WINDOWS 7, 64bit - Werbefenster poppen auf - ständige Aufforderung Java o.ä. Updates zu machen

hobbitine · 24.03.2014, 17:57

Hallo!
Seit einiger Zeit werde ich mit Werbeanzeigen regelrecht zugebombt und im Text erscheinen einzelne Wörter doppelt grün unterstrichen. Beim Darüberfahren öffnen sich kleine Werbefenster. Sobald ich einen neuen Tab öffne geht ein leeres Fenster auf, welches mich zu interyield weiterleitet. Außerdem steht oft Ads by Buzzit da,obwohl ich Pop-ups eigentlich geblockt habe.
Ich habe unter Systemsteuerung schon einiges entfernt, dass sich irgendwie am 26.02. scheinbar selbst installiert hat, aber es ist wohl doch nicht verschwunden!

Was kann ich tun und warum zeigt Norton 360° nichts an? Muss ich da noch etwas an meinen Einstellungen ändern?

Ich habe bei euch schon ein wenig geschnüffelt und mir FRST 64 runtergeladen.
Hier ist das Ergebniß:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Sternschnuppe (administrator) on RUMPELKAMMER on 24-03-2014 17:47:48
Running from J:\Hörbücher
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Buzz-it-soft\Buzz-it_wd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
() C:\Program Files\IB Updater\ExtensionUpdaterService.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2011-12-23] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2011-12-23] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [EPSON Stylus DX3800 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE [98304 2005-02-08] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-05] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-12] (Hewlett-Packard)
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [IncrediMail] - C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [367168 2013-01-24] (IncrediMail, Ltd.)
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20588704 2013-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [NextLive] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Sternschnuppe\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-02-11] (AMD)

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP62DA7751-F4DA-4708-8777-B94675373D37&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {975EC1F3-19EA-448A-A407-7B1A68C9F353} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {975EC1F3-19EA-448A-A407-7B1A68C9F353} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP62DA7751-F4DA-4708-8777-B94675373D37&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP62DA7751-F4DA-4708-8777-B94675373D37&q={searchTerms}&SSPV=
SearchScopes: HKCU - {45F761FE-B2E0-425E-8DD0-86E363068F44} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=^U3&apn_dtid=^YYYYYY^YY^DE&apn_uid=4C89A030-8D9D-4096-88DC-D487BD2CAA4E&apn_sauid=441A43D9-4F97-43BC-AD6E-B48845F5B0DA
SearchScopes: HKCU - {975EC1F3-19EA-448A-A407-7B1A68C9F353} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: IB Updater - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension64.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: IB Updater - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Ask.com
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\1-hs-sceneto.undefined.undefined
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\amazonde-hrbuch-shop-bcher.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\chefkochde.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\holidaycheck.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\hs-sceneto.undefined.undefined
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\weltbildde--.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\youtube-videosuche.undefined.undefined
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\youtubeunblocker@unblocker.yt [2014-03-21]
FF Extension: Forecastfox - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2012-12-03]
FF Extension: Add to Search Bar - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\add-to-searchbox@maltekraus.de.xpi [2012-12-03]
FF Extension: MEGA - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\firefox@mega.co.nz.xpi [2014-01-16]
FF Extension: Facebook Blocker - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\info@skymeissner.com.xpi [2013-07-29]
FF Extension: Personas Plus - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\personas@christopher.beard.xpi [2012-12-03]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-03-21]
FF Extension: Adblock Plus - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-03]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF Extension: IB Updater - C:\Program Files\IB Updater\Firefox [2012-12-03]
FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF Extension: IB Updater - C:\Program Files\IB Updater\Firefox [2012-12-03]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF [2013-10-09]
FF HKLM-x32\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox

==================== Services (Whitelisted) =================

R2 Buzz-it; C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe [192512 2014-02-26] ()
S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-02-25] (CyberLink)
R2 IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760 2012-11-20] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-04-10] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2013-12-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-25] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140321.001\IDSvia64.sys [524504 2014-03-06] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-04-10] ()
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140324.001\ENG64.SYS [126040 2013-11-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140324.001\EX64.SYS [2099288 2013-11-25] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-24 17:20 - 2014-03-24 17:47 - 00000000 ____D () C:\FRST
2014-03-23 14:01 - 2014-03-23 14:01 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Islands5_realore_bigfishgames_de
2014-03-23 13:55 - 2014-03-23 13:55 - 00001159 _____ () C:\Users\Public\Desktop\Island Tribe 5.lnk
2014-03-23 13:47 - 2014-03-23 13:49 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\NPE
2014-03-15 14:06 - 2014-03-15 14:06 - 00001331 _____ () C:\Users\Sternschnuppe\Desktop\Minecraft CHEAT EDiTiON by BlackTBK.lnk
2014-03-13 15:48 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 15:48 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 15:48 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 15:48 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 15:48 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 15:48 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 15:48 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 15:48 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 15:48 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 15:48 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 15:48 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 15:48 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 15:48 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 15:48 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 15:48 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 15:48 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 15:48 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 15:48 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 15:48 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 15:48 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 15:48 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 15:48 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 15:48 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 15:48 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 15:48 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 15:48 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 15:48 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 15:48 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 15:48 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 15:48 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 15:48 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 15:48 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 15:48 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 15:48 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 15:48 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 15:48 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 15:48 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 15:48 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 15:48 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 15:48 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 15:48 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 15:48 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 15:48 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 15:48 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 15:47 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 15:47 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 15:47 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 15:47 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-01 14:06 - 2014-03-01 14:06 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-26 19:57 - 2014-03-24 16:48 - 00000400 _____ () C:\Windows\Tasks\Buzz-it Update.job
2014-02-26 19:57 - 2014-03-24 16:48 - 00000394 _____ () C:\Windows\Tasks\Buzz-it_wd.job
2014-02-26 19:57 - 2014-03-04 21:28 - 00000000 ____D () C:\Program Files (x86)\Buzz-it-soft
2014-02-26 19:57 - 2014-02-26 19:57 - 00003064 _____ () C:\Windows\System32\Tasks\Buzz-it Update
2014-02-26 19:57 - 2014-02-26 19:57 - 00002998 _____ () C:\Windows\System32\Tasks\Buzz-it_wd
2014-02-26 19:55 - 2014-02-28 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-26 19:55 - 2014-02-26 21:09 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-26 19:54 - 2014-02-26 19:54 - 21703480 _____ (Mozilla) C:\Users\Sternschnuppe\Downloads\Firefox Setup 22.0.exe
2014-02-26 19:53 - 2014-02-16 17:56 - 00000426 _____ () C:\AVScanner.ini
2014-02-26 19:47 - 2014-03-24 16:48 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\newnext.me
2014-02-26 19:47 - 2014-02-26 19:57 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\VOPackage
2014-02-26 19:47 - 2014-02-26 19:51 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Systweak
2014-02-26 19:47 - 2014-02-26 19:48 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\Mobogenie
2014-02-26 19:47 - 2014-02-26 19:48 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\Documents\Mobogenie
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\genienext
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\cache
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\.android
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 _____ () C:\Users\Sternschnuppe\daemonprocess.txt
2014-02-26 19:47 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe

==================== One Month Modified Files and Folders =======

2014-03-24 17:47 - 2014-03-24 17:20 - 00000000 ____D () C:\FRST
2014-03-24 17:13 - 2012-12-03 19:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-24 16:57 - 2012-12-03 19:05 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6DF3B6D9-F082-432F-BF4B-152FA2C45AA8}
2014-03-24 16:55 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-24 16:55 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-24 16:51 - 2013-07-02 13:24 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-24 16:51 - 2012-12-03 18:19 - 01714960 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 16:48 - 2014-02-26 19:57 - 00000400 _____ () C:\Windows\Tasks\Buzz-it Update.job
2014-03-24 16:48 - 2014-02-26 19:57 - 00000394 _____ () C:\Windows\Tasks\Buzz-it_wd.job
2014-03-24 16:48 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\newnext.me
2014-03-24 16:48 - 2014-01-02 20:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-24 16:48 - 2013-07-02 13:24 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-24 16:48 - 2012-05-16 01:37 - 00000000 ____D () C:\ProgramData\PDFC
2014-03-24 16:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-24 16:47 - 2009-07-14 05:51 - 00122272 _____ () C:\Windows\setupact.log
2014-03-24 11:17 - 2014-02-10 11:17 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\FileAdvisor
2014-03-24 11:17 - 2014-02-09 11:17 - 00000000 ____D () C:\Program Files (x86)\File Type Advisor
2014-03-23 14:01 - 2014-03-23 14:01 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Islands5_realore_bigfishgames_de
2014-03-23 13:55 - 2014-03-23 13:55 - 00001159 _____ () C:\Users\Public\Desktop\Island Tribe 5.lnk
2014-03-23 13:55 - 2012-12-04 10:08 - 00000000 ____D () C:\Program Files (x86)\Spiele
2014-03-23 13:49 - 2014-03-23 13:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\NPE
2014-03-23 13:48 - 2012-05-16 01:40 - 00000000 ____D () C:\ProgramData\Norton
2014-03-23 11:55 - 2012-05-16 01:05 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-03-23 11:55 - 2012-05-16 01:05 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-03-23 11:55 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-23 11:42 - 2010-11-21 04:47 - 00791058 _____ () C:\Windows\PFRO.log
2014-03-21 10:53 - 2012-12-05 16:13 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\vlc
2014-03-20 17:10 - 2012-12-03 22:00 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-03-20 13:27 - 2012-12-05 15:24 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSternschnuppe
2014-03-20 13:27 - 2012-12-05 15:24 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForSternschnuppe.job
2014-03-19 15:08 - 2012-12-27 09:17 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-19 15:08 - 2012-12-05 15:23 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-18 12:20 - 2013-08-14 22:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 12:16 - 2012-12-03 19:11 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-16 15:52 - 2013-08-16 13:30 - 00043520 _____ () C:\Windows\SysWOW64\CmdLineExt03.dll
2014-03-15 14:07 - 2013-12-23 17:06 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\.minecraft
2014-03-15 14:06 - 2014-03-15 14:06 - 00001331 _____ () C:\Users\Sternschnuppe\Desktop\Minecraft CHEAT EDiTiON by BlackTBK.lnk
2014-03-14 12:45 - 2013-03-13 19:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 12:45 - 2013-03-13 19:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 12:45 - 2009-07-14 05:45 - 00435280 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 20:39 - 2014-01-09 22:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 20:13 - 2012-12-03 19:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 20:13 - 2012-12-03 19:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 20:13 - 2012-05-16 01:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-09 18:13 - 2014-02-02 16:47 - 00000336 _____ () C:\Users\Sternschnuppe\Desktop\KNeuNam.ini
2014-03-05 15:20 - 2012-12-04 10:34 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\CrashDumps
2014-03-05 12:43 - 2013-11-17 12:28 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-03-05 10:19 - 2013-11-16 12:25 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Skype
2014-03-04 21:32 - 2013-11-16 12:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-04 21:32 - 2013-11-16 12:25 - 00000000 ____D () C:\ProgramData\Skype
2014-03-04 21:28 - 2014-02-26 19:57 - 00000000 ____D () C:\Program Files (x86)\Buzz-it-soft
2014-03-01 19:17 - 2011-02-11 18:15 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 14:06 - 2014-03-01 14:06 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-01 07:05 - 2014-03-13 15:48 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 15:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 15:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 15:48 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 15:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 15:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 15:48 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 15:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 15:48 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 15:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 15:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 15:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 15:48 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 15:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 15:48 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 15:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 15:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 15:48 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 15:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 15:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 15:48 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 15:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 15:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 15:48 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 15:48 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 15:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 15:48 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 15:48 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 15:48 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 15:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 15:48 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 15:48 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 15:48 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 15:48 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 15:48 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 15:48 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 15:48 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 15:48 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 15:48 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 15:48 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 16:43 - 2014-02-26 19:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-26 21:09 - 2014-02-26 19:55 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-26 21:09 - 2014-02-14 18:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-26 19:57 - 2014-02-26 19:57 - 00003064 _____ () C:\Windows\System32\Tasks\Buzz-it Update
2014-02-26 19:57 - 2014-02-26 19:57 - 00002998 _____ () C:\Windows\System32\Tasks\Buzz-it_wd
2014-02-26 19:57 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\VOPackage
2014-02-26 19:54 - 2014-02-26 19:54 - 21703480 _____ (Mozilla) C:\Users\Sternschnuppe\Downloads\Firefox Setup 22.0.exe
2014-02-26 19:51 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Systweak
2014-02-26 19:51 - 2012-12-03 19:05 - 00000000 ___RD () C:\Users\Sternschnuppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-26 19:48 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\Mobogenie
2014-02-26 19:48 - 2014-02-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\Documents\Mobogenie
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\genienext
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\cache
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\.android
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 _____ () C:\Users\Sternschnuppe\daemonprocess.txt
2014-02-26 19:47 - 2012-12-03 18:20 - 00000000 ____D () C:\Users\Sternschnuppe

Some content of TEMP:
====================
C:\Users\Sternschnuppe\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-22 18:29

==================== End Of Log ============================

--- --- ---

--- --- ---

Ich hoffe, es hilft mir jemand. Vielen Dank schon mal.

schrauber · 24.03.2014, 18:08

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

hobbitine · 24.03.2014, 18:31

Ich habe gerade entdeckt, das Buzzit immer noch auf C: vorhanden ist, obwohl ich es über Systemsteuerung deinstalliert hatte: R2 Buzz-it; C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe [192512 2014-02-26] ()

Sorry, wegen des Anhangs, ich hatte schon überlegt, wie ich das in so eine schöne Box bekomme. Danke!

schrauber · 25.03.2014, 12:13

da fehlt noch die Additional.txt. Such die mal, brauchste nicht posten, aber du brauchst sie gleich:

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

hobbitine · 25.03.2014, 15:10

Vielleicht bin ich ja blind, ich finde im Text nichts mit dem Zusatz <== ATTENTION. Deshalb stell ich ihn doch ein:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Sternschnuppe at 2014-03-24 17:47:59
Running from J:\Hörbücher
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton 360 Online (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Online (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

A Gnome's Home - Der Kristall des Lebens Version 1.0 (HKLM-x32\...\{3A82CFD6-CE0B-4349-8768-C886C8437ED0}_is1) (Version: 1.0 - Share)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Allway Sync version 8.1.0 (HKLM-x32\...\Allway Sync_is1) (Version:  - Usov Lab)
AMD Accelerated Video Transcoding (Version: 12.5.100.20928 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70928.1539 - Advanced Micro Devices, Inc.) Hidden
Ancient Rome 2 Version 1.0 (HKLM-x32\...\{C159A96C-6543-41B1-88C7-550580D0D8BF}_is1) (Version: 1.0 - Share)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Besiedelte Welten - Das alte Aegypten (HKLM-x32\...\Besiedelte Welten - Das alte Aegypten) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
calibre (HKLM-x32\...\{D060E2E3-5509-4420-AA04-FA197C6678C8}) (Version: 0.9.28 - Kovid Goyal)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0928.1532.26058 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0928.1531.26058 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
Christmas Stories - Nussknacker Sammleredition Version 1.0 (HKLM-x32\...\{3E282096-63E1-4B4F-9B94-A0C39EE04D5F}_is1) (Version: 1.0 - Share)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Clone Wars (HKCU\...\SOE-Clone Wars) (Version:  - Sony Online Entertainment)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.3226 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.1.3226 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Parables 4 - Der Orden der Rotkäppchen Sammleredition Version 1.0 (HKLM-x32\...\Dark Parables 4 - Der Orden der Rotkäppchen Samm~53E6409B_is1) (Version: 1.0 - Share)
Das Verrückte Königreich Version 1.0 (HKLM-x32\...\{A3D34597-AFE2-4650-97DC-2701A2DAEE2A}_is1) (Version: 1.0 - Share)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
Die verlassenen Inseln (HKLM-x32\...\Die verlassenen Inseln) (Version:  - )
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
Farm Frenzy - Das antike Rom (HKLM-x32\...\Farm Frenzy - Das antike Rom) (Version:  - )
Farm Frenzy - Helden der Wikinger (HKLM-x32\...\Farm Frenzy - Helden der Wikinger) (Version:  - )
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farm Tribe 2 Version 1.0 (HKLM-x32\...\{BE253326-0F45-47E9-9DA3-873A39A8445E}_is1) (Version: 1.0 - Share)
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
File Type Advisor 1.4 (HKLM-x32\...\File Type Advisor_is1) (Version:  - filetypeadvisor.com)
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom - Frosty Splash (DE) (HKLM-x32\...\Fishdom - Frosty Splash (DE)) (Version:  - )
Fishdom - Spooky Splash (HKLM-x32\...\Fishdom - Spooky Splash) (Version:  - )
Fishdom (HKLM-x32\...\Fishdom) (Version:  - )
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 2 (HKLM-x32\...\Fishdom 2) (Version:  - )
Fishdom H2O - Hidden Odyssey (HKLM-x32\...\Fishdom H2O - Hidden Odyssey) (Version:  - )
Fishdom Seasons under the Sea (HKLM-x32\...\Fishdom Seasons under the Sea) (Version:  - )
Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Garden Rescue - Weihnachtsedition Version 1.0 (HKLM-x32\...\{43C33181-A544-4A31-A7F2-3B803106A46E}_is1) (Version: 1.0 - Share)
Giana Sisters - Twisted Dreams (HKLM-x32\...\Giana Sisters - Twisted Dreams) (Version: 1.0 - Black Forest Games)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Grim Facade 2 - Dunkle Obsession Sammleredition (HKLM-x32\...\Grim Facade 2 - Dunkle Obsession Sammleredition) (Version:  - )
Grim Tales 3 - Gefährliche Wünsche Sammleredition Version 1.0 (HKLM-x32\...\Grim Tales 3 - Gefährliche Wünsche Sammleredition_is1) (Version: 1.0 - Share)
Haunted Hotel 4 - Der Fall Charles Dexter Ward - Sammleredition (HKLM-x32\...\Haunted Hotel 4 - Der Fall Charles Dexter Ward - Sammleredition) (Version:  - )
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{452479C5-0118-48E9-AA69-0A7339F95FC8}) (Version: 5.1.4289.23799 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.220.0 - Advanced Micro Devices, Inc.) Hidden
IB Updater 2.0.0.550 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.550 - IncrediBar) <==== ATTENTION
Im Land der Wikinger Version 1.0 (HKLM-x32\...\{29CF1967-D5FF-4DFE-AE79-A7884849BFC2}_is1) (Version: 1.0 - Share)
IncrediMail (x32 Version: 6.3.9.5254 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM-x32\...\IncrediMail) (Version: 6.3.9.5254 - IncrediMail Ltd.)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Island Tribe (HKLM-x32\...\Island Tribe) (Version:  - )
Island Tribe 2 (HKLM-x32\...\Island Tribe 2) (Version:  - )
Island Tribe 3 (HKLM-x32\...\Island Tribe 3) (Version:  - )
Island Tribe 4 Version 1.0 (HKLM-x32\...\{CD8A89A3-16C9-4D26-9F32-F36BE671A842}_is1) (Version: 1.0 - Share)
Island Tribe 5 Version 1.0 (HKLM-x32\...\{3B62C508-BF01-4007-A3FA-A83A78862C78}_is1) (Version: 1.0 - Share)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
JDownloader (HKLM-x32\...\JDownloader) (Version:  - AppWork UG (haftungsbeschränkt))
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
Luxor - 5th Passage (HKLM-x32\...\Luxor - 5th Passage) (Version:  - )
Luxor 1 (HKLM-x32\...\Luxor 1) (Version:  - )
Luxor 2 (HKLM-x32\...\Luxor 2) (Version:  - )
Luxor 3 (HKLM-x32\...\Luxor 3) (Version:  - )
Luxor 4 Quest For The Afterlife (HKLM-x32\...\Luxor 4 Quest For The Afterlife) (Version:  - )
Luxor Mahjong (HKLM-x32\...\Luxor Mahjong) (Version:  - )
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
MarkAble 2.2.0 (HKLM-x32\...\MarkAble2_is1) (Version: 2.2.0 - Rightword Enterprises)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft CHEAT EDiTiON by BlackTBK Version 1.7.2 (HKLM-x32\...\{F41E7266-3195-4ACA-9C5C-8BBA1802AE30}_is1) (Version: 1.7.2 - BLACKTBK)
Moorhuhn 2 (HKLM-x32\...\Moorhuhn 2 deinstallieren) (Version:  - )
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mp3tag v2.48 (HKLM-x32\...\Mp3tag) (Version: v2.48 - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Kingdom for the Princess 3 (HKLM-x32\...\My Kingdom for the Princess 3) (Version:  - )
My Kingdom for the Princess II (HKLM-x32\...\My Kingdom for the Princess II) (Version:  - )
Mystery Legends - The Phantom of the Opera Sammleredition (HKLM-x32\...\Mystery Legends - The Phantom of the Opera Sammleredition) (Version:  - )
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (x32 Version: 12.0.2001 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.14300 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 12.0.20000 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18100 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.18200 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (x32 Version: 12.0.24000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
New Yankee 2 - Unter Rittern Version 1.0 (HKLM-x32\...\{6315B496-ED07-44F2-BB0D-9B227A71D002}_is1) (Version: 1.0 - Share)
Nightmares from the Deep - Die Schädelinsel - Sammleredition (HKLM-x32\...\Nightmares from the Deep - Die Schädelinsel - Sammleredition) (Version:  - )
Norton 360 (HKLM-x32\...\N360) (Version: 20.4.0.40 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Phenomenon 2 - Meteorit Sammleredition Version 1.0 (HKLM-x32\...\{C3526FFC-1251-42D2-9C27-74991C4EBD85}_is1) (Version: 1.0 - Share)
Photo Notifier and Animation Creator (HKLM-x32\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Photo Notifier and Animation Creator (x32 Version: 1.0.0.1009 - Ihr Firmenname) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5706 - CyberLink Corp.) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Roads of Rome (HKLM-x32\...\Roads of Rome) (Version:  - )
Roads of Rome 2 (HKLM-x32\...\Roads of Rome 2) (Version:  - )
Roads Of Rome 3 (HKLM-x32\...\Roads Of Rome 3) (Version:  - )
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)
Safari Park Afrika Version 1.0 (HKLM-x32\...\{B9FC3D77-05D2-4B06-A66E-0EACC3AEBA1C}_is1) (Version: 1.0 - Share)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Sisters Secrecy - Mysteriöse Abstammung Sammleredition (HKLM-x32\...\Sisters Secrecy - Mysteriöse Abstammung Sammleredition) (Version:  - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stoneloops! of Jurassica (HKLM-x32\...\Stoneloops! of Jurassica) (Version:  - )
The TimeBuilders - Pyramid Rising 2 Version 1.0 (HKLM-x32\...\{4355719B-BCFF-43F1-B7F5-76BB6913AC35}_is1) (Version: 1.0 - Share)
The Tribloos 2 Version 1.0 (HKLM-x32\...\{FCFF97CC-6FAE-429C-9999-76AE808CB785}_is1) (Version: 1.0 - Share)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{4B93560B-F33D-4A67-A224-F5E1C329BD22}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

04-03-2014 20:31:52 Windows Update
12-03-2014 21:23:21 Geplanter Prüfpunkt
13-03-2014 19:35:51 Windows Update
18-03-2014 11:16:23 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04826A8F-0749-446E-9EC8-7AD568B82773} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2013-09-04] (File Type Advisor)
Task: {2F8CBE75-E1C7-4368-B619-DDC6C84E789D} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {3020F16D-F93C-4967-8FED-96A05C5B140F} - System32\Tasks\HPCeeScheduleForSternschnuppe => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {32E555C7-CBD6-44B8-9911-DB95B1B386B7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {3316B426-3002-426C-AE8C-9F0A9F404838} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02] (Google Inc.)
Task: {38F78881-1615-449E-AC7E-3D5ACFE75EE5} - System32\Tasks\Buzz-it_wd => C:\Program Files (x86)\Buzz-it-soft\Buzz-it_wd.exe [2014-02-26] ()
Task: {462A960E-D8CC-44CA-8591-F32B285823B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {4C03F788-732F-4268-B2C7-DCC6EC441881} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {54FFE130-DC72-4221-90BD-E5699C3BF800} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {5DD22CCF-017F-4D85-8182-019D4333D3F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-02-10] (Hewlett-Packard)
Task: {7D1CB416-7801-465E-A7B9-15FDDDFD0743} - System32\Tasks\Buzz-it Update => C:\Program Files (x86)\Buzz-it-soft\Buzzi.exe [2014-02-26] ()
Task: {A444B2D1-A300-44BF-8005-51B2310CB897} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {B355BB6F-B501-477C-8EB4-0023E3BEC791} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D40D39F6-154C-4A86-A071-07CE66792F16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02] (Google Inc.)
Task: {EFBEEC90-0724-48D6-85FF-E3B365935B1F} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2013-09-04] (filetypeadvisor.com                                         )
Task: {FE9DB189-457E-41A3-BBA1-4BD19CD581E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Buzz-it Update.job => C:\Program Files (x86)\Buzz-it-soft\Buzzi.exe
Task: C:\Windows\Tasks\Buzz-it_wd.job => C:\Program Files (x86)\Buzz-it-soft\Buzz-it_wd.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSternschnuppe.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-26 19:57 - 2014-02-26 19:57 - 00093184 _____ () C:\Program Files (x86)\Buzz-it-soft\Buzz-it_wd.exe
2014-02-26 19:57 - 2014-02-26 19:57 - 00192512 _____ () C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe
2012-12-03 21:28 - 2012-11-20 15:09 - 00188760 _____ () C:\Program Files\IB Updater\ExtensionUpdaterService.exe
2013-11-17 12:38 - 2011-02-07 08:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2012-05-16 01:24 - 2011-12-16 21:37 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-07-18 16:35 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\wincfi39.dll
2013-01-24 11:16 - 2013-01-24 11:16 - 00033272 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
2013-01-24 11:16 - 2013-01-24 11:16 - 00072256 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
2013-01-24 11:16 - 2013-01-24 11:16 - 00268864 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
2012-11-18 17:29 - 2012-11-18 17:29 - 00108448 _____ () C:\Program Files (x86)\IncrediMail\Bin\pmc.dll
2013-01-24 11:16 - 2013-01-24 11:16 - 00133696 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-01-08 11:33 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 11:33 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-11-06 13:48 - 2014-02-11 03:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-12-11 11:40 - 2014-02-25 22:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-11-06 13:48 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-01-24 11:16 - 2013-01-24 11:16 - 00080448 _____ () C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll
2014-02-26 19:55 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-07-18 16:35 - 2012-05-30 07:51 - 00699280 ____R () C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\wincfi39.dll
2014-03-12 20:13 - 2014-03-12 20:13 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2012-05-16 01:24 - 2011-12-16 19:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:F1175E1D

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/24/2014 04:46:22 PM) (Source: Application Hang) (User: )
Description: Programm Skype.exe, Version 6.11.60.102 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ff4

Startzeit: 01cf4777ea6019ad

Endzeit: 4

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID:

Error: (03/06/2014 07:19:03 PM) (Source: Application Hang) (User: )
Description: Programm PhotoScreensaver.scr, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 7aec

Startzeit: 01cf39661a989b61

Endzeit: 22

Anwendungspfad: C:\Windows\system32\PhotoScreensaver.scr

Berichts-ID: c812f206-a55b-11e3-93bb-e840f268d7e2

Error: (03/05/2014 03:20:34 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7601.18150, Zeitstempel: 0x518c6df8
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x6054
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3

Error: (03/05/2014 03:18:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7601.18150, Zeitstempel: 0x518c6df8
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x603c
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3

Error: (03/01/2014 02:27:40 PM) (Source: Application Hang) (User: )
Description: Programm IncMail.exe, Version 6.3.9.5254 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f60

Startzeit: 01cf354d4340d14d

Endzeit: 30

Anwendungspfad: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe

Berichts-ID: 3f41bab8-a145-11e3-8102-e840f268d7e2

Error: (03/01/2014 02:27:23 PM) (Source: Application Hang) (User: )
Description: Programm wmplayer.exe, Version 12.0.7601.18150 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3b40

Startzeit: 01cf3551eeffed16

Endzeit: 28

Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Berichts-ID: 34957ca7-a145-11e3-8102-e840f268d7e2

Error: (03/01/2014 01:50:21 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070005

Error: (02/21/2014 07:02:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: jxpiinstall(1).exe, Version: 7.0.510.13, Zeitstempel: 0x52b28ed6
Name des fehlerhaften Moduls: jxpiinstall(1).exe, Version: 7.0.510.13, Zeitstempel: 0x52b28ed6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00012d7d
ID des fehlerhaften Prozesses: 0xa20
Startzeit der fehlerhaften Anwendung: 0xjxpiinstall(1).exe0
Pfad der fehlerhaften Anwendung: jxpiinstall(1).exe1
Pfad des fehlerhaften Moduls: jxpiinstall(1).exe2
Berichtskennung: jxpiinstall(1).exe3

Error: (02/17/2014 04:49:28 PM) (Source: Application Hang) (User: )
Description: Programm PhotoScreensaver.scr, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d70

Startzeit: 01cf2beb4d2bab67

Endzeit: 27

Anwendungspfad: C:\Windows\system32\PhotoScreensaver.scr

Berichts-ID: 11ce22ff-97eb-11e3-8568-e840f268d7e2

Error: (02/16/2014 10:17:18 PM) (Source: Application Hang) (User: )
Description: Programm PhotoScreensaver.scr, Version 6.1.7601.17514 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 20a4

Startzeit: 01cf2b5afe9cab3f

Endzeit: 1

Anwendungspfad: C:\Windows\system32\PhotoScreensaver.scr

Berichts-ID: b327c296-974f-11e3-8373-e840f268d7e2


System errors:
=============
Error: (03/24/2014 04:48:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/24/2014 04:48:05 PM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (03/24/2014 04:44:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/24/2014 04:44:04 PM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (03/24/2014 10:05:16 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/24/2014 10:05:16 AM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (03/23/2014 11:42:31 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/23/2014 11:42:31 AM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (03/22/2014 09:41:54 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/22/2014 09:41:54 AM) (Source: Application Popup) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.


Microsoft Office Sessions:
=========================
Error: (03/24/2014 04:46:22 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.11.60.102ff401cf4777ea6019ad4C:\Program Files (x86)\Skype\Phone\Skype.exe

Error: (03/06/2014 07:19:03 PM) (Source: Application Hang)(User: )
Description: PhotoScreensaver.scr6.1.7601.175147aec01cf39661a989b6122C:\Windows\system32\PhotoScreensaver.scrc812f206-a55b-11e3-93bb-e840f268d7e2

Error: (03/05/2014 03:20:34 PM) (Source: Application Error)(User: )
Description: wmplayer.exe12.0.7601.18150518c6df8unknown0.0.0.000000000c000000500000000605401cf387e120290ffC:\Program Files (x86)\Windows Media Player\wmplayer.exeunknown50008109-a471-11e3-aefd-e840f268d7e2

Error: (03/05/2014 03:18:53 PM) (Source: Application Error)(User: )
Description: wmplayer.exe12.0.7601.18150518c6df8unknown0.0.0.000000000c000000500000000603c01cf387dd4a6e17fC:\Program Files (x86)\Windows Media Player\wmplayer.exeunknown13fff9cf-a471-11e3-aefd-e840f268d7e2

Error: (03/01/2014 02:27:40 PM) (Source: Application Hang)(User: )
Description: IncMail.exe6.3.9.5254f6001cf354d4340d14d30C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe3f41bab8-a145-11e3-8102-e840f268d7e2

Error: (03/01/2014 02:27:23 PM) (Source: Application Hang)(User: )
Description: wmplayer.exe12.0.7601.181503b4001cf3551eeffed1628C:\Program Files (x86)\Windows Media Player\wmplayer.exe34957ca7-a145-11e3-8102-e840f268d7e2

Error: (03/01/2014 01:50:21 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - 1>Failed to compile: System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070005 
System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (02/21/2014 07:02:44 PM) (Source: Application Error)(User: )
Description: jxpiinstall(1).exe7.0.510.1352b28ed6jxpiinstall(1).exe7.0.510.1352b28ed6c000040900012d7da2001cf2f2f0d012fe0J:\Hörbücher\jxpiinstall(1).exeJ:\Hörbücher\jxpiinstall(1).exe5c63bdcd-9b22-11e3-8605-e840f268d7e2

Error: (02/17/2014 04:49:28 PM) (Source: Application Hang)(User: )
Description: PhotoScreensaver.scr6.1.7601.175141d7001cf2beb4d2bab6727C:\Windows\system32\PhotoScreensaver.scr11ce22ff-97eb-11e3-8568-e840f268d7e2

Error: (02/16/2014 10:17:18 PM) (Source: Application Hang)(User: )
Description: PhotoScreensaver.scr6.1.7601.1751420a401cf2b5afe9cab3f1C:\Windows\system32\PhotoScreensaver.scrb327c296-974f-11e3-8373-e840f268d7e2


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 12244.2 MB
Available physical RAM: 9300.41 MB
Total Pagefile: 24486.57 MB
Available Pagefile: 21283.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1845.39 GB) (Free:1515.44 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:17.52 GB) (Free:2.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive j: (Expansion Drive) (Fixed) (Total:1863.01 GB) (Free:785.22 GB) NTFS
Drive t: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E6485F49)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 5F3CC7FB)
Partition 1: (Not Active) - (Size=-198626966528) - (Type=07 NTFS)

==================== End Of Log ============================

Skype habe ich mit Revo schon mal entfernt.

schrauber · 26.03.2014, 11:12

Du bist blind

Zitat:

IB Updater 2.0.0.550 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.550 - IncrediBar) <==== ATTENTION

hobbitine · 26.03.2014, 15:34

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 26.03.2014
Suchlauf-Zeit: 15:31:51
Logdatei: 
Administrator: Ja

Version: 2.00.0.1000
Malware Datenbank: v2014.03.26.04
Rootkit Datenbank: v2014.03.25.01
Lizenz: Testversion



	Code: 

 ATTFilter

  
	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sternschnuppe on 26.03.2014 at 15:50:56,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-93671772-2379690000-1990322554-1000\Software\ib updater
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{45F761FE-B2E0-425E-8DD0-86E363068F44}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{975EC1F3-19EA-448A-A407-7B1A68C9F353}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{975EC1F3-19EA-448A-A407-7B1A68C9F353}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Sternschnuppe\AppData\Roaming\mozilla\firefox\profiles\okbgvamm.default\prefs.js

user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_installer_name", "vbates_somoto_.exe");
user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_temp_installer_name", "vbates_somoto_.exe");
Emptied folder: C:\Users\Sternschnuppe\AppData\Roaming\mozilla\firefox\profiles\okbgvamm.default\minidumps [78 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.03.2014 at 15:56:14,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
 Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Sternschnuppe

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 271342
Verstrichene Zeit: 12 Min, 29 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 3
PUP.Optional.SweetPacks.A, C:\Program Files\IB Updater\ExtensionUpdaterService.exe, 2380, Löschen bei Neustart, [67752fd8a4d748ee198f44b906fa33cd]
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe, 2216, Löschen bei Neustart, [11cb48bfcab1d4624e589bbdda2830d0]
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft\Buzz-it_wd.exe, 1916, Löschen bei Neustart, [716b9572e992033371bc9fb32cd655ab]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 11
PUP.Optional.SweetPacks.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IB Updater, In Quarantäne, [67752fd8a4d748ee198f44b906fa33cd], 
PUP.Optional.IBUpdater, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{336D0C35-8A85-403A-B9D2-65C292C39087}, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{336D0C35-8A85-403A-B9D2-65C292C39087}, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, HKLM\SOFTWARE\CLASSES\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, HKLM\SOFTWARE\CLASSES\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}\INPROCSERVER32, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, HKU\S-1-5-21-93671772-2379690000-1990322554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{336D0C35-8A85-403A-B9D2-65C292C39087}, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, HKU\S-1-5-21-93671772-2379690000-1990322554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{336D0C35-8A85-403A-B9D2-65C292C39087}, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.BuzzIT.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BUZZ-IT, In Quarantäne, [11cb48bfcab1d4624e589bbdda2830d0], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-93671772-2379690000-1990322554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCHPROTECTINT, In Quarantäne, [2fad58af82f98ea88dfaa2bf43bf35cb], 

Registrierungswerte: 11
PUP.Optional.NextLive.A, HKU\S-1-5-21-93671772-2379690000-1990322554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\Sternschnuppe\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, In Quarantäne, [b329fe095e1de84e852167e404fd7090]
PUP.Optional.VBates, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, In Quarantäne, [706c3ccb3546e74fd7cc887e43bf8080], 
PUP.Optional.VBates, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, In Quarantäne, [706c3ccb3546e74fd7cc887e43bf8080]
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}, C:\Program Files\V-bates\Firefox, In Quarantäne, [706c3ccb3546e74fd7cc887e43bf8080]
PUP.Optional.VBates, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}, In Quarantäne, [37a5dc2b46352d095251e91dd82a6f91], 
PUP.Optional.IBUpdater, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{336D0C35-8A85-403A-B9D2-65C292C39087}, C:\Program Files\IB Updater\Firefox, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6]
PUP.Optional.IBUpdater, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{336D0C35-8A85-403A-B9D2-65C292C39087}, C:\Program Files\IB Updater\Firefox, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6]
PUP.Optional.BuzzIT.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BUZZ-IT|ImagePath, C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe, In Quarantäne, [11cb48bfcab1d4624e589bbdda2830d0]
PUP.Optional.IBUpdater, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IB UPDATER|ImagePath, C:\Program Files\IB Updater\ExtensionUpdaterService.exe, In Quarantäne, [4c908e7990ebb38329f986fe689b3fc1]
PUM.Bad.Proxy, HKU\S-1-5-21-93671772-2379690000-1990322554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:13828, In Quarantäne, [eaf23acdea911a1c80fed5bc768d42be]
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-93671772-2379690000-1990322554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCHPROTECTINT|Install, 1, In Quarantäne, [2fad58af82f98ea88dfaa2bf43bf35cb]

Registrierungsdaten: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-93671772-2379690000-1990322554-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP62DA7751-F4DA-4708-8777-B94675373D37&SSPV=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.conduit.com/?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP62DA7751-F4DA-4708-8777-B94675373D37&SSPV=),Ersetzt,[ad2fc641bdbe39fd34e12fcdbd46a759]

Ordner: 16
PUP.Optional.IBUpdater, C:\Program Files\IB Updater, Löschen bei Neustart, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\libraries, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\resources, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\locale, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\locale\en-US, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\skin, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\defaults, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\defaults\preferences, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\libraries, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\resources, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.NextLive.A, C:\Users\Sternschnuppe\AppData\Roaming\newnext.me, In Quarantäne, [c01c3ec93c3f2016313de9656a986d93], 
PUP.Optional.NextLive.A, C:\Users\Sternschnuppe\AppData\Roaming\newnext.me\cache, In Quarantäne, [c01c3ec93c3f2016313de9656a986d93], 
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft, Löschen bei Neustart, [716b9572e992033371bc9fb32cd655ab], 

Dateien: 34
PUP.Optional.SweetPacks.A, C:\Program Files\IB Updater\ExtensionUpdaterService.exe, Löschen bei Neustart, [67752fd8a4d748ee198f44b906fa33cd], 
PUP.Optional.NextLive.A, C:\Users\Sternschnuppe\AppData\Roaming\newnext.me\nengine.dll, In Quarantäne, [b329fe095e1de84e852167e404fd7090], 
PUP.Optional.InstallCore.A, C:\Users\Sternschnuppe\AppData\Roaming\VOPackage\Setup.exe, In Quarantäne, [02dabf48aad13402c7d2ce1956ad659b], 
PUP.Optional.NextLive.A, C:\Users\Sternschnuppe\AppData\Local\genienext\nengine.dll, In Quarantäne, [fbe14fb897e496a0e6c076d5ad541ce4], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [5488d037de9df0464ea9f56622e07a86], 
PUP.Optional.BuzzIT.A, C:\Windows\Tasks\Buzz-it Update.job, In Quarantäne, [ca1240c719623df99cdb64f8f111df21], 
PUP.Optional.BuzzIT.A, C:\Windows\Tasks\Buzz-it_wd.job, In Quarantäne, [904c10f7aad121153f3891cb12f0d12f], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\source.crx, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Extension32.dll, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Extension64.dll, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\InstallerHelper.dll, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\unins000.dat, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\unins000.exe, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome.manifest, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\install.rdf, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\main.js, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\main.xul, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\libraries\DataExchangeScript.js, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\content\resources\localscript.js, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\locale\en-US\overlay.dtd, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\chrome\skin\overlay.css, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\Firefox\defaults\preferences\defaults.js, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\libraries\DataExchangeScript.js, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.IBUpdater, C:\Program Files\IB Updater\resources\localscript.js, In Quarantäne, [875547c05c1f3bfb59c83054946f1ae6], 
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.exe, Löschen bei Neustart, [11cb48bfcab1d4624e589bbdda2830d0], 
PUP.Optional.NextLive.A, C:\Users\Sternschnuppe\AppData\Roaming\newnext.me\nengine.cookie, In Quarantäne, [c01c3ec93c3f2016313de9656a986d93], 
PUP.Optional.NextLive.A, C:\Users\Sternschnuppe\AppData\Roaming\newnext.me\cache\spark.bin, In Quarantäne, [c01c3ec93c3f2016313de9656a986d93], 
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft\155.dat, In Quarantäne, [716b9572e992033371bc9fb32cd655ab], 
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft\a.db, In Quarantäne, [716b9572e992033371bc9fb32cd655ab], 
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft\b.db, In Quarantäne, [716b9572e992033371bc9fb32cd655ab], 
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.bin, In Quarantäne, [716b9572e992033371bc9fb32cd655ab], 
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft\Buzz-it155.ini, In Quarantäne, [716b9572e992033371bc9fb32cd655ab], 
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft\Buzz-it_wd.exe, Löschen bei Neustart, [716b9572e992033371bc9fb32cd655ab], 
PUP.Optional.BuzzIT.A, C:\Program Files (x86)\Buzz-it-soft\Buzzi.exe, In Quarantäne, [716b9572e992033371bc9fb32cd655ab], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 26/03/2014 um 15:43:05
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Sternschnuppe - RUMPELKAMMER
# Gestartet von : J:\Hörbücher\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\SoftSafe
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\AlawarEntertainment
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Users\Sternschnuppe\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Sternschnuppe\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Sternschnuppe\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Sternschnuppe\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\Sternschnuppe\AppData\Roaming\AlawarEntertainment
Ordner Gelöscht : C:\Users\Sternschnuppe\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\youtubeunblocker@unblocker.yt
Ordner Gelöscht : C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
Datei Gelöscht : C:\Users\STERNS~1\AppData\Local\Temp\Uninstall.exe

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\Software\IB Updater
Schlüssel Gelöscht : HKLM\Software\ImInstaller
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\IB Updater

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");

*************************

AdwCleaner[R0].txt - [4876 octets] - [26/03/2014 15:41:00]
AdwCleaner[S0].txt - [4275 octets] - [26/03/2014 15:43:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4335 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sternschnuppe on 26.03.2014 at 15:50:56,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-93671772-2379690000-1990322554-1000\Software\ib updater
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{45F761FE-B2E0-425E-8DD0-86E363068F44}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{975EC1F3-19EA-448A-A407-7B1A68C9F353}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{975EC1F3-19EA-448A-A407-7B1A68C9F353}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Sternschnuppe\AppData\Roaming\mozilla\firefox\profiles\okbgvamm.default\prefs.js

user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_installer_name", "vbates_somoto_.exe");
user_pref("{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}.ScriptData_temp_installer_name", "vbates_somoto_.exe");
Emptied folder: C:\Users\Sternschnuppe\AppData\Roaming\mozilla\firefox\profiles\okbgvamm.default\minidumps [78 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.03.2014 at 15:56:14,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Sternschnuppe (administrator) on RUMPELKAMMER on 26-03-2014 16:00:25
Running from J:\Hörbücher
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
() C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
(Intel(R) Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2011-12-23] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] - C:\Program Files\IDT\WDM\beats64.exe [37888 2011-12-23] (Hewlett-Packard )
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [EPSON Stylus DX3800 Series] - C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIACE.EXE [98304 2005-02-08] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-05] (Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-93671772-2379690000-1990322554-1000\...\MountPoints2: {1d2790dc-9ef2-11e1-bcef-806e6f6e6963} - E:\Autorun.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
SearchScopes: HKLM - {975EC1F3-19EA-448A-A407-7B1A68C9F353} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\1-hs-sceneto.undefined.undefined
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\amazonde-hrbuch-shop-bcher.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\chefkochde.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\holidaycheck.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\hs-sceneto.undefined.undefined
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\weltbildde--.xml
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\youtube-videosuche.undefined.undefined
FF SearchPlugin: C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\searchplugins\youtube.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Add to Search Bar - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\add-to-searchbox@maltekraus.de.xpi [2012-12-03]
FF Extension: MEGA - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\firefox@mega.co.nz.xpi [2014-01-16]
FF Extension: Facebook Blocker - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\info@skymeissner.com.xpi [2013-07-29]
FF Extension: Personas Plus - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\personas@christopher.beard.xpi [2012-12-03]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-03-21]
FF Extension: Adblock Plus - C:\Users\Sternschnuppe\AppData\Roaming\Mozilla\Firefox\Profiles\okbgvamm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-03]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFF [2013-10-09]

==================== Services (Whitelisted) =================

S2 CLKMSVC10_38F51D56; c:\Program Files (x86)\Cyberlink\PowerDVD10\NavFilter\kmsvc.exe [241648 2011-02-25] (CyberLink)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-04-10] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20140319.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-11-25] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2013-11-25] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20140324.002\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-04-10] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140326.001\ENG64.SYS [126040 2013-11-25] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20140326.001\EX64.SYS [2099288 2013-11-25] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-07-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-26 15:56 - 2014-03-26 15:56 - 00001742 _____ () C:\Users\Sternschnuppe\Desktop\JRT.txt
2014-03-26 15:50 - 2014-03-26 15:50 - 00000000 ____D () C:\Windows\ERUNT
2014-03-26 15:40 - 2014-03-26 15:43 - 00000000 ____D () C:\AdwCleaner
2014-03-26 15:17 - 2014-03-26 15:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-26 15:17 - 2014-03-26 15:17 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-26 15:17 - 2014-03-26 15:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-26 15:17 - 2014-03-26 15:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-26 15:17 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-26 15:17 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-26 15:17 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-25 14:09 - 2014-03-25 14:09 - 00001266 _____ () C:\Users\Sternschnuppe\Desktop\Revo Uninstaller.lnk
2014-03-25 14:09 - 2014-03-25 14:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 17:20 - 2014-03-26 16:00 - 00000000 ____D () C:\FRST
2014-03-23 14:01 - 2014-03-23 14:01 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Islands5_realore_bigfishgames_de
2014-03-23 13:55 - 2014-03-23 13:55 - 00001159 _____ () C:\Users\Public\Desktop\Island Tribe 5.lnk
2014-03-23 13:47 - 2014-03-23 13:49 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\NPE
2014-03-15 14:06 - 2014-03-15 14:06 - 00001331 _____ () C:\Users\Sternschnuppe\Desktop\Minecraft CHEAT EDiTiON by BlackTBK.lnk
2014-03-13 15:48 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 15:48 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 15:48 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 15:48 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 15:48 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 15:48 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 15:48 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 15:48 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 15:48 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 15:48 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 15:48 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 15:48 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 15:48 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 15:48 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 15:48 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 15:48 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 15:48 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 15:48 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 15:48 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 15:48 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 15:48 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 15:48 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 15:48 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 15:48 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 15:48 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 15:48 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 15:48 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 15:48 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 15:48 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 15:48 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 15:48 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 15:48 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 15:48 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 15:48 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 15:48 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 15:48 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 15:48 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 15:48 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 15:48 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 15:48 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 15:48 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 15:48 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 15:48 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 15:48 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 15:47 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 15:47 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 15:47 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 15:47 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-01 14:06 - 2014-03-01 14:06 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-26 19:55 - 2014-02-28 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-26 19:55 - 2014-02-26 21:09 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-26 19:54 - 2014-02-26 19:54 - 21703480 _____ (Mozilla) C:\Users\Sternschnuppe\Downloads\Firefox Setup 22.0.exe
2014-02-26 19:53 - 2014-02-16 17:56 - 00000426 _____ () C:\AVScanner.ini
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\cache
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\.android
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 _____ () C:\Users\Sternschnuppe\daemonprocess.txt

==================== One Month Modified Files and Folders =======

2014-03-26 16:00 - 2014-03-24 17:20 - 00000000 ____D () C:\FRST
2014-03-26 15:56 - 2014-03-26 15:56 - 00001742 _____ () C:\Users\Sternschnuppe\Desktop\JRT.txt
2014-03-26 15:52 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-26 15:52 - 2009-07-14 05:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-26 15:51 - 2013-07-02 13:24 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-26 15:50 - 2014-03-26 15:50 - 00000000 ____D () C:\Windows\ERUNT
2014-03-26 15:45 - 2014-03-26 15:17 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-26 15:45 - 2014-01-02 20:00 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-26 15:45 - 2012-05-16 01:37 - 00000000 ____D () C:\ProgramData\PDFC
2014-03-26 15:44 - 2013-07-02 13:24 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 15:44 - 2012-12-03 18:19 - 01767888 _____ () C:\Windows\WindowsUpdate.log
2014-03-26 15:44 - 2010-11-21 04:47 - 00803502 _____ () C:\Windows\PFRO.log
2014-03-26 15:44 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-26 15:44 - 2009-07-14 05:51 - 00122552 _____ () C:\Windows\setupact.log
2014-03-26 15:43 - 2014-03-26 15:40 - 00000000 ____D () C:\AdwCleaner
2014-03-26 15:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Globalization
2014-03-26 15:22 - 2012-12-03 21:28 - 00000000 ____D () C:\ProgramData\IncrediMail
2014-03-26 15:17 - 2014-03-26 15:17 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-26 15:17 - 2014-03-26 15:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-26 15:17 - 2014-03-26 15:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-26 15:13 - 2012-12-03 19:21 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-26 15:11 - 2012-12-05 15:23 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-26 15:10 - 2012-12-27 09:17 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-25 17:59 - 2013-08-16 13:30 - 00043520 _____ () C:\Windows\SysWOW64\CmdLineExt03.dll
2014-03-25 17:38 - 2012-12-03 19:05 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6DF3B6D9-F082-432F-BF4B-152FA2C45AA8}
2014-03-25 15:58 - 2012-12-03 22:00 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-03-25 14:19 - 2013-11-16 12:25 - 00000000 ____D () C:\ProgramData\Skype
2014-03-25 14:18 - 2013-11-16 12:25 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Skype
2014-03-25 14:09 - 2014-03-25 14:09 - 00001266 _____ () C:\Users\Sternschnuppe\Desktop\Revo Uninstaller.lnk
2014-03-25 14:09 - 2014-03-25 14:09 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-24 19:27 - 2012-12-05 15:24 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSternschnuppe
2014-03-24 19:27 - 2012-12-05 15:24 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForSternschnuppe.job
2014-03-24 18:53 - 2012-05-16 01:05 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-03-24 18:53 - 2012-05-16 01:05 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-03-24 18:53 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-24 11:17 - 2014-02-10 11:17 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\FileAdvisor
2014-03-24 11:17 - 2014-02-09 11:17 - 00000000 ____D () C:\Program Files (x86)\File Type Advisor
2014-03-23 14:01 - 2014-03-23 14:01 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\Islands5_realore_bigfishgames_de
2014-03-23 13:55 - 2014-03-23 13:55 - 00001159 _____ () C:\Users\Public\Desktop\Island Tribe 5.lnk
2014-03-23 13:55 - 2012-12-04 10:08 - 00000000 ____D () C:\Program Files (x86)\Spiele
2014-03-23 13:49 - 2014-03-23 13:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\NPE
2014-03-23 13:48 - 2012-05-16 01:40 - 00000000 ____D () C:\ProgramData\Norton
2014-03-21 10:53 - 2012-12-05 16:13 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\vlc
2014-03-18 12:20 - 2013-08-14 22:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 12:16 - 2012-12-03 19:11 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-15 14:07 - 2013-12-23 17:06 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Roaming\.minecraft
2014-03-15 14:06 - 2014-03-15 14:06 - 00001331 _____ () C:\Users\Sternschnuppe\Desktop\Minecraft CHEAT EDiTiON by BlackTBK.lnk
2014-03-14 12:45 - 2013-03-13 19:03 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 12:45 - 2013-03-13 19:03 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 12:45 - 2009-07-14 05:45 - 00435280 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 20:39 - 2014-01-09 22:18 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 20:13 - 2012-12-03 19:21 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 20:13 - 2012-12-03 19:21 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 20:13 - 2012-05-16 01:30 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-09 18:13 - 2014-02-02 16:47 - 00000336 _____ () C:\Users\Sternschnuppe\Desktop\KNeuNam.ini
2014-03-05 15:20 - 2012-12-04 10:34 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\CrashDumps
2014-03-05 12:43 - 2013-11-17 12:28 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-03-05 09:26 - 2014-03-26 15:17 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-26 15:17 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-26 15:17 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-01 19:17 - 2011-02-11 18:15 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-01 14:06 - 2014-03-01 14:06 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 14:06 - 2014-03-01 14:06 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-01 07:05 - 2014-03-13 15:48 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 15:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 15:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 15:48 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 15:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 15:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 15:48 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 15:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 15:48 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 15:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 15:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 15:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 15:48 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 15:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 15:48 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 15:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 15:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 15:48 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 15:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 15:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 15:48 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 15:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 15:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 15:48 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 15:48 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 15:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 15:48 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 15:48 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 15:48 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 15:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 15:48 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 15:48 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 15:48 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 15:48 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 15:48 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 15:48 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 15:48 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 15:48 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 15:48 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 15:48 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 16:43 - 2014-02-26 19:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-26 21:09 - 2014-02-26 19:55 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-26 21:09 - 2014-02-14 18:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-26 19:54 - 2014-02-26 19:54 - 21703480 _____ (Mozilla) C:\Users\Sternschnuppe\Downloads\Firefox Setup 22.0.exe
2014-02-26 19:51 - 2012-12-03 19:05 - 00000000 ___RD () C:\Users\Sternschnuppe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\AppData\Local\cache
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 ____D () C:\Users\Sternschnuppe\.android
2014-02-26 19:47 - 2014-02-26 19:47 - 00000000 _____ () C:\Users\Sternschnuppe\daemonprocess.txt
2014-02-26 19:47 - 2012-12-03 18:20 - 00000000 ____D () C:\Users\Sternschnuppe

Some content of TEMP:
====================
C:\Users\Sternschnuppe\AppData\Local\Temp\Quarantine.exe
C:\Users\Sternschnuppe\AppData\Local\Temp\SIntf16.dll
C:\Users\Sternschnuppe\AppData\Local\Temp\SIntf32.dll
C:\Users\Sternschnuppe\AppData\Local\Temp\SIntfNT.dll
C:\Users\Sternschnuppe\AppData\Local\Temp\swt-win32-3346.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-22 18:29

==================== End Of Log ============================

--- --- ---

Die Probleme scheinen behoben. Vielen Dank schon mal für deine Hilfe.

schrauber · 27.03.2014, 12:09

Kontrollscans

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

WINDOWS 7, 64bit - Werbefenster poppen auf - ständige Aufforderung Java o.ä. Updates zu machen

Log-Analyse und Auswertung: WINDOWS 7, 64bit - Werbefenster poppen auf - ständige Aufforderung Java o.ä. Updates zu machen