A-3491-4B89-8E2A-4477D4DA17C0} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\ProtectedSearch.exe
Task: {E6F8C8B4-6095-4F02-82B5-332CF71AEEF2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E80BC21A-6500-4F42-A32D-48AC06402F6A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-21] (Microsoft Corporation)
Task: {EE74F28E-DE62-48C6-8627-8144ECE20501} - System32\Tasks\PC Rambazamba => C:\Program Files (x86)\Langmeier Software\PC Rambazamba\pcrambazamba.exe
Task: {EF07459B-FD41-4C1A-8587-798773836EB9} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
Task: {FFE3FE28-EE03-4DF8-8144-3C66979D3375} - System32\Tasks\{670A25EF-5F02-41BB-BB0D-827A205D5869} => Firefox.exe 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EasyShare Registration Task.job => “7BfGDµÀ™g:×6Fh<
 sÀ €!Ý		:‘!C:\Windows\system32\rundll32.exe_C:\PROGRA~3\Kodak\EasyShareSetup\$Registration\Registration_8.0.20.1.sxt _RegistrationOffer@16melsy0Ü:
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001Core.job => C:\Users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001UA.job => C:\Users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleFormelsy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\WpsUpdateTask_melsy.job => C:\Program Files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe

==================== Loaded Modules (whitelisted) =============

2009-07-14 02:18 - 2009-07-14 03:38 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\imaadp32.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\msg711.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\msgsm32.acm
2009-07-14 02:18 - 2009-07-14 03:38 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\msadp32.acm
2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2012-12-03 02:11 - 2012-12-03 02:11 - 00244696 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
2012-12-03 02:11 - 2012-12-03 02:11 - 00661448 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCP110.dll
2012-12-03 02:11 - 2012-12-03 02:11 - 00828872 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCR110.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-06-21 09:53 - 2013-06-21 09:53 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll
2012-12-03 02:10 - 2012-12-03 02:10 - 00220632 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
2012-12-03 02:10 - 2012-12-03 02:10 - 00534480 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCP110.dll
2012-12-03 02:10 - 2012-12-03 02:10 - 00862664 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCR110.dll
2012-12-03 02:11 - 2012-12-03 02:11 - 00537560 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\Telemetry.dll
2012-12-03 02:10 - 2012-12-03 02:10 - 00038360 _____ (Microsoft Corporation) C:\Users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\logging.dll
2010-03-09 16:22 - 2010-03-09 16:22 - 01228800 _____ (ZD Soft) C:\Program Files (x86)\ZD Soft\Screen Recorder\ScnCap.ax
2012-06-02 18:37 - 2013-08-20 13:46 - 03551640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-11 15:40 - 2013-09-11 15:40 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
2013-09-15 10:28 - 2013-08-13 08:38 - 01232968 _____ (Simply Tech Ltd.) C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}\plugins\npwiddit.dll

==================== Alternate Data Streams (whitelisted) ==========



==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2013 03:33:14 AM) (Source: System Restore) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Installed Microsoft Fix it 50123). Zusätzliche Informationen: 0x80070005.

Error: (09/15/2013 07:00:11 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (09/15/2013 01:59:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/15/2013 01:37:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 6.6.73.106, Zeitstempel: 0x51c414cb
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x1005752c
ID des fehlerhaften Prozesses: 0x1160
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3

Error: (09/08/2013 07:00:01 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (09/04/2013 03:53:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 23.0.1.4974, Zeitstempel: 0x520bc252
Name des fehlerhaften Moduls: xul.dll, Version: 23.0.1.4974, Zeitstempel: 0x520bc166
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0017af08
ID des fehlerhaften Prozesses: 0x1448
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (09/01/2013 07:00:05 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "G:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (08/28/2013 06:32:24 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/28/2013 04:38:45 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/28/2013 04:38:32 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/16/2013 01:26:53 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (09/16/2013 01:26:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (09/16/2013 01:26:12 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/16/2013 06:39:32 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (09/16/2013 04:40:19 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (09/16/2013 04:40:11 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/16/2013 04:27:11 AM) (Source: BugCheck) (User: )
Description: 0x0000006b (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP091613-44959-01

Error: (09/16/2013 03:38:19 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/16/2013 03:22:24 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (09/16/2013 03:22:20 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-11-25 15:01:32.976
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 50%
Total physical RAM: 3690.91 MB
Available physical RAM: 1818.4 MB
Total Pagefile: 7380 MB
Available Pagefile: 4781 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.09 GB) (Free:276.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:15.51 GB) (Free:1.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: F2DC90A7)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================

--- --- ---

schrauber · 16.09.2013, 19:58

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

lobowolf · 16.09.2013, 21:52

Habe nach dem Neustart wieder die Meldung C:/ProgrammFilex86/HomeTab/TABupdater.DLL bekommen .
Combofix Logfile:

Code:

ATTFilter

ComboFix 13-09-16.01 - melsy 16.09.2013  22:21:35.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.3691.2193 [GMT 2:00]
ausgeführt von:: c:\users\melsy\Downloads\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: AVG Internet Security Business Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
FW: AVG Internet Security Business Edition 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: AVG Internet Security Business Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Web Check\WeBCheck.dll
c:\users\melsy\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\melsy\AppData\Local\Savings Sidekick
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-08-16 bis 2013-09-16  ))))))))))))))))))))))))))))))
.
.
2013-09-16 20:34 . 2013-09-16 20:34	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-09-16 16:03 . 2013-09-16 16:03	--------	d-----w-	C:\FRST
2013-09-16 02:36 . 2013-09-16 02:36	--------	d-----w-	c:\windows\ERUNT
2013-09-15 08:28 . 2013-09-16 11:59	--------	d-----w-	c:\users\melsy\AppData\Roaming\HomeTab
2013-09-15 08:28 . 2013-09-15 15:10	--------	d-----w-	c:\users\melsy\AppData\Roaming\SimplyTech
2013-09-15 08:28 . 2013-08-13 06:38	32328	----a-w-	c:\windows\Launcher.exe
2013-09-11 11:49 . 2013-08-08 01:20	3155456	----a-w-	c:\windows\system32\win32k.sys
2013-09-11 11:47 . 2013-07-26 02:24	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-09-11 11:47 . 2013-07-26 02:24	197120	----a-w-	c:\windows\system32\shdocvw.dll
2013-09-04 23:43 . 2013-09-04 23:43	45880	----a-w-	c:\windows\system32\drivers\avgrkx64.sys
2013-09-03 13:53 . 2013-09-03 13:53	187248	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2013-09-02 13:08 . 2013-09-02 13:08	--------	d-----w-	c:\program files (x86)\MSECache
2013-09-02 12:31 . 2013-09-02 12:31	--------	d-----w-	c:\program files (x86)\Common Files\soft Xpansion
2013-09-02 12:30 . 2013-09-02 12:30	263016	----a-w-	c:\windows\system32\Spool\prtprocs\x64\sx_p8_pro7_p.dll
2013-09-02 12:30 . 2013-09-02 12:31	--------	d-----w-	c:\program files (x86)\Common Files\Freemium
2013-09-02 12:30 . 2013-09-02 12:30	--------	d-----w-	c:\programdata\Freemium
2013-09-02 12:30 . 2013-09-02 12:30	--------	d-----w-	c:\program files (x86)\Freemium
2013-09-02 12:28 . 2013-09-02 12:28	--------	d-----w-	C:\SoftwareUpdater
2013-09-02 12:28 . 2013-09-02 12:28	--------	d-----w-	c:\program files (x86)\Covus Freemium
2013-09-02 12:27 . 2013-09-16 20:33	--------	d-----w-	c:\program files (x86)\Web Check
2013-09-02 12:26 . 2013-09-02 12:28	--------	d-----w-	c:\programdata\Package Cache
2013-09-02 12:21 . 2013-09-16 11:59	--------	d-----w-	c:\users\melsy\AppData\Local\DownloadGuide
2013-08-28 14:41 . 2011-11-07 14:18	46728	----a-w-	c:\windows\system32\drivers\ren2cap.sys
2013-08-28 14:41 . 2013-08-29 11:12	--------	d-----w-	c:\program files\Hear
2013-08-26 04:04 . 2013-08-26 04:26	--------	d-----w-	c:\users\melsy\AppData\Roaming\Betcat
2013-08-26 01:38 . 2012-06-01 05:36	192000	----a-w-	c:\windows\system32\iisRtl.dll
2013-08-26 01:38 . 2012-06-01 05:34	55296	----a-w-	c:\windows\system32\admwprox.dll
2013-08-26 01:38 . 2012-06-01 05:39	14848	----a-w-	c:\windows\system32\wamregps.dll
2013-08-26 01:38 . 2012-06-01 05:36	11264	----a-w-	c:\windows\system32\iisrstap.dll
2013-08-26 01:38 . 2012-06-01 05:35	60928	----a-w-	c:\windows\system32\ahadmin.dll
2013-08-26 01:38 . 2012-06-01 05:33	16896	----a-w-	c:\windows\system32\iisreset.exe
2013-08-26 01:38 . 2012-06-01 04:40	10752	----a-w-	c:\windows\SysWow64\wamregps.dll
2013-08-26 01:38 . 2012-06-01 04:37	8192	----a-w-	c:\windows\SysWow64\iisrstap.dll
2013-08-26 01:38 . 2012-06-01 04:37	154624	----a-w-	c:\windows\SysWow64\iisRtl.dll
2013-08-26 01:38 . 2012-06-01 04:35	26624	----a-w-	c:\windows\SysWow64\ahadmin.dll
2013-08-26 01:38 . 2012-06-01 04:35	50688	----a-w-	c:\windows\SysWow64\admwprox.dll
2013-08-26 01:38 . 2012-06-01 04:34	15360	----a-w-	c:\windows\SysWow64\iisreset.exe
2013-08-26 00:35 . 2013-08-26 00:35	--------	d-----w-	c:\windows\SysWow64\BestPractices
2013-08-26 00:35 . 2013-08-26 00:35	--------	d-----w-	c:\windows\system32\BestPractices
2013-08-26 00:35 . 2013-08-26 00:35	--------	d-----w-	C:\inetpub
2013-08-26 00:08 . 2013-08-26 00:10	--------	d-----w-	c:\users\melsy\AppData\Roaming\TrueCrypt
2013-08-26 00:06 . 2013-08-26 00:06	231376	----a-w-	c:\windows\system32\drivers\truecrypt.sys
2013-08-26 00:06 . 2013-08-26 00:06	--------	d-----w-	c:\program files\TrueCrypt
2013-08-25 23:25 . 2011-12-15 18:29	31232	----a-w-	c:\windows\system32\drivers\tap0901.sys
2013-08-25 23:25 . 2013-08-25 23:29	--------	d-----w-	c:\program files\CyberGhost VPN
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 16:40 . 2012-05-20 15:11	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-13 16:40 . 2011-08-09 11:02	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-11 12:03 . 2012-05-21 02:56	79143768	----a-w-	c:\windows\system32\MRT.exe
2013-08-02 01:48 . 2013-09-11 11:49	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 22:32	1888768	----a-w-	c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 22:32	1620992	----a-w-	c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 23:51 . 2013-07-19 23:51	311608	----a-w-	c:\windows\system32\drivers\avgloga.sys
2013-07-19 23:50 . 2013-07-19 23:50	71480	----a-w-	c:\windows\system32\drivers\avgidsha.sys
2013-07-19 23:50 . 2013-07-19 23:50	246072	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2013-07-19 23:50 . 2013-07-19 23:50	206648	----a-w-	c:\windows\system32\drivers\avgldx64.sys
2013-07-19 01:58 . 2013-08-14 22:33	2048	----a-w-	c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 22:33	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 22:34	224256	----a-w-	c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 22:32	1217024	----a-w-	c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 22:34	1472512	----a-w-	c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 22:34	184320	----a-w-	c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 22:34	139776	----a-w-	c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 22:32	663552	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 22:34	175104	----a-w-	c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 22:34	1166848	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 22:34	140288	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 22:34	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-14 09:14	1910208	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-06-30 23:45 . 2013-06-30 23:45	116536	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2013-06-28 18:21 . 2013-06-28 18:21	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{84608612-4EC5-4C46-84BE-1D54D3B07B72}\offreg.dll
2013-06-26 17:21 . 2013-06-26 17:21	23208	----a-w-	c:\windows\system32\drivers\Sftvollh.sys
2013-06-26 17:21 . 2013-06-26 17:21	28840	----a-w-	c:\windows\system32\drivers\Sftredirlh.sys
2013-06-26 17:21 . 2013-06-26 17:21	273576	----a-w-	c:\windows\system32\drivers\Sftplaylh.sys
2013-06-26 17:21 . 2013-06-26 17:21	1777320	----a-w-	c:\windows\system32\sftldr.dll
2013-06-26 17:21 . 2013-06-26 17:21	1130664	----a-w-	c:\windows\SysWow64\sftldr_wow64.dll
2013-06-26 17:21 . 2013-06-26 17:21	767144	----a-w-	c:\windows\system32\drivers\Sftfslh(2048).sys
2013-03-05 12:17 . 2012-10-29 10:08	248320	----a-w-	c:\program files (x86)\QtSql4.dll
2012-06-21 06:43 . 2012-06-21 06:43	498160	----a-w-	c:\program files (x86)\_old_update.exe
2012-06-21 06:43 . 2012-06-21 06:43	2830848	----a-w-	c:\program files (x86)\_old_QtCore4.dll
2012-06-21 06:43 . 2012-06-21 06:43	1100800	----a-w-	c:\program files (x86)\_old_QtNetwork4.dll
2012-06-21 06:43 . 2012-06-21 06:43	10370560	----a-w-	c:\program files (x86)\_old_QtGui4.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}]
2012-10-17 15:56	264160	----a-w-	c:\program files (x86)\Claro LTD\claro\1.8.3.10\bh\claro.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{94366e2c-9923-431c-b0d6-747447dd0f2b}]
2012-03-22 07:24	87008	----a-w-	c:\program files (x86)\searchresults1\searchresultsDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a25e7121-3dd8-41b3-855b-756c5bc45449}]
2013-08-15 02:23	1072200	----a-w-	c:\users\melsy\AppData\Roaming\HomeTab\HomeTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{9E131A93-EED7-4BEB-B015-A0ADB30B5646}"= "c:\program files (x86)\Claro LTD\claro\1.8.3.10\claroTlbr.dll" [2012-10-17 338400]
"{94366e2c-9923-431c-b0d6-747447dd0f2b}"= "c:\program files (x86)\searchresults1\searchresultsDx.dll" [2012-03-22 87008]
"{a25e7121-3dd8-41b3-855b-756c5bc45449}"= "c:\users\melsy\AppData\Roaming\HomeTab\HomeTab.dll" [2013-08-15 1072200]
.
[HKEY_CLASSES_ROOT\clsid\{9e131a93-eed7-4beb-b015-a0adb30b5646}]
[HKEY_CLASSES_ROOT\claro.clarodskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\claro.clarodskBnd]
.
[HKEY_CLASSES_ROOT\clsid\{94366e2c-9923-431c-b0d6-747447dd0f2b}]
.
[HKEY_CLASSES_ROOT\clsid\{a25e7121-3dd8-41b3-855b-756c5bc45449}]
[HKEY_CLASSES_ROOT\wtb.Band.1]
[HKEY_CLASSES_ROOT\TypeLib\{2690da64-4be2-4afa-b159-af0e41f23b6e}]
[HKEY_CLASSES_ROOT\wtb.Band]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-03 00:10	220632	----a-w-	c:\users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-03 00:10	220632	----a-w-	c:\users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-03 00:10	220632	----a-w-	c:\users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\melsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-10-28 1199576]
"EssentialPIM"="c:\program files (x86)\EssentialPIM\EssentialPIM.exe" [2013-03-08 13912056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-08-15 4411440]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe;c:\program files\CyberGhost VPN\CGVPNCliService.exe [x]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 REN2CAP_DRIVER;Hear;c:\windows\system32\drivers\ren2cap.sys;c:\windows\SYSNATIVE\drivers\ren2cap.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 SXDS10;soft Xpansion Dispatch Service;c:\program files (x86)\Common Files\soft Xpansion\sxds10.exe \Service;c:\program files (x86)\Common Files\soft Xpansion\sxds10.exe \Service [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);c:\windows\system32\drivers\ymidusbx64.sys;c:\windows\SYSNATIVE\drivers\ymidusbx64.sys [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
R4 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
R4 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R4 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
R4 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
R4 Radio.fx;Radio.fx Server;c:\program files (x86)\Tobit Radio.fx\Server\rfx-server.exe;c:\program files (x86)\Tobit Radio.fx\Server\rfx-server.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\melsy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe;c:\users\melsy\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-09-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 16:40]
.
2013-09-09 c:\windows\Tasks\EasyShare Registration Task.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2013-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27 19:04]
.
2013-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-27 19:04]
.
2013-09-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001Core.job
- c:\users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-23 00:14]
.
2013-09-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001UA.job
- c:\users\melsy\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-23 00:14]
.
2013-09-15 c:\windows\Tasks\HPCeeScheduleFormelsy.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13 20:15]
.
2013-09-16 c:\windows\Tasks\WpsUpdateTask_melsy.job
- c:\program files (x86)\Kingsoft\Kingsoft Presentation\office6\wpsupdate.exe [2011-10-29 16:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-12-03 00:11	244696	----a-w-	c:\users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-12-03 00:11	244696	----a-w-	c:\users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-12-03 00:11	244696	----a-w-	c:\users\melsy\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ocs_SM"="c:\users\melsy\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2012-08-02 106496]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:newtab
mDefault_Page_URL = hxxp://www.google.com
mStart Page = about:newtab
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Free YouTube Download - c:\users\melsy\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - 
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2013-07-23 16:46; jid1-QpHD8URtZWJC2A@jetpack; c:\users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF - ExtSQL: 2013-07-28 19:54; plugin@getwebcake.com; c:\users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\plugin@getwebcake.com
FF - ExtSQL: 2013-08-12 19:48; {52b0f3db-f988-4788-b9dc-861d016f4487}; c:\program files (x86)\Web Check\WebCheck.xpi
FF - ExtSQL: 2013-09-02 14:30; {B45418F9-6406-4828-9D1A-35313FB1E2D6}; c:\programdata\Freemium\Free PDF Perfect\Data\fftb
FF - ExtSQL: 2013-09-15 12:28; {ad7ef860-f366-4be1-8d12-4363b9356947}; c:\users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
FF - ExtSQL: !HIDDEN! 2012-05-20 19:23; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - ExtSQL: !HIDDEN! 2012-05-21 20:38; firejump@firejump.net; c:\users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\firejump@firejump.net
FF - user.js: extensions.claro.tlbrSrchUrl - 
FF - user.js: extensions.claro.id - 96ab657300000000000000ff2e65b614
FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}
FF - user.js: extensions.claro.instlDay - 15653
FF - user.js: extensions.claro.vrsn - 1.8.3.10
FF - user.js: extensions.claro.vrsni - 1.8.3.10
FF - user.js: extensions.claro_i.vrsnTs - 1.8.3.1021:49
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - claro
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=96ab657300000000000000ff2e65b614&q=
FF - user.js: extensions.BabylonToolbar.id - 96ab657300000000000000ff2e65b614
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15689
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.4.9
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.4.9
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.4.913:08
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar_i.excTlbr - false
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109727&tt=5012_3
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar.rvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extentions.webcake.installId - 4b04ea31-bb05-4a5c-a7c2-5ab9ebda5b17
FF - user.js: extentions.webcake.defaultEnableAppsList - layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 96ab6573000000000000e4d53d2d1f10
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15917
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.010:21
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - de
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119523&tsp=4960
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{32b29df0-2237-4370-9a29-37cebb730e9b} - (no file)
URLSearchHooks-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
BHO-{E155F23C-9931-47c6-A619-20E6FCA86D75} - c:\program files (x86)\Web Check\WebCheck.dll
Toolbar-{32b29df0-2237-4370-9a29-37cebb730e9b} - (no file)
Toolbar-{7e111a5c-3d11-4f56-9463-5310c3c69025} - (no file)
Toolbar-{364ea597-e728-4ce4-bb4a-ed846ef47970} - (no file)
WebBrowser-{32B29DF0-2237-4370-9A29-37CEBB730E9B} - (no file)
WebBrowser-{7E111A5C-3D11-4F56-9463-5310C3C69025} - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FotoManagerDeluxe.9.alb"
.
[HKEY_USERS\S-1-5-21-3195104690-1283173883-910289243-1001\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,3b,1b,0c,15,cc,
   08,9f,ba,ec,0b,bf,94,b8,17,8d,6f,f0,dc
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c9,23,
   80,30,1e,d0,03,94,ce,13,24,77,49,2e,d9
"{9E131A93-EED7-4BEB-B015-A0ADB30B5646}"=hex:51,66,7a,6c,4c,1d,3b,1b,83,07,00,
   8e,e5,bc,84,02,aa,17,e2,ed,b2,4a,1b,59
"{000F18F2-09EB-4A59-82B2-5AE4184C39C3}"=hex:51,66,7a,6c,4c,1d,3b,1b,e2,05,1c,
   10,d9,5b,36,03,98,b0,18,a4,19,0d,74,dc
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,26,3e,
   5d,8c,3b,15,0e,8a,f7,bf,9b,04,74,34,6a
"{94366E2C-9923-431C-B0D6-747447DD0F2B}"=hex:51,66,7a,6c,4c,1d,3b,1b,3c,73,25,
   84,11,cb,73,0a,aa,d4,36,34,46,9c,42,34
"{11111111-1111-1111-1111-110011501160}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,0c,02,
   01,23,43,7e,58,0b,13,53,40,10,11,5c,7f
"{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}"=hex:51,66,7a,6c,4c,1d,3b,1b,80,37,49,
   3a,02,69,01,07,b3,57,6d,63,2d,2f,b8,08
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,3b,1b,02,ee,b1,
   2c,5c,3d,3c,02,bc,6c,0c,25,e5,d6,85,df
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,3b,1b,71,2c,96,
   62,f7,62,4d,04,ad,fb,49,fc,1c,79,ee,61
.
[HKEY_USERS\S-1-5-21-3195104690-1283173883-910289243-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3195104690-1283173883-910289243-1001)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3195104690-1283173883-910289243-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-3195104690-1283173883-910289243-1001)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3195104690-1283173883-910289243-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a25e7121-3dd8-41b3-855b-756c5bc45449}]
@Denied: (A 2) (Administrators)
@Denied: (A 2) (S-1-5-21-3195104690-1283173883-910289243-1001)
@Allowed: (Read) (RestrictedCode)
"Flags"=dword:00000400
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-09-16  22:38:36
ComboFix-quarantined-files.txt  2013-09-16 20:38
.
Vor Suchlauf: 296281063424 Bytes frei
Nach Suchlauf: 296000921600 Bytes frei
.
- - End Of File - - C270251F6C93E8F980BE0F5A835743AD

--- --- ---
A36C5E4F47E84449FF07ED3517B43A31

LG Wolle

schrauber · 17.09.2013, 12:43

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

lobowolf · 19.09.2013, 14:20

sorry aber war beruflich unterwegs deswegen erst die verspätete antwort
nach dem scannen mit Malwarebytes ... und dem nachher erfolgtem Neustart bekam ich nicht mehr die Meldung "ProgrammFilex86/HomeTab/TABupdater.DLL "

Code:

ATTFilter

 Malwarebytes Anti-Malware  (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.19.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
melsy :: MELSY-HP [Administrator]

Schutz: Aktiviert

19.09.2013 11:52:29
MBAM-log-2013-09-19 (13-57-48).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 443092
Laufzeit: 2 Stunde(n), 4 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 6
HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
HKCR\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
HKCR\MgMediaPlayer.GifAnimator.1 (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
HKCR\MgMediaPlayer.GifAnimator (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE (PUP.Optional.SweetIM) -> Daten: 1 -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL (PUP.Optional.SweetIM) -> Daten: 1 -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 36
C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mglogger.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe (PUP.Optional.SweetIM) -> Keine Aktion durchgeführt.
C:\Users\melsy\AppData\Local\DownloadGuide\Offers\hometab.exe (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Users\melsy\AppData\Local\DownloadGuide\Offers\iminent.exe (PUP.Iminent.A) -> Keine Aktion durchgeführt.
C:\Users\melsy\Documents\APNSetup.exe (PUP.Optional.ASKToolbar.A) -> Keine Aktion durchgeführt.

(Ende)

Code:

ATTFilter

 Malwarebytes Anti-Malware  (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.19.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
melsy :: MELSY-HP [Administrator]

Schutz: Aktiviert

19.09.2013 11:52:29
mbam-log-2013-09-19 (11-52-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 443092
Laufzeit: 2 Stunde(n), 4 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 6
HKCR\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\MgMediaPlayer.GifAnimator.1 (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\MgMediaPlayer.GifAnimator (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGHELPERAPP.EXE (PUP.Optional.SweetIM) -> Daten: 1 -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\SWEETIM\TOOLBARS\INTERNET EXPLORER\MGTOOLBARPROXY.DLL (PUP.Optional.SweetIM) -> Daten: 1 -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 36
C:\Program Files (x86)\SweetIM\Messenger\ContentPackagesActivationHandler.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgICQAuto.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgICQMessengerAdapter.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mglogger.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgMediaPlayer.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgYahooAuto.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\mgYahooMessengerAdapter.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\SweetIM\Messenger\update\sweetimsetup.exe (PUP.Optional.SweetIM) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\melsy\AppData\Local\DownloadGuide\Offers\hometab.exe (PUP.Optional.HomeTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\melsy\AppData\Local\DownloadGuide\Offers\iminent.exe (PUP.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\melsy\Documents\APNSetup.exe (PUP.Optional.ASKToolbar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Code:

ATTFilter

# AdwCleaner v3.004 - Bericht erstellt am 19/09/2013 um 14:32:28
# Updated 15/09/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : melsy - MELSY-HP
# Gestartet von : C:\Users\melsy\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : SearchAnonymizer

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\SoftwareUpdater
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\ProgramData\Premium
Ordner Gelöscht : C:\ProgramData\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Claro LTD
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Iminent
Ordner Gelöscht : C:\Program Files (x86)\mapsgalaxy_39
Ordner Gelöscht : C:\Program Files (x86)\searchresults1
Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\Program Files (x86)\Web Cake
Ordner Gelöscht : C:\Program Files (x86)\FreeSoundRecorder
Ordner Gelöscht : C:\Program Files (x86)\Freeware.de
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\melsy\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\melsy\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\melsy\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\melsy\AppData\Local\mapsgalaxy_39
Ordner Gelöscht : C:\Users\melsy\AppData\LocalLow\Claro LTD
Ordner Gelöscht : C:\Users\melsy\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\melsy\AppData\LocalLow\mapsgalaxy_39
Ordner Gelöscht : C:\Users\melsy\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\melsy\AppData\LocalLow\searchresults1
Ordner Gelöscht : C:\Users\melsy\AppData\LocalLow\searchresultstb
Ordner Gelöscht : C:\Users\melsy\AppData\LocalLow\SimplyTech
Ordner Gelöscht : C:\Users\melsy\AppData\LocalLow\FreeSoundRecorder
Ordner Gelöscht : C:\Users\melsy\AppData\LocalLow\Freeware.de
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\Betcat
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\Claro
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\eIntaller
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\HomeTab
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\SimplyTech
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\Web Cake
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\yourfiledownloader
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\jetpack
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchresults1
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firejump@firejump.net
Ordner Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\plugin@getwebcake.com
Ordner Gelöscht : C:\Users\melsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcillohgikpecbmgioknapdpcjofaafl
Ordner Gelöscht : C:\Users\melsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Ordner Gelöscht : C:\Users\melsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Datei Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\freehdsport@freehdsport.tv.xpi
Datei Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\\invalidprefs.js
Datei Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\babylon1.xml
Datei Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\delta.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml
Datei Gelöscht : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Browser Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [39ffxtbr@MapsGalaxy_39.com]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [firejump@firejump.net]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [sparpilot@sparpilot.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\sim-packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.NotificationSource
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@MapsGalaxy_39.com/Plugin
Schlüssel Gelöscht : HKCU\Software\5208f8bb239eb42
Schlüssel Gelöscht : HKLM\SOFTWARE\5208f8bb239eb42
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2736476
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_espeak_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_espeak_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_essentialpim_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_essentialpim_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-screen-capturer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-screen-capturer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_guitar-and-bass_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_guitar-and-bass_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hear_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hear_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_icq_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_icq_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_myphoneexplorer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_myphoneexplorer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_picture-converter_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_picture-converter_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_riffgrabber_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_riffgrabber_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_screenpresso_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_screenpresso_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_tuxguitar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_tuxguitar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-movie-maker-2012(1)_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-movie-maker-2012(1)_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-movie-maker-2012_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-movie-maker-2012_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winrar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winrar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_air-assault-3d_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_para_air-assault-3d_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A25E7121-3DD8-41B3-855B-756C5BC45449}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{50BA0FF5-8CF4-4A36-8DF0-BDA26616252F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A25E7121-3DD8-41B3-855B-756C5BC45449}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[#] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A25E7121-3DD8-41B3-855B-756C5BC45449}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50BA0FF5-8CF4-4A36-8DF0-BDA26616252F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5812E8F-0E16-4C65-88F7-492D36174CB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{50BA0FF5-8CF4-4A36-8DF0-BDA26616252F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{94366E2C-9923-431C-B0D6-747447DD0F2B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B6AF5E9A-03D8-4E9D-943D-43678B03C157}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DF78C106-AE8D-40CC-940C-ABA81EF252F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7E8E554-4194-4D41-970C-768B61D8E7AD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0B937801-28EB-415B-B415-72ABB4522E6B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{94366E2C-9923-431C-B0D6-747447DD0F2B}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A25E7121-3DD8-41B3-855B-756C5BC45449}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32B29DF0-2237-4370-9A29-37CEBB730E9B}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7E111A5C-3D11-4F56-9463-5310C3C69025}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{32B29DF0-2237-4370-9A29-37CEBB730E9B}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7E111A5C-3D11-4F56-9463-5310C3C69025}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKCU\Software\APN DTX
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\Claro LTD
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\HomeTab
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\ClaroDirectory
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\searchresults1
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YourFileDownloader
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MapsGalaxy_39
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchresults1
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\FreeSoundRecorder
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Freeware.de
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Claro LTD
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\MapsGalaxy_39
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue\DriverScanner
Schlüssel Gelöscht : HKLM\Software\YourFileDownloader
Schlüssel Gelöscht : HKLM\Software\FreeSoundRecorder
Schlüssel Gelöscht : HKLM\Software\Freeware.de
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{069B290F-5398-4629-A009-85B4BCB4B1B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{774C0434-9948-4DEE-A14E-69CDD316E36C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\claro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchresults1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FreeSoundRecorder Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Freeware.de Toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16506

Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "qvo6");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "Freeware.de Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2736476&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.id", "96ab657300000000000000ff2e65b614");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15689");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.rvrt", "false");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=96ab657300000000000000ff2e65b614&q=");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.8.4.9");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.8.4.9");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109727&tt=5012_3");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.4.913:08:33");
Zeile gelöscht : user_pref("extensions.claro.admin", false);
Zeile gelöscht : user_pref("extensions.claro.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Zeile gelöscht : user_pref("extensions.claro.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.claro.excTlbr", false);
Zeile gelöscht : user_pref("extensions.claro.id", "96ab657300000000000000ff2e65b614");
Zeile gelöscht : user_pref("extensions.claro.instlDay", "15653");
Zeile gelöscht : user_pref("extensions.claro.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.claro.prdct", "claro");
Zeile gelöscht : user_pref("extensions.claro.prtnrId", "claro");
Zeile gelöscht : user_pref("extensions.claro.tlbrId", "claro");
Zeile gelöscht : user_pref("extensions.claro.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.claro.vrsn", "1.8.3.10");
Zeile gelöscht : user_pref("extensions.claro.vrsni", "1.8.3.10");
Zeile gelöscht : user_pref("extensions.claro_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1021:49:03");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "96ab6573000000000000e4d53d2d1f10");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15917");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.22.0");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.22.010:21:08");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.22.0");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119523&tsp=4960");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.greasemonkey.scriptvals.unfriend_finder/Unfriend Finder.100001272227371_friends", "{\"740309357\":{\"uid\":740309357,\"name\":\"Melsy Rosario Mesias\",\"picture\":\"hxxp://profil[...]
Zeile gelöscht : user_pref("extensions.ui.lastCategory", "addons://search/delta%20search");
Zeile gelöscht : user_pref("extentions.webcake.defaultEnableAppsList", "layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc");
Zeile gelöscht : user_pref("extentions.webcake.installId", "4b04ea31-bb05-4a5c-a7c2-5ab9ebda5b17");

*************************

AdwCleaner[R0].txt - [41111 octets] - [19/09/2013 14:30:58]
AdwCleaner[S0].txt - [39540 octets] - [19/09/2013 14:32:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [39601 octets] ##########

nach dem jeweiligen Neustart nach dem Scannen kam bis jetzt nicht mehr die Meldung schaut bis jetzt gut aus , kannst du mir bitte das nach durchsehen der "logfiles" kurz mitteilen ob ich da richtig liege. lg wolle

schrauber · 19.09.2013, 17:45

Siehst Du richtig

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

lobowolf · 20.09.2013, 01:40

kann es sein das ESET solange dauert 18% 1:17:00 habe nur eine externe mit 1TB mit mit ca die hälfte belegt angeschlossen lg wolle

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7131f657cc7c0a45b334d333cc399cee
# engine=15192
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-20 12:05:34
# local_time=2013-09-20 02:05:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1045 16777213 100 88 25356 66769518 0 0
# compatibility_mode=5893 16776574 100 94 4843659 131265384 0 0
# scanned=471558
# found=3
# cleaned=0
# scan_time=15969
sh=9B7AFC05F48AE3F56DBE1A2114F8FDF50067A187 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\plugin@getwebcake.com\content\overlay.js.vir"
sh=B4D4DC69E497DC869B52DF2B6BAC2C3BFFCFCE85 ft=1 fh=cdbb7b18f4af7151 vn="a variant of Win32/SpeedingUpMyPC.B application" ac=I fn="G:\backup neu\Lokaler Datenträger\$Recycle.Bin\S-1-5-21-3195104690-1283173883-910289243-1001\$RLD29EL.EXE"
sh=B4D4DC69E497DC869B52DF2B6BAC2C3BFFCFCE85 ft=1 fh=cdbb7b18f4af7151 vn="a variant of Win32/SpeedingUpMyPC.B application" ac=I fn="G:\backup neu\Lokaler Datenträger\$Recycle.Bin\S-1-5-21-3195104690-1283173883-910289243-1001\$RRFAZV1.EXE"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.73  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
AVG Internet Security 2013                    
AVG Internet Security Business Edition 2012   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java(TM) 6 Update 33  
 Java version out of Date! 
 Adobe Flash Player 11.8.800.168  
 Adobe Reader 10.1.8 Adobe Reader out of Date!  
 Mozilla Firefox (Firefox.) 
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01
Ran by melsy (administrator) on MELSY-HP on 20-09-2013 02:36:23
Running from C:\Users\melsy\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Spotify Ltd) C:\Users\melsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Ocs_SM] - C:\Users\melsy\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKCU\...\Run: [Spotify Web Helper] - C:\Users\melsy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-10-28] (Spotify Ltd)
HKCU\...\Run: [EssentialPIM] - C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe [13912056 2013-03-08] ()
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {8262B94D-0FB8-44AE-AA96-7114154C01C3} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D43504E5444462670633D43504E544446267372633D49452D536561726368426F78&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - {0E0DBFCD-7DDD-4792-9F42-2DFF3E266C26} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5DAD9BF3-1DB3-4915-899F-52C1FB45E7A5} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {8262B94D-0FB8-44AE-AA96-7114154C01C3} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com.anonymize-me.de/?anonymto=687474703A2F2F726F7665722E656261792E636F6D2F726F7665722F312F353232312D3131313037322D373833332D332F343F6D7072653D687474703A2F2F73686F702E656261792E636F6D2F3F5F6E6B773D7B7365617263685465726D737D&st={searchTerms}&clid=5b063933-3c54-4d54-8af2-20a413726ddc&pid=freewarede&k=0
SearchScopes: HKCU - ÛŸÆîZ§’2¹Þpv¨IÍá*X(Ž2s(ÛÎÀJºÔÓµ± vË°!×—(ä¼48Ð¸patm6êo^Mp`Ëõ÷_i£w˜¾!„Áû†x¢8€ÙjÀÿþ*´Ñ;áa´[¦†8*º~RÙxœòÜ8'£-)x*ä* URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\Web Check\WebCheck.dll No File
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM-x32 -  No Name - {364ea597-e728-4ce4-bb4a-ed846ef47970} -  No File
Toolbar: HKCU -  No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default
FF NewTab: about:home
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_33 - C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\melsy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\melsy\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\melsy\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\melsy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\melsy\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\ixquick-https---deutsch.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\searchplugins\the-pirate-bay.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MEGA EXTENSION - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firefox@mega.co.nz
FF Extension: Facebook Privacy Watcher - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\fpw@informatik.tu-darmstadt.de
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\ich@maltegoetz.de
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\youtubeunblocker@unblocker.yt
FF Extension: NoScript - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF Extension: HomeTab - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
FF Extension: Greasemonkey - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF Extension: firefox - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firefox@ghostery.com.xpi
FF Extension: firefox - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firefox@mega.co.nz.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firejump_1027.zip
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\firejump_1028.zip
FF Extension: fpw - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\fpw@informatik.tu-darmstadt.de.xpi
FF Extension: info - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\info@convert2mp3.net.xpi
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: nishan.naseer.googimagesearch - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\nishan.naseer.googimagesearch@gmail.com.xpi
FF Extension: requestpolicy - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\requestpolicy@requestpolicy.com.xpi
FF Extension: stealthyextension - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: youtubeunblocker - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\youtubeunblocker@unblocker.yt.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF Extension: No Name - C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF HKLM-x32\...\Firefox\Extensions: [{52b0f3db-f988-4788-b9dc-861d016f4487}] - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF Extension: No Name - C:\Program Files (x86)\Web Check\WebCheck.xpi
FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\mail@shopping-preise.de
FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\extension@preispilot.com
FF HKCU\...\Firefox\Extensions: [inlinetranslate@inlinetranslate.com] - C:\Users\melsy\AppData\Roaming\Mozilla\Firefox\Profiles\3mzjeqm2.default\extensions\inlinetranslate@inlinetranslate.com

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM-x32\...\Chrome\Extension: [dacechnliklhcacondhhkkfobapdopee] - C:\Program Files (x86)\Web Check\WebCheck.crx

==================== Services (Whitelisted) =================

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2011-08-12] (SUPERAntiSpyware.com)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-05] (Advanced Micro Devices, Inc.)
S2 avgfws; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [1432080 2013-09-04] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany)
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-16] (Hewlett-Packard)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [87040 2012-03-23] ()
S4 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3665752 2012-01-26] ()
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-09-02] (soft Xpansion)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [x]

==================== Drivers (Whitelisted) ====================

R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133160 2011-06-16] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-21] (Broadcom Corporation.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2011-11-07] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-03] (Anchorfree Inc.)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [51016 2011-11-01] (Yamaha Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 CpqDfw; system32\drivers\CpqDfw.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-20 02:36 - 2013-09-20 02:36 - 01950622 _____ (Farbar) C:\Users\melsy\Downloads\FRST64.exe
2013-09-20 02:26 - 2013-09-20 02:26 - 00891144 _____ C:\Users\melsy\Downloads\SecurityCheck.exe
2013-09-19 21:33 - 2013-09-19 21:33 - 02347384 _____ (ESET) C:\Users\melsy\Downloads\esetsmartinstaller_enu.exe
2013-09-19 15:23 - 2013-09-19 15:23 - 00001117 _____ C:\Users\melsy\Desktop\FRST64(1).exe - Verknüpfung.lnk
2013-09-19 14:58 - 2013-09-19 14:58 - 00024911 _____ C:\Users\melsy\Desktop\JRT.txt
2013-09-19 14:37 - 2013-09-19 14:37 - 00039714 _____ C:\Users\melsy\Downloads\AdwCleaner[S0].txt
2013-09-19 14:30 - 2013-09-19 14:33 - 00000000 ____D C:\AdwCleaner
2013-09-19 11:57 - 2013-09-19 11:57 - 01039554 _____ C:\Users\melsy\Downloads\adwcleaner.exe
2013-09-16 22:38 - 2013-09-16 22:38 - 00040972 _____ C:\ComboFix.txt
2013-09-16 22:18 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-16 22:18 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-16 22:18 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-16 22:18 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-16 22:18 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-16 22:18 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-16 22:18 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-16 22:18 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-16 22:17 - 2013-09-16 22:38 - 00000000 ____D C:\Qoobox
2013-09-16 22:17 - 2013-09-16 22:35 - 00000000 ____D C:\Windows\erdnt
2013-09-16 22:16 - 2013-09-16 22:16 - 05126417 ____R (Swearware) C:\Users\melsy\Downloads\ComboFix.exe
2013-09-16 18:03 - 2013-09-16 18:03 - 00000000 ____D C:\FRST
2013-09-16 13:29 - 2013-09-19 17:04 - 00000560 _____ C:\Windows\setupact.log
2013-09-16 13:29 - 2013-09-19 14:03 - 00010670 _____ C:\Windows\PFRO.log
2013-09-16 04:36 - 2013-09-19 14:41 - 00000000 ____D C:\Windows\ERUNT
2013-09-16 04:36 - 2013-09-16 04:38 - 00001203 _____ C:\DelFix.txt
2013-09-15 10:28 - 2013-09-19 14:32 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-09-15 10:28 - 2013-09-16 13:59 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-09-15 10:28 - 2013-08-13 08:38 - 00032328 _____ C:\Windows\Launcher.exe
2013-09-11 15:04 - 2013-09-11 15:04 - 04054000 _____ (LionSea Software                                            ) C:\Users\melsy\Downloads\setup(2).exe
2013-09-11 14:49 - 2013-07-31 16:17 - 17833472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 14:49 - 2013-07-31 15:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 14:49 - 2013-07-31 15:29 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 14:49 - 2013-07-31 15:20 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 14:49 - 2013-07-31 15:19 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 14:49 - 2013-07-31 15:18 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-09-11 14:49 - 2013-07-31 15:17 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-09-11 14:49 - 2013-07-31 15:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 14:49 - 2013-07-31 15:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-09-11 14:49 - 2013-07-31 15:13 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 14:49 - 2013-07-31 15:13 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-09-11 14:49 - 2013-07-31 15:11 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 14:49 - 2013-07-31 15:11 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 14:49 - 2013-07-31 15:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-09-11 14:49 - 2013-07-31 15:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 14:49 - 2013-07-31 15:05 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 14:49 - 2013-07-31 12:30 - 12335104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 14:49 - 2013-07-31 12:05 - 09738752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 14:49 - 2013-07-31 12:00 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 14:49 - 2013-07-31 11:53 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 14:49 - 2013-07-31 11:52 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-09-11 14:49 - 2013-07-31 11:52 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 14:49 - 2013-07-31 11:51 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-09-11 14:49 - 2013-07-31 11:49 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 14:49 - 2013-07-31 11:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 14:49 - 2013-07-31 11:48 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-09-11 14:49 - 2013-07-31 11:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-09-11 14:49 - 2013-07-31 11:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 14:49 - 2013-07-31 11:46 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 14:49 - 2013-07-31 11:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 14:49 - 2013-07-31 11:45 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-09-11 14:49 - 2013-07-31 11:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 13:49 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 13:49 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k(2052).sys
2013-09-11 13:49 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 13:49 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 13:49 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 13:49 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 13:49 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 13:49 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 13:49 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 13:49 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 13:49 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 13:49 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0(2044).dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0(2043).dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 13:49 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 13:49 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 13:49 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 13:49 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 13:49 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0(2056).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0(2059).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0(2057).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0(2058).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0(2055).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0(2054).dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0(2053).dll
2013-09-11 13:49 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 13:49 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 13:49 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 13:49 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 13:49 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 13:49 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 13:49 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 13:49 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 13:47 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 13:47 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 13:47 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 13:47 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-05 01:43 - 2013-09-05 01:43 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2013-09-02 15:08 - 2013-09-02 15:08 - 00957112 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\SaveAsPDFandXPS.exe
2013-09-02 15:08 - 2013-09-02 15:08 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-09-02 14:31 - 2013-09-02 14:31 - 00002138 _____ C:\Users\melsy\Desktop\Free PDF Perfect.lnk
2013-09-02 14:30 - 2013-09-02 14:30 - 00010464 _____ C:\Windows\SysWOW64\sx_p2d.tlb
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\ProgramData\Freemium
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\Program Files (x86)\Freemium
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Users\melsy\Downloads\freepdf
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-09-02 14:27 - 2013-09-20 02:17 - 00000000 ____D C:\Program Files (x86)\Web Check
2013-09-02 14:26 - 2013-09-02 14:28 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-02 14:21 - 2013-09-02 14:21 - 00444400 _____ C:\Users\melsy\Downloads\DLG_free-pdf-perfect_chip_de-DE10.exe
2013-08-29 14:49 - 2013-08-29 14:49 - 00000000 _____ C:\Windows\setuperr.log
2013-08-28 16:41 - 2013-08-29 13:12 - 00000000 ____D C:\Program Files\Hear
2013-08-28 16:41 - 2011-11-07 16:18 - 00046728 _____ C:\Windows\system32\Drivers\ren2cap.sys
2013-08-26 03:38 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2013-08-26 03:38 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2013-08-26 03:38 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2013-08-26 03:38 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2013-08-26 03:38 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2013-08-26 03:38 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2013-08-26 03:38 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2013-08-26 03:38 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2013-08-26 03:38 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2013-08-26 03:38 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2013-08-26 03:38 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2013-08-26 03:38 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2013-08-26 03:15 - 2013-08-26 03:16 - 50352408 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotnetfx45_full_x86_x64.exe
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\system32\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\inetpub
2013-08-26 02:30 - 2013-08-26 02:30 - 00003144 _____ C:\Windows\System32\Tasks\{963AFCB0-77B1-4C30-B305-F56C7A0EBB2B}
2013-08-26 02:28 - 2013-08-26 02:29 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup(1).exe
2013-08-26 02:26 - 2013-08-26 02:26 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup.exe
2013-08-26 02:21 - 2013-08-26 02:22 - 41580520 _____ (Hewlett-Packard                                             ) C:\Users\melsy\Downloads\sp58915.exe
2013-08-26 02:10 - 2012-02-14 15:24 - 00286426 _____ C:\Users\melsy\Downloads\Language.de.xml
2013-08-26 02:10 - 2010-07-19 22:13 - 00001283 _____ C:\Users\melsy\Downloads\Readme.txt
2013-08-26 02:09 - 2013-08-26 02:09 - 00069183 _____ C:\Users\melsy\Downloads\langpack-de-1.0.1-for-truecrypt-7.1a(1).zip
2013-08-26 02:08 - 2013-08-26 02:10 - 00000000 ____D C:\Users\melsy\AppData\Roaming\TrueCrypt
2013-08-26 02:07 - 2013-08-26 02:07 - 00000875 _____ C:\Users\Public\Desktop\TrueCrypt.lnk
2013-08-26 02:06 - 2013-08-26 02:06 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2013-08-26 02:06 - 2013-08-26 02:06 - 00000000 ____D C:\Program Files\TrueCrypt
2013-08-26 01:30 - 2013-08-26 01:30 - 00000649 _____ C:\Users\melsy\Documents\CyberGhostPUK.html
2013-08-26 01:26 - 2013-08-26 01:26 - 00000872 _____ C:\Users\Public\Desktop\CyberGhost VPN.lnk
2013-08-26 01:25 - 2013-08-26 01:29 - 00000000 ____D C:\Program Files\CyberGhost VPN
2013-08-26 01:25 - 2011-12-15 20:29 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys

==================== One Month Modified Files and Folders =======

2013-09-20 02:36 - 2013-09-20 02:36 - 01950622 _____ (Farbar) C:\Users\melsy\Downloads\FRST64.exe
2013-09-20 02:36 - 2013-01-24 00:10 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001UA.job
2013-09-20 02:26 - 2013-09-20 02:26 - 00891144 _____ C:\Users\melsy\Downloads\SecurityCheck.exe
2013-09-20 02:17 - 2013-09-02 14:27 - 00000000 ____D C:\Program Files (x86)\Web Check
2013-09-20 02:11 - 2012-08-13 23:06 - 00000386 _____ C:\Windows\Tasks\WpsUpdateTask_melsy.job
2013-09-20 01:39 - 2012-08-29 02:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-20 01:39 - 2012-07-27 21:04 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-20 01:13 - 2012-05-18 13:08 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Skype
2013-09-19 23:40 - 2012-08-29 02:45 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-19 23:39 - 2012-05-20 17:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 23:39 - 2011-08-09 13:02 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-19 21:35 - 2011-08-09 22:16 - 00772974 _____ C:\Windows\system32\perfh007.dat
2013-09-19 21:35 - 2011-08-09 22:16 - 00175058 _____ C:\Windows\system32\perfc007.dat
2013-09-19 21:35 - 2009-07-14 07:13 - 01804214 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-19 21:33 - 2013-09-19 21:33 - 02347384 _____ (ESET) C:\Users\melsy\Downloads\esetsmartinstaller_enu.exe
2013-09-19 20:13 - 2013-05-07 18:00 - 00000000 ____D C:\ProgramData\MFAData
2013-09-19 19:30 - 2012-05-18 16:55 - 00000000 ____D C:\Users\melsy\AppData\Roaming\vlc
2013-09-19 17:11 - 2011-12-10 06:03 - 01833567 _____ C:\Windows\WindowsUpdate.log
2013-09-19 17:04 - 2013-09-16 13:29 - 00000560 _____ C:\Windows\setupact.log
2013-09-19 15:39 - 2012-07-27 21:04 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-19 15:36 - 2013-01-24 00:10 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3195104690-1283173883-910289243-1001Core.job
2013-09-19 15:24 - 2012-05-21 14:38 - 00000000 ___RD C:\Users\melsy\Desktop\Sicherheit
2013-09-19 15:23 - 2013-09-19 15:23 - 00001117 _____ C:\Users\melsy\Desktop\FRST64(1).exe - Verknüpfung.lnk
2013-09-19 15:08 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-19 15:08 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-19 15:00 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-19 14:58 - 2013-09-19 14:58 - 00024911 _____ C:\Users\melsy\Desktop\JRT.txt
2013-09-19 14:41 - 2013-09-16 04:36 - 00000000 ____D C:\Windows\ERUNT
2013-09-19 14:37 - 2013-09-19 14:37 - 00039714 _____ C:\Users\melsy\Downloads\AdwCleaner[S0].txt
2013-09-19 14:33 - 2013-09-19 14:30 - 00000000 ____D C:\AdwCleaner
2013-09-19 14:32 - 2013-09-15 10:28 - 00000000 ____D C:\Windows\System32\Tasks\Browser Updater
2013-09-19 14:32 - 2012-11-25 15:31 - 00000000 ____D C:\Users\melsy\AppData\Roaming\CheckPoint
2013-09-19 14:03 - 2013-09-16 13:29 - 00010670 _____ C:\Windows\PFRO.log
2013-09-19 11:57 - 2013-09-19 11:57 - 01039554 _____ C:\Users\melsy\Downloads\adwcleaner.exe
2013-09-19 11:20 - 2013-04-27 18:33 - 00003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleFormelsy
2013-09-19 11:20 - 2013-04-27 18:33 - 00000332 _____ C:\Windows\Tasks\HPCeeScheduleFormelsy.job
2013-09-19 03:36 - 2012-05-20 18:06 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Mozilla
2013-09-18 13:43 - 2012-06-02 19:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-18 11:31 - 2012-05-20 18:06 - 00000000 ____D C:\Users\melsy\AppData\Local\Mozilla
2013-09-18 11:30 - 2012-05-20 18:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-18 11:21 - 2012-05-18 16:45 - 00000000 ____D C:\Users\melsy\AppData\Roaming\Audacity
2013-09-18 03:39 - 2013-03-05 14:41 - 00000000 ____D C:\Users\melsy\AppData\Roaming\TS3Client
2013-09-16 22:38 - 2013-09-16 22:38 - 00040972 _____ C:\ComboFix.txt
2013-09-16 22:38 - 2013-09-16 22:17 - 00000000 ____D C:\Qoobox
2013-09-16 22:38 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-09-16 22:35 - 2013-09-16 22:17 - 00000000 ____D C:\Windows\erdnt
2013-09-16 22:34 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-09-16 22:16 - 2013-09-16 22:16 - 05126417 ____R (Swearware) C:\Users\melsy\Downloads\ComboFix.exe
2013-09-16 18:03 - 2013-09-16 18:03 - 00000000 ____D C:\FRST
2013-09-16 13:59 - 2013-09-15 10:28 - 00000000 ____D C:\Windows\System32\Tasks\ProtectedSearch
2013-09-16 13:59 - 2013-08-12 06:53 - 00000000 ____D C:\Users\melsy\AppData\Roaming\dp3d
2013-09-16 13:59 - 2013-05-18 22:52 - 00000000 ____D C:\Users\melsy\AppData\Roaming\EssentialPIM
2013-09-16 13:59 - 2013-02-03 16:59 - 00000000 ____D C:\Users\melsy\.tuxguitar-1.2
2013-09-16 13:59 - 2012-12-18 15:30 - 00000000 ____D C:\Program Files (x86)\AntiPhotoSpy
2013-09-16 13:59 - 2012-06-23 14:51 - 00000000 ____D C:\Windows\system32\Macromed
2013-09-16 13:59 - 2012-06-17 15:14 - 00000000 ____D C:\Users\melsy\AppData\Local\Abelssoft
2013-09-16 13:59 - 2012-05-25 15:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2013-09-16 13:59 - 2012-05-20 13:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2013-09-16 13:59 - 2012-05-19 14:23 - 00000000 ____D C:\Program Files (x86)\ScanIT-Client
2013-09-16 13:59 - 2012-05-18 12:50 - 00000000 ___RD C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-16 13:59 - 2012-05-18 12:50 - 00000000 ___RD C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-16 13:59 - 2012-05-18 12:45 - 00000000 ____D C:\Users\melsy\AppData\Local\Hewlett-Packard
2013-09-16 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-09-16 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-09-16 13:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-09-16 13:55 - 2012-05-25 15:55 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SUPERAntiSpyware.com
2013-09-16 13:21 - 2012-08-21 10:03 - 00000000 ____D C:\Windows\Minidump
2013-09-16 04:38 - 2013-09-16 04:36 - 00001203 _____ C:\DelFix.txt
2013-09-16 04:27 - 2012-05-18 12:43 - 00000000 ____D C:\Users\melsy
2013-09-15 17:37 - 2012-05-20 17:38 - 00000000 ____D C:\Users\melsy\AppData\Local\CrashDumps
2013-09-15 10:27 - 2012-08-21 16:29 - 00001409 _____ C:\Users\melsy\Desktop\Internet Explorer.lnk
2013-09-15 10:27 - 2012-06-02 19:17 - 00001107 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-09-15 10:27 - 2012-05-18 12:51 - 00001405 _____ C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-09-15 10:27 - 2012-05-18 12:50 - 00001439 _____ C:\Users\melsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-09-14 13:03 - 2012-05-20 13:12 - 00000000 ____D C:\Users\melsy\Documents\Gitarre
2013-09-14 11:58 - 2012-05-19 17:43 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-09-14 11:57 - 2012-05-26 17:23 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-09-13 08:37 - 2013-07-26 01:28 - 00000941 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-09-11 15:04 - 2013-09-11 15:04 - 04054000 _____ (LionSea Software                                            ) C:\Users\melsy\Downloads\setup(2).exe
2013-09-11 14:54 - 2013-05-20 19:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 14:51 - 2013-01-13 17:21 - 00001979 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2013-09-11 14:21 - 2009-07-14 06:45 - 00544232 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 14:12 - 2012-05-20 13:51 - 01831832 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-11 14:11 - 2013-07-11 12:55 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 14:03 - 2012-05-21 04:56 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 02:58 - 2012-07-02 02:36 - 00000410 _____ C:\Windows\Tasks\EasyShare Registration Task.job
2013-09-05 01:43 - 2013-09-05 01:43 - 00045880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2013-09-04 13:50 - 2012-08-09 23:07 - 00000000 ____D C:\Users\melsy\Documents\My Downloaded Video
2013-09-02 15:08 - 2013-09-02 15:08 - 00957112 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\SaveAsPDFandXPS.exe
2013-09-02 15:08 - 2013-09-02 15:08 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-09-02 14:31 - 2013-09-02 14:31 - 00002138 _____ C:\Users\melsy\Desktop\Free PDF Perfect.lnk
2013-09-02 14:30 - 2013-09-02 14:30 - 00010464 _____ C:\Windows\SysWOW64\sx_p2d.tlb
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\ProgramData\Freemium
2013-09-02 14:30 - 2013-09-02 14:30 - 00000000 ____D C:\Program Files (x86)\Freemium
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Users\melsy\Downloads\freepdf
2013-09-02 14:28 - 2013-09-02 14:28 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-09-02 14:28 - 2013-09-02 14:26 - 00000000 ____D C:\ProgramData\Package Cache
2013-09-02 14:21 - 2013-09-02 14:21 - 00444400 _____ C:\Users\melsy\Downloads\DLG_free-pdf-perfect_chip_de-DE10.exe
2013-08-29 14:49 - 2013-08-29 14:49 - 00000000 _____ C:\Windows\setuperr.log
2013-08-29 14:47 - 2012-05-20 13:52 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SoftGrid Client
2013-08-29 14:00 - 2013-03-05 14:40 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2013-08-29 13:40 - 2013-06-02 20:51 - 00000000 ____D C:\Users\melsy\AppData\Local\Freenet
2013-08-29 13:13 - 2012-05-22 00:39 - 00000000 ___RD C:\Users\melsy\Desktop\TONSTUDIO
2013-08-29 13:12 - 2013-08-28 16:41 - 00000000 ____D C:\Program Files\Hear
2013-08-29 13:11 - 2012-08-21 18:03 - 00000000 ____D C:\Windows\pss
2013-08-26 06:17 - 2011-02-10 21:23 - 00000000 ____D C:\SWSetup
2013-08-26 05:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2013-08-26 05:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2013-08-26 03:16 - 2013-08-26 03:15 - 50352408 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotnetfx45_full_x86_x64.exe
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\Windows\system32\BestPractices
2013-08-26 02:35 - 2013-08-26 02:35 - 00000000 ____D C:\inetpub
2013-08-26 02:30 - 2013-08-26 02:30 - 00003144 _____ C:\Windows\System32\Tasks\{963AFCB0-77B1-4C30-B305-F56C7A0EBB2B}
2013-08-26 02:29 - 2013-08-26 02:28 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup(1).exe
2013-08-26 02:26 - 2013-08-26 02:26 - 02869264 _____ (Microsoft Corporation) C:\Users\melsy\Downloads\dotNetFx35setup.exe
2013-08-26 02:22 - 2013-08-26 02:21 - 41580520 _____ (Hewlett-Packard                                             ) C:\Users\melsy\Downloads\sp58915.exe
2013-08-26 02:10 - 2013-08-26 02:08 - 00000000 ____D C:\Users\melsy\AppData\Roaming\TrueCrypt
2013-08-26 02:09 - 2013-08-26 02:09 - 00069183 _____ C:\Users\melsy\Downloads\langpack-de-1.0.1-for-truecrypt-7.1a(1).zip
2013-08-26 02:07 - 2013-08-26 02:07 - 00000875 _____ C:\Users\Public\Desktop\TrueCrypt.lnk
2013-08-26 02:06 - 2013-08-26 02:06 - 00231376 _____ (TrueCrypt Foundation) C:\Windows\system32\Drivers\truecrypt.sys
2013-08-26 02:06 - 2013-08-26 02:06 - 00000000 ____D C:\Program Files\TrueCrypt
2013-08-26 01:30 - 2013-08-26 01:30 - 00000649 _____ C:\Users\melsy\Documents\CyberGhostPUK.html
2013-08-26 01:29 - 2013-08-26 01:25 - 00000000 ____D C:\Program Files\CyberGhost VPN
2013-08-26 01:26 - 2013-08-26 01:26 - 00000872 _____ C:\Users\Public\Desktop\CyberGhost VPN.lnk
2013-08-24 02:33 - 2012-10-07 00:30 - 00000000 ____D C:\Users\melsy\AppData\Roaming\SpaceShooter

Some content of TEMP:
====================
C:\Users\melsy\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-11 01:20

==================== End Of Log ============================

--- --- ---

--- --- ---

danke und Gruss wolle

schrauber · 20.09.2013, 11:22

java und Adobe updaten.
backup auf G löschen.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

lobowolf · 22.09.2013, 16:32

habe alles gemacht wie oben beschrieben, den einzigen hinweis den ich bekommen habe " Delfix konnte nicht komplett gelöscht werden , für mich eigentlich klar weil ja das während des betriebes von delfix war. von delfix bekam ich folgende Meldung

Code:

ATTFilter

# DelFix v10.4 - Datei am 22/09/2013 um 17:20:42 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Benutzer : melsy - MELSY-HP
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Aktiviere die Benutzerkontensteuerung ... OK

~ Entferne die Bereinigungsprogramme ...

Gelöscht : C:\Qoobox
Gelöscht : C:\Users\melsy\Desktop\FRST64(1).exe - Verknüpfung.lnk
Gelöscht : C:\Users\melsy\Downloads\adwcleaner.exe
Gelöscht : C:\Users\melsy\Downloads\AdwCleaner[S0].txt
Gelöscht : C:\Users\melsy\Downloads\esetsmartinstaller_enu.exe
Gelöscht : C:\Users\melsy\Downloads\FRST.txt
Gelöscht : C:\Users\melsy\Downloads\FRST64.exe
Gelöscht : C:\Users\melsy\Downloads\SecurityCheck.exe
Gelöscht : C:\Users\melsy\Downloads\TFC.exe
Gelöscht : C:\Windows\grep.exe
Gelöscht : C:\Windows\PEV.exe
Gelöscht : C:\Windows\NIRCMD.exe
Gelöscht : C:\Windows\MBR.exe
Gelöscht : C:\Windows\SED.exe
Gelöscht : C:\Windows\SWREG.exe
Gelöscht : C:\Windows\SWSC.exe
Gelöscht : C:\Windows\SWXCACLS.exe
Gelöscht : C:\Windows\Zip.exe
Gelöscht : HKLM\SOFTWARE\OldTimer Tools
Gelöscht : HKLM\SOFTWARE\AdwCleaner
Gelöscht : HKLM\SOFTWARE\Swearware
Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~ Erstelle ein Backup der Registrierungsdatenbank ... OK

~ Lösche die Wiederherstellungspunkte ...

Gelöscht : RP #256 [Ende der Bereinigung | 09/16/2013 02:37:48]

Ein neuer Wiederherstellungspunkt wurde erstellt !

~ Stelle die Systemeinstellungen wieder her ... OK

########## - EOF - ##########

Hallo Schrauber Notebook funktioniert problemslos Danke dir für deine Hilfe siehe PM
LG wolle

schrauber · 22.09.2013, 19:25

Gern Geschehen

22.09.2013, 19:25	#13
schrauber /// the machine /// TB-Ausbilder	Seit Tagen bekomme ich die Meldung " C:/ProgrammFilex86/HomeTab/TABupdater.DLL Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Seit Tagen bekomme ich die Meldung " C:/ProgrammFilex86/HomeTab/TABupdater.DLL

Plagegeister aller Art und deren Bekämpfung: Seit Tagen bekomme ich die Meldung " C:/ProgrammFilex86/HomeTab/TABupdater.DLL