Unerklärliche PC abstürze

Blitzi · 28.03.2014, 17:58

Hallo.

Ich habe seit einiger Zeit unerklärliche PC abstürtze und weiß nicht wieso.

Ich habe zwar schon öfters mein AntivierenProgramm laufen lassen aber es hat nichts gefunden.
Skype funktioniert auch nicht mehr richtig.

Ich weiß nicht mehr was ich tun soll.

Könnte mir wer freundlicherweise helfen?

MFG
Blitzi

schrauber · 28.03.2014, 17:58

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Blitzi · 28.03.2014, 18:11

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Spieler (administrator) on HEIKEHARDER-HP on 28-03-2014 18:05:07
Running from C:\Users\Spieler.HeikeHarder-HP\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
() C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files\Video downloader\ExtensionUpdaterService.exe
() C:\Program Files\Video downloader\ExtensionUpdaterService.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(hxxp://yourfiledownloader.com) C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Smartbar) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M6.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Curse) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Apps\2.0\ZMP2Y4Q7.91E\ALEDZCCW.XAM\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M602\64\cpusrv.dat
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MRT] - C:\Windows\system32\MRT.exe [90015360 2014-03-19] (Microsoft Corporation)
HKLM-x32\...\Run: [Sweetpacks Communicator] - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Version Cue CS2] - c:\Users\Heike Harder\Documents\Downloads\Creative Suite 2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [Aeria Ignite] - "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [738496 2013-10-18] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax] - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax_RESTART] - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Raptr] - C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2013-08-19] (Raptr, Inc)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Akamai NetSession Interface] - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Klebezettel NG] - [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Browser Infrastructure Helper] - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.exe [21536 2013-12-11] (Smartbar)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1306360 2013-12-17] (Bogdan Sharkov)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [37632 2014-02-16] (Overwolf LTD)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135160 2014-01-13] (PC Utilities Software Limited)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [M6] - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M6.exe [186880 2014-03-28] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [vm6] - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe [175424 2014-03-19] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\MountPoints2: {ae8f9719-3d80-11e3-91bb-6c626d9ce7a5} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\VoiceClient.exe
AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll => C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll File Not Found
AppInit_DLLs:  C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll => C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll File Not Found
AppInit_DLLs:  C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2681648 2014-01-25] ()
Startup: C:\Users\Heike Harder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
ShortcutTarget: tcbhn.lnk -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\BrowserCompanion\tcbhn.exe (No File)
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=hp&installDate=05/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=ds&q={searchTerms}&installDate=05/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=ds&q={searchTerms}&installDate=05/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://search.babylon.com/?affID=112542&tt=040912_mnt_3612_3&babsrc=HP_ss&mntrId=ecc3245c0000000000006c626d9ce7a5
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://blekko.com/ws/?source=017d87aa&toolbarid=blekkotb_020&u=20120429A1C949BDB74ACAEEDA80B3FC&tbp=homepage
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
URLSearchHook: HKLM-x32 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
URLSearchHook: HKLM-x32 - (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1390666556&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0Dzy0C0EyB0AyDtByEyD0CtN0D0Tzu0CtByDtDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1356037508
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=119&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=ds&q={searchTerms}&installDate=05/04/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=ds&q={searchTerms}&installDate=05/04/2013
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - bProtectorDefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=ds&q={searchTerms}&installDate=05/04/2013
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://blekko.com/ws/?source=017d87aa&tbp=rbox&toolbarid=blekkotb_020&u=20120429A1C949BDB74ACAEEDA80B3FC&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = 
SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = 
BHO: Feven 2.5 - {11111111-1111-1111-1111-110411901108} - C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho64.dll (Feven)
BHO: Plus-HD-9.5A - {11111111-1111-1111-1111-110511311166} - C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-bho64.dll (Plus-HD1)
BHO: Internet Turbo SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: V-bates - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Program Files\Video downloader\Extension64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} -  No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: Browser Companion Helper - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Feven 2.5 - {11111111-1111-1111-1111-110411901108} - C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho.dll (Feven)
BHO-x32: Plus-HD-9.5A - {11111111-1111-1111-1111-110511311166} - C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-bho.dll (Plus-HD1)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.7.2.0\bh\BabylonToolbar.dll No File
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Internet Turbo SmartbarEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: SuperLyrics - {3F954646-744D-46D8-8E07-AEF2486FAB9F} - C:\Program Files (x86)\SuperLyrics\sprlrcs.dll (Sven & Yorgen)
BHO-x32: No Name - {40c3cc16-7269-4b32-9531-17f2950fb06f} -  No File
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: V-bates - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Program Files\Video downloader\Extension32.dll ()
BHO-x32: Better-Surf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files (x86)\Better-Surf\ie\BetterSrf.dll No File
BHO-x32: No Name - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO-x32: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} -  No File
BHO-x32: No Name - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -  No File
BHO-x32: DVD Video Soft Toolbar - {cd8812d4-e5b8-41c6-94d4-59872a484bf1} - C:\Program Files (x86)\dvdvideosofttoolbar\dvdvideosofttoolbarX.dll ()
BHO-x32: Soda PDF 2012 Helper - {ebe8b562-cba0-40d8-b920-af7cfe0c9d94} - C:\Program Files (x86)\Soda PDF 2012\PDFIEHelper.dll (LULU Software)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO-x32: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Internet Turbo Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM-x32 - No Name - !{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - DVD Video Soft Toolbar - {cd8812d4-e5b8-41c6-94d4-59872a484bf1} - C:\Program Files (x86)\dvdvideosofttoolbar\dvdvideosofttoolbarX.dll ()
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll No File
Toolbar: HKLM-x32 - No Name - {a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} -  No File
Toolbar: HKLM-x32 - Soda PDF 2012 Toolbar - {a8c9d542-fd91-4834-a2e8-adb9ae692b8b} - C:\Program Files (x86)\Soda PDF 2012\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - No Name - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} -  No File
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - Internet Turbo Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} -  No File
Toolbar: HKCU - No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} -  No File
Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {32B29DF0-2237-4370-9A29-37CEBB730E9B} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default
FF user.js: detected! => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\user.js
FF NewTab: hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=nt&installDate=05/04/2013
FF DefaultSearchEngine: awesomehp
FF SearchEngineOrder.1: Search the web (Babylon)
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=hp&installDate=05/04/2013
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=ds&installDate=05/04/2013&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\\npsitesafety.dll No File
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\awesomehp.xml
FF Extension: media enhance - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com [2014-03-21]
FF Extension: Feven 2.5 - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com [2014-02-27]
FF Extension: I Want This - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\crossriderapp2258@crossrider.com [2012-06-08]
FF Extension: Plus-HD-9.5A - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\e46480cf-7cf6-495e-af69-573053f52c72@b33ab36d-5952-49aa-adb2-a41b3dbe51a5.com [2014-03-21]
FF Extension: Babylon - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\ffxtlbr@babylon.com [2013-05-08]
FF Extension: Funmoods.com - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\ffxtlbr@funmoods.com [2012-09-06]
FF Extension: Extension_Protected - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack [2014-01-25]
FF Extension: FineDeaLSoft - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\lvgnow@dnhktwg.co.uk [2014-03-15]
FF Extension: Internet Turbo - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{17372c46-39f1-4c28-8f8c-b25d9b57d042} [2014-01-25]
FF Extension: Wincore Mediabar - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} [2012-07-23]
FF Extension: Lightning Speed Dial - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\lightningnewtab@gmail.com.xpi [2014-01-25]
FF Extension: WEB.DE MailCheck - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\toolbar@web.de.xpi [2014-01-25]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2014-02-20]
FF Extension: Wajam - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2012-09-06]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2012-10-21]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-05-05]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-05-05]
FF HKLM\...\Firefox\Extensions: [{77BEC163-D389-42c1-91A4-C758846296A5}] - C:\Program Files\Video downloader\Firefox
FF Extension: V-bates - C:\Program Files\Video downloader\Firefox [2013-04-05]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-11]
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDFConverter2012@sodapdf.com] - C:\Program Files (x86)\Soda PDF 2012\FFSodaExt2012
FF Extension: Soda PDF 2012 Converter For Firefox - C:\Program Files (x86)\Soda PDF 2012\FFSodaExt2012 [2012-06-04]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [{77BEC163-D389-42c1-91A4-C758846296A5}] - C:\Program Files\Video downloader\Firefox
FF Extension: V-bates - C:\Program Files\Video downloader\Firefox [2013-04-05]
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files (x86)\Better-Surf\ff [2013-11-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF Extension: Better Surf Plus - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [2013-12-10]
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha701.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha701\ff
FF Extension: Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha701\ff [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta541.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta541\ff
FF Extension: Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta541\ff [2014-01-10]
FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\lightningnewtab@gmail.com.xpi
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\lightningnewtab@gmail.com.xpi [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha718.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff
FF Extension: Media Player - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1479.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff
FF Extension: Media Viewer - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff [2014-02-23]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha3700.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff [2014-02-27]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha9390.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff [2014-03-15]
FF HKCU\...\Firefox\Extensions: [superlrcs@svenyor.net] - C:\Program Files (x86)\SuperLyrics\FF\
FF Extension: SuperLyrics - C:\Program Files (x86)\SuperLyrics\FF\ []
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.awesomehp.com/?type=sc&ts=1390666556&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612

Chrome: 
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=hp&installDate=05/04/2013
CHR RestoreOnStartup: "hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=hp&installDate=05/04/2013"
CHR DefaultSearchKeyword: awesomehp
CHR DefaultSearchProvider: awesomehp
CHR DefaultSearchURL: hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
CHR Extension: (Media Watch) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\algmmgkfpeaonhjgdngihpchbgkpjnfp [2014-03-22]
CHR Extension: (Funmoods) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh [2014-02-23]
CHR Extension: (SuperLyrics) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho [2014-02-23]
CHR Extension: (Browser Companion Helper) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2014-02-23]
CHR Extension: (McAfee Security Scan+) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-23]
CHR Extension: (Extended Protection) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml [2014-01-25]
CHR Extension: (SpeedDial) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj [2014-02-23]
CHR Extension: (Video Player) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfgledepjjmkiehpaonaiannadjjdnc [2014-02-23]
CHR Extension: (Media View) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcaiicgcjkjiagjocmccmcmncckndcmh [2014-02-27]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-02-23]
CHR Extension: (Wajam) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2014-02-23]
CHR Extension: (Media View) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\laaciepchcabcfgpniblbiecldehkbae [2014-03-15]
CHR Extension: (media enhance) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-21]
CHR Extension: (V-bates) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-03-21]
CHR Extension: (Media Viewer) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnobaakadehgcjbhieegodlndablmao [2014-02-23]
CHR Extension: (Better Surf Plus) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl [2014-02-23]
CHR Extension: (I Want This) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk [2014-02-23]
CHR Extension: (FineDeaLSoft) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkfigoajimddlnfnhlkkbjdgkkigccil [2014-03-06]
CHR Extension: (Google Wallet) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-23]
CHR Extension: (Webexp Enhanced) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\oammkkggampaadcifnaiknbcokpencei [2014-02-23]
CHR Extension: (Plus-HD-9.5A) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnkgiapbjhdboldbhkagdodklkphaip [2014-03-21]
CHR Extension: (Feven 2.5) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkbhkhbgdaamliaimlpdlhokkecoibka [2014-01-25]
CHR Extension: (Lightning speedDial) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn [2014-02-23]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\SPIELE~1.HEI\AppData\Local\funmoods.crx [2012-09-06]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\SPIELE~1.HEI\AppData\Local\funmoods-speeddial.crx [2012-09-06]
CHR HKCU\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\SPIELE~1.HEI\AppData\Local\funmoods.crx [2012-09-06]
CHR HKCU\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\SPIELE~1.HEI\AppData\Local\funmoods-speeddial.crx [2012-09-06]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\SPIELE~1.HEI\AppData\Local\funmoods.crx [2012-09-06]
CHR HKLM-x32\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files (x86)\SuperLyrics\Chrome.crx [2013-04-23]
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [2012-03-21]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\SPIELE~1.HEI\AppData\Local\funmoods-speeddial.crx [2012-09-06]
CHR HKLM-x32\...\Chrome\Extension: [edfgledepjjmkiehpaonaiannadjjdnc] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta541\ch\VideoPlayerV3beta541.crx [2014-01-07]
CHR HKLM-x32\...\Chrome\Extension: [fcaiicgcjkjiagjocmccmcmncckndcmh] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ch\MediaViewV1alpha3700.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-11]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Wajam\Chrome\wajam.crx [2012-06-14]
CHR HKLM-x32\...\Chrome\Extension: [laaciepchcabcfgpniblbiecldehkbae] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ch\MediaViewV1alpha9390.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [mlnobaakadehgcjbhieegodlndablmao] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ch\MediaViewerV1alpha1479.crx [2014-02-23]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2013-12-10]
CHR HKLM-x32\...\Chrome\Extension: [mpfapcdfbbledbojijcbcclmlieaoogk] - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\I Want This\Chrome\I Want This.crx [2012-05-23]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\HEIKEH~1\AppData\Local\Temp\YontooLayers.crx [2012-05-23]
CHR HKLM-x32\...\Chrome\Extension: [oammkkggampaadcifnaiknbcokpencei] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha701\ch\WebexpEnhancedV1alpha701.crx [2013-12-19]
CHR HKLM-x32\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2014-01-25]
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx [2014-01-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 70e6ca8c; C:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll [186496 2014-01-25] ()
R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [814344 2009-12-22] (ABBYY)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-01] (Adobe Systems)
S4 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-24] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-08-26] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-08-26] (CyberLink)
R2 DokanMounter; C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe [14848 2012-02-15] ()
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-06] (Hewlett-Packard)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-01-14] (Cherished Technololgy LIMITED)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [98560 2014-02-16] (Overwolf LTD)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] ()
S3 Soda PDF 2012 Helper Service; C:\Program Files (x86)\Soda PDF 2012\HelperService.exe [827224 2012-01-27] (LULU Software)
R2 Soda PDF 2012 Service; C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe [905560 2012-01-27] (LULU Software)
R2 V-bates Updater; C:\Program Files\Video downloader\ExtensionUpdaterService.exe [188760 2013-11-05] ()
R2 Video downloader Updater; C:\Program Files\Video downloader\ExtensionUpdaterService.exe [188760 2013-11-05] ()
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2012-06-14] (Wajam)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [493568 2014-01-25] (Cherished Technololgy LIMITED)
S2 vToolbarUpdater15.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [558592 2007-05-16] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-03-19] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2012-02-15] (Windows (R) Win 7 DDK provider)
S3 GrabsterSeries.X64; C:\Windows\System32\DRIVERS\GrabsterSeries.X64.SYS [377152 2010-01-22] ()
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation)
S3 iComp; C:\Windows\System32\DRIVERS\p2usbhum.sys [1794112 2009-12-09] (Conexant Systems Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-28] ()
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation                           )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-08-04] ()
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
S3 ZD1211BU(ZyDAS); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S3 ZDPSp50a64; C:\Windows\SysWOW64\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA))
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-08-26] (CyberLink Corp.)
U3 a6r0nt2o; C:\Windows\System32\Drivers\a6r0nt2o.sys [0 ] (Microsoft Corporation)
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S1 toqvakfe; \??\C:\Windows\system32\drivers\toqvakfe.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-28 18:05 - 2014-03-28 18:06 - 00056323 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-03-28 18:05 - 2014-03-28 18:05 - 00000000 ____D () C:\FRST
2014-03-28 18:04 - 2014-03-28 18:04 - 02157056 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-03-22 17:17 - 2014-03-22 17:17 - 00000000 ____D () C:\Program Files (x86)\MediaWatchV1
2014-03-21 13:15 - 2014-03-25 02:02 - 00000000 ____D () C:\ProgramData\MovieMode
2014-03-21 13:15 - 2014-03-25 02:02 - 00000000 ____D () C:\Program Files\V-bates
2014-03-21 12:01 - 2014-03-28 17:37 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing
2014-03-21 12:01 - 2014-03-25 02:02 - 00000000 ____D () C:\Program Files (x86)\media enhance
2014-03-21 12:01 - 2014-03-21 12:01 - 01172664 _____ (AnyProtect.com) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nspA788.tmp
2014-03-21 12:01 - 2014-03-21 12:01 - 00001171 _____ () C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2014-03-21 12:01 - 2014-03-21 12:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Uniblue
2014-03-21 12:01 - 2014-03-21 12:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\M6 Processing
2014-03-21 12:01 - 2014-03-21 12:01 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-03-21 12:00 - 2014-03-28 18:00 - 00003100 _____ () C:\Windows\Tasks\Plus-HD-9.5A-chromeinstaller.job
2014-03-21 12:00 - 2014-03-28 18:00 - 00002350 _____ () C:\Windows\Tasks\Plus-HD-9.5A-firefoxinstaller.job
2014-03-21 12:00 - 2014-03-28 18:00 - 00001520 _____ () C:\Windows\Tasks\Plus-HD-9.5A-updater.job
2014-03-21 12:00 - 2014-03-28 18:00 - 00001482 _____ () C:\Windows\Tasks\Plus-HD-9.5A-codedownloader.job
2014-03-21 12:00 - 2014-03-28 18:00 - 00001380 _____ () C:\Windows\Tasks\Plus-HD-9.5A-enabler.job
2014-03-21 12:00 - 2014-03-21 12:00 - 00004550 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5A-updater
2014-03-21 12:00 - 2014-03-21 12:00 - 00004512 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5A-codedownloader
2014-03-21 12:00 - 2014-03-21 12:00 - 00004410 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5A-enabler
2014-03-21 12:00 - 2014-03-21 12:00 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.5A
2014-03-21 11:59 - 2014-03-21 11:59 - 00370640 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Java.exe
2014-03-14 14:09 - 2014-03-14 14:09 - 00017547 _____ () C:\Users\Heike Harder\Desktop\Opera 12 Notes.html
2014-03-14 14:08 - 2014-03-14 14:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Roaming\Opera Software
2014-03-14 14:08 - 2014-03-14 14:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Local\Opera Software
2014-03-14 03:23 - 2014-03-14 03:23 - 00000600 _____ () C:\Windows\PFRO.log
2014-03-13 11:19 - 2014-03-13 11:43 - 487137968 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0013.avi
2014-03-13 09:46 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 09:46 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 09:46 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 09:46 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 09:46 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 09:46 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 09:46 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 09:46 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 09:46 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 09:46 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 09:46 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 09:46 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 09:46 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 09:46 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 09:46 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 09:46 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 09:46 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 09:46 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 09:46 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 09:46 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 09:46 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 09:46 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 09:46 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 09:46 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 09:46 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 09:46 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 09:45 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 09:45 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 09:45 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 09:45 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 09:45 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 09:45 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 09:45 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 09:45 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 09:45 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 09:45 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 09:45 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 09:45 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 09:45 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 09:45 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 09:45 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 09:45 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 09:45 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 09:45 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 09:45 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 09:45 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 09:44 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 09:44 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 14:19 - 2014-03-12 14:19 - 00001290 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-03-12 14:16 - 2013-08-17 14:02 - 03765592 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install.exe
2014-03-12 14:15 - 2014-03-12 14:16 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install (1).zip
2014-03-12 14:14 - 2014-03-12 14:15 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install.zip
2014-03-11 23:04 - 2014-03-25 10:46 - 00032768 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).sav
2014-03-11 23:04 - 2014-03-11 23:25 - 485259900 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0010.avi
2014-03-11 16:22 - 2005-03-13 18:17 - 01048576 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).gb
2014-03-11 15:28 - 2014-03-11 15:28 - 00391778 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).zip
2014-03-10 23:16 - 2014-03-10 23:25 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TeamViewer
2014-03-10 23:16 - 2014-03-10 23:16 - 05852336 _____ (TeamViewer GmbH) C:\Users\Spieler.HeikeHarder-HP\Downloads\TeamViewer_Setup_de.exe
2014-03-10 23:16 - 2014-03-10 23:16 - 00001168 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-06 09:38 - 2014-03-06 09:37 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-06 09:37 - 2014-03-06 09:37 - 00000000 ____D () C:\Program Files\Java
2014-03-06 09:34 - 2014-03-06 09:34 - 30796712 _____ (Oracle Corporation) C:\Users\Spieler.HeikeHarder-HP\Downloads\jre-7u51-windows-x64.exe
2014-03-06 08:41 - 2014-03-29 02:00 - 00000000 ____D () C:\ProgramData\FineDeaLSoft
2014-03-06 08:41 - 2014-03-06 08:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Packages
2014-03-06 08:41 - 2014-03-06 08:41 - 00000000 ____D () C:\ProgramData\70e7a22bf8ff262c
2014-02-27 19:33 - 2014-03-28 17:29 - 00002735 _____ () C:\Windows\setupact.log
2014-02-27 19:33 - 2014-02-27 19:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-27 19:26 - 2014-03-15 19:26 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-02-27 16:19 - 2014-02-27 16:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-27 16:19 - 2014-02-27 16:19 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Skype
2014-02-26 16:12 - 2014-02-26 16:12 - 00010285 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\Unbenannt 1.odt

==================== One Month Modified Files and Folders =======

2014-03-29 02:17 - 2011-02-10 13:16 - 00000000 ____D () C:\ProgramData\Recovery
2014-03-29 02:00 - 2014-03-06 08:41 - 00000000 ____D () C:\ProgramData\FineDeaLSoft
2014-03-29 02:00 - 2014-01-31 16:26 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\emu
2014-03-29 02:00 - 2014-01-23 19:42 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-03-29 02:00 - 2014-01-16 11:31 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-29 02:00 - 2013-12-10 15:14 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-03-29 02:00 - 2013-04-24 01:01 - 00000000 ____D () C:\Users\Gast
2014-03-29 02:00 - 2013-01-19 23:21 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Skype
2014-03-29 02:00 - 2012-12-09 21:30 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai
2014-03-29 02:00 - 2012-12-09 11:38 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-29 02:00 - 2012-10-02 21:27 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\RIFT
2014-03-29 02:00 - 2012-03-07 14:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-29 02:00 - 2012-01-31 16:10 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\FLEXnet
2014-03-29 02:00 - 2011-02-09 22:03 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-03-29 02:00 - 2011-01-27 11:25 - 00000000 ____D () C:\Users\Heike Harder
2014-03-29 02:00 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-29 02:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-03-29 01:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-28 18:06 - 2014-03-28 18:05 - 00056323 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-03-28 18:05 - 2014-03-28 18:05 - 00000000 ____D () C:\FRST
2014-03-28 18:04 - 2014-03-28 18:04 - 02157056 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-03-28 18:00 - 2014-03-21 12:00 - 00003100 _____ () C:\Windows\Tasks\Plus-HD-9.5A-chromeinstaller.job
2014-03-28 18:00 - 2014-03-21 12:00 - 00002350 _____ () C:\Windows\Tasks\Plus-HD-9.5A-firefoxinstaller.job
2014-03-28 18:00 - 2014-03-21 12:00 - 00001520 _____ () C:\Windows\Tasks\Plus-HD-9.5A-updater.job
2014-03-28 18:00 - 2014-03-21 12:00 - 00001482 _____ () C:\Windows\Tasks\Plus-HD-9.5A-codedownloader.job
2014-03-28 18:00 - 2014-03-21 12:00 - 00001380 _____ () C:\Windows\Tasks\Plus-HD-9.5A-enabler.job
2014-03-28 17:42 - 2013-09-03 21:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TS3Client
2014-03-28 17:38 - 2013-03-18 21:19 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Deployment
2014-03-28 17:38 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-28 17:38 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-28 17:37 - 2014-03-21 12:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing
2014-03-28 17:37 - 2014-01-25 17:15 - 00002224 _____ () C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job
2014-03-28 17:37 - 2012-12-09 22:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Overwolf
2014-03-28 17:37 - 2012-11-28 10:43 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Raptr
2014-03-28 17:36 - 2014-01-25 17:16 - 00001506 _____ () C:\Windows\Tasks\Feven 2.5-updater.job
2014-03-28 17:36 - 2014-01-25 17:16 - 00001454 _____ () C:\Windows\Tasks\Feven 2.5-codedownloader.job
2014-03-28 17:36 - 2014-01-25 17:16 - 00001332 _____ () C:\Windows\Tasks\Feven 2.5-enabler.job
2014-03-28 17:36 - 2014-01-25 17:15 - 00002276 _____ () C:\Windows\Tasks\Feven 2.5-chromeinstaller.job
2014-03-28 17:36 - 2013-04-05 19:03 - 00000394 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-03-28 17:33 - 2012-06-04 15:38 - 01762170 _____ () C:\Windows\WindowsUpdate.log
2014-03-28 17:31 - 2011-03-16 15:37 - 00000441 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-28 17:29 - 2014-02-27 19:33 - 00002735 _____ () C:\Windows\setupact.log
2014-03-28 17:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-28 17:28 - 2013-12-10 15:15 - 00051542 _____ () C:\Users\Spieler.HeikeHarder-HP\daemonprocess.txt
2014-03-28 17:19 - 2011-01-29 11:51 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP
2014-03-25 10:46 - 2014-03-11 23:04 - 00032768 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).sav
2014-03-25 02:02 - 2014-03-21 13:15 - 00000000 ____D () C:\ProgramData\MovieMode
2014-03-25 02:02 - 2014-03-21 13:15 - 00000000 ____D () C:\Program Files\V-bates
2014-03-25 02:02 - 2014-03-21 12:01 - 00000000 ____D () C:\Program Files (x86)\media enhance
2014-03-25 02:02 - 2009-07-14 08:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-24 17:30 - 2011-03-09 16:38 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\PDF Software
2014-03-23 10:25 - 2013-02-06 23:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Paint.NET
2014-03-22 22:30 - 2012-06-14 02:45 - 00000000 __SHD () C:\found.000
2014-03-22 17:17 - 2014-03-22 17:17 - 00000000 ____D () C:\Program Files (x86)\MediaWatchV1
2014-03-21 13:13 - 2012-02-21 20:37 - 00000000 ____D () C:\ProgramData\Babylon
2014-03-21 12:01 - 2014-03-21 12:01 - 01172664 _____ (AnyProtect.com) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nspA788.tmp
2014-03-21 12:01 - 2014-03-21 12:01 - 00001171 _____ () C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2014-03-21 12:01 - 2014-03-21 12:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Uniblue
2014-03-21 12:01 - 2014-03-21 12:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\M6 Processing
2014-03-21 12:01 - 2014-03-21 12:01 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-03-21 12:00 - 2014-03-21 12:00 - 00004550 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5A-updater
2014-03-21 12:00 - 2014-03-21 12:00 - 00004512 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5A-codedownloader
2014-03-21 12:00 - 2014-03-21 12:00 - 00004410 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5A-enabler
2014-03-21 12:00 - 2014-03-21 12:00 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.5A
2014-03-21 11:59 - 2014-03-21 11:59 - 00370640 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Java.exe
2014-03-20 21:45 - 2011-01-27 11:58 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-20 13:55 - 2013-06-26 14:11 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Audacity
2014-03-19 03:06 - 2013-08-16 08:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:01 - 2011-01-31 18:17 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 19:08 - 2013-01-07 22:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\.minecraft
2014-03-15 19:33 - 2012-04-12 12:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-15 19:26 - 2014-02-27 19:26 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-03-15 19:26 - 2014-01-29 19:26 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-14 14:15 - 2013-08-18 14:58 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-14 14:14 - 2013-10-04 13:37 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\alles
2014-03-14 14:09 - 2014-03-14 14:09 - 00017547 _____ () C:\Users\Heike Harder\Desktop\Opera 12 Notes.html
2014-03-14 14:09 - 2013-12-21 10:14 - 00004157 _____ () C:\Users\Heike Harder\daemonprocess.txt
2014-03-14 14:08 - 2014-03-14 14:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Roaming\Opera Software
2014-03-14 14:08 - 2014-03-14 14:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Local\Opera Software
2014-03-14 10:58 - 2012-04-12 12:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 10:58 - 2012-04-12 12:23 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-14 10:58 - 2011-05-23 09:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-14 10:57 - 2012-04-16 22:21 - 00000000 ____D () C:\Users\Heike Harder\AppData\Roaming\BrowserCompanion
2014-03-14 03:24 - 2013-08-22 08:23 - 00512328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 03:23 - 2014-03-14 03:23 - 00000600 _____ () C:\Windows\PFRO.log
2014-03-14 03:23 - 2013-03-13 15:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 03:23 - 2013-03-13 15:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 11:43 - 2014-03-13 11:19 - 487137968 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0013.avi
2014-03-12 14:19 - 2014-03-12 14:19 - 00001290 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-03-12 14:19 - 2012-03-25 11:15 - 00000000 ____D () C:\Program Files\Paint.NET
2014-03-12 14:16 - 2014-03-12 14:15 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install (1).zip
2014-03-12 14:15 - 2014-03-12 14:14 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install.zip
2014-03-12 14:12 - 2011-01-29 11:51 - 00152288 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-12 10:31 - 2014-01-11 23:50 - 00065536 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Blau (D).sav
2014-03-11 23:25 - 2014-03-11 23:04 - 485259900 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0010.avi
2014-03-11 16:21 - 2014-01-25 17:16 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-03-11 15:28 - 2014-03-11 15:28 - 00391778 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).zip
2014-03-10 23:25 - 2014-03-10 23:16 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TeamViewer
2014-03-10 23:16 - 2014-03-10 23:16 - 05852336 _____ (TeamViewer GmbH) C:\Users\Spieler.HeikeHarder-HP\Downloads\TeamViewer_Setup_de.exe
2014-03-10 23:16 - 2014-03-10 23:16 - 00001168 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-10 23:16 - 2012-04-16 21:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-06 09:37 - 2014-03-06 09:38 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-06 09:37 - 2014-03-06 09:37 - 00000000 ____D () C:\Program Files\Java
2014-03-06 09:34 - 2014-03-06 09:34 - 30796712 _____ (Oracle Corporation) C:\Users\Spieler.HeikeHarder-HP\Downloads\jre-7u51-windows-x64.exe
2014-03-06 08:41 - 2014-03-06 08:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Packages
2014-03-06 08:41 - 2014-03-06 08:41 - 00000000 ____D () C:\ProgramData\70e7a22bf8ff262c
2014-03-04 09:33 - 2014-01-16 10:36 - 00002383 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-01 10:18 - 2011-01-07 20:54 - 00799382 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 10:18 - 2011-01-07 20:54 - 00188890 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 10:18 - 2009-07-14 06:13 - 01903918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-01 07:05 - 2014-03-13 09:45 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 09:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 09:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 09:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 09:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 09:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 09:45 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 09:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 09:45 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 09:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 09:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 09:45 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 09:46 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 09:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 09:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 09:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 09:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 09:45 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 09:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 09:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 09:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 09:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 09:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 09:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 09:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 09:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 09:45 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 09:45 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 09:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 09:45 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 09:45 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 09:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 09:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 09:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 09:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 09:45 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 09:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 09:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 09:45 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 19:33 - 2014-02-27 19:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-27 16:19 - 2014-02-27 16:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-27 16:19 - 2014-02-27 16:19 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Skype
2014-02-27 16:19 - 2012-04-06 19:04 - 00000000 ____D () C:\ProgramData\Skype
2014-02-26 16:12 - 2014-02-26 16:12 - 00010285 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\Unbenannt 1.odt

Files to move or delete:
====================
C:\Users\Heike Harder\Okozo_Installer.exe
C:\Users\Public\CommonRTP.exe


Some content of TEMP:
====================
C:\Users\Heike Harder\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\BackupSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-14 03:54

==================== End Of Log ============================

--- --- ---

Blitzi · 28.03.2014, 18:12

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Spieler at 2014-03-28 18:06:26
Running from C:\Users\Spieler.HeikeHarder-HP\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Restricted Area Savegame Editor V1.00 - V1.09 (HKLM-x32\...\ Restricted Area Savegame Editor V1.00 - V1.09) (Version:  - )
3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 10 Professional Edition (HKLM-x32\...\{F1000000-0001-0000-0000-074957833700}) (Version: 10.501.159.70013 - ABBYY)
Action Replay DSi Code Manager (HKLM-x32\...\Action Replay DSi Code Manager_is1) (Version:  - )
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.110 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe InDesign CS2 (x32 Version: 004.000.000 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Photoshop Elements 6.0 (HKLM-x32\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 6.0 (x32 Version: 6.0 - Adobe Systems, Inc.) Hidden
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe Version Cue CS2 (x32 Version: 2.0 - Adobe Systems, Inc.) Hidden
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.12.2400) (Version: 1.12.2400 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.12.2400 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.12.2400 - Aeria Games & Entertainment) Hidden
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio Elements 10.0.9 (HKLM-x32\...\Ashampoo Burning Studio Elements_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
Ashampoo Office 2008 (C:\Program Files (x86)\Ashampoo\Ashampoo Office 2008) (HKLM-x32\...\sm-un1.u32) (Version:  - SoftMaker Software GmbH)
Ashampoo Photo Commander 7.60 (HKLM-x32\...\Ashampoo Photo Commander 7_is1) (Version: 7.6.0 - ashampoo GmbH & Co. KG)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.10 - Audible, Inc.)
Autostart ok-s 2.0 (HKLM-x32\...\{83832C13-FE26-4058-9BEB-89C422F569B3}) (Version: 1.0 - Olaf Koch)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 15.0.0.2 - AVG Technologies)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira Free Antivirus Packages (HKCU\...\Avira Free Antivirus Packages) (Version:  - ) <==== ATTENTION
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4489 - APN, LLC)
Babylon toolbar on IE (HKLM-x32\...\BabylonToolbar) (Version:  - BabylonToolbar) <==== ATTENTION
BabylonObjectInstaller (HKLM-x32\...\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}) (Version: 2.0.0.4 - Babylon Ltd)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BenVista PhotoZoom Classic 2.0 (HKCU\...\PhotoZoom Classic 2) (Version: 2.0 - BenVista Ltd)
BenVista PhotoZoom Express 3.0 (HKCU\...\PhotoZoom Express 3) (Version: 3.0 - BenVista Ltd)
Better Surf Plus (HKLM-x32\...\Better Surf Plus) (Version: 1.1 - Better Surf) <==== ATTENTION
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonanza Deals (remove only) (HKLM-x32\...\Bonanza Deals) (Version: 5.0.1.0 - Bonanza Deals) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 1.0.20.0 - Brother Industries, Ltd.)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version:  - ) <==== ATTENTION
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCEnhancer 3.2 (HKLM-x32\...\CCEnhancer) (Version: 3.2 - )
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
COMPUTERBILD App-Center (HKLM-x32\...\{21295604-BBCA-4A3E-B1D1-1B8A746C4A52}) (Version: 1.0.23 - J3S)
COMPUTERBILD-Cloud (HKLM\...\COMPUTERBILD-Cloud_is1) (Version:  - CyberGhost S.R.L.)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.3210 - CyberLink Corp.) Hidden
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.2024.53 - CyberLink Corp.)
CyberLink PowerDVD 11 (x32 Version: 11.0.2024.53 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.01 - Piriform)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.1.46 - INTENIUM GmbH)
Die Jade-Münze (HKLM-x32\...\Die Jade-Münze) (Version: 1.0.0.0 - INTENIUM GmbH)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
DomainInspect (HKLM-x32\...\DomainInspect) (Version:  - AntsSoft)
Dragon Age II (HKLM-x32\...\{4D565319-8B91-41cb-961C-0DDC86101AC5}) (Version: 1.00 - Electronic Arts, Inc.)
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.01 - Electronic Arts, Inc.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.04 - Electronic Arts, Inc.)
Drakensang - Am Fluss der Zeit (HKLM-x32\...\Drakensang_TRoT_is1) (Version:  - dtp)
Drakensang (Patch Version 1.1) (HKLM-x32\...\Drakensang_is1) (Version:  - dtp AG)
Drakensang 2 Savegame Editor (HKCU\...\Drakensang 2 Savegame Editor) (Version:  - Philipp Jardas)
Drakensang Savegame Editor (HKCU\...\Drakensang Savegame Editor) (Version:  - Philipp Jardas)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
DVD Video Soft Toolbar (HKLM-x32\...\dvdvideosofttoolbar) (Version: 1.0.0.12 - )
DVDVideoSoftTB Toolbar (HKLM-x32\...\DVDVideoSoftTB Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.62 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Feven 2.5 (HKLM-x32\...\Feven 2.5) (Version: 1.34.1.21 - Feven) <==== ATTENTION
FineDeaLSoft (HKLM-x32\...\{0D566ABB-889B-AF39-7B6A-23D4C5D54542}) (Version:  - FinueDEalSSoft) <==== ATTENTION
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free 3GP Video Converter version 5.0.13.608 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version: 5.0.13.608 - DVDVideoSoft Ltd.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free Audio Converter version 5.0.21.1212 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.21.1212 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.27.717 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.27.717 - DVDVideoSoft Ltd.)
Free YouTube Download 3 version 3.0.6.715 (HKLM-x32\...\Free YouTube Download 3_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube Download version 3.2.12.827 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.12.827 - DVDVideoSoft Ltd.)
Free YouTube to DVD Converter version 3.0.3.923 (HKLM-x32\...\Free YouTube to DVD Converter_is1) (Version:  - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
GameWiz32 (HKLM-x32\...\GameWiz32) (Version: 1.43 - Nico Ebert)
Geheimnis von Montezuma (HKLM-x32\...\Geheimnis von Montezuma) (Version: 0.0.0.0 - INTENIUM GmbH)
Geheimnis von Montezuma 2 (HKLM-x32\...\Geheimnis von Montezuma 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Glitzerndes Troja (HKLM-x32\...\Glitzerndes Troja_is1) (Version:  - Contendo Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GRABSTER SERIES V1.0.0.65 (HKLM-x32\...\GRABSTER SERIES) (Version: 1.0.0.65 - )
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Harvard Publisher 6.0 (HKLM-x32\...\Harvard Publisher 6.0) (Version:  - )
Harvard Publisher 6.0 Inhalts-CD-ROM (HKLM-x32\...\Harvard Publisher 6.0 Inhalts-CD-ROM) (Version:  - )
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.2.4725 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.2.4517 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.2.4513 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.2.4522 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}) (Version: 5.1.8.12 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Hühner-Attacke (HKLM-x32\...\Hühner-Attacke) (Version: 0.0.0.0 - INTENIUM GmbH)
Hühner-Rache Deluxe Special (HKLM-x32\...\Hühner-Rache Deluxe Special) (Version:  - )
HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.27.01 - Hyperionics Technology LLC)
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 1.92.0.118480 - Bandoo Media Inc.) <==== ATTENTION
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM-x32\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
Internet Turbo (HKLM-x32\...\{B69EF583-75E4-4C52-B912-C711D937D648}) (Version: 10.197.20.13927 - ReSoft Ltd.)
Internet Turbo Engine (HKCU\...\{28583d9b-8f7d-474c-b990-7328c7428bae}) (Version: 10.197.20.13927 - ReSoft Ltd.)
iTunes (HKLM\...\{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}) (Version: 10.5.2.11 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 23 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.230 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (HKLM-x32\...\Jewel Quest Solitaire) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire II (HKLM-x32\...\Jewel Quest Solitaire II) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewel Quest Solitaire III (HKLM-x32\...\Jewel Quest Solitaire III) (Version: 1.0.0.0 - INTENIUM GmbH)
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Klebezettel NG (Version 2.9.12) (HKLM-x32\...\{4F81901F-3655-4340-8227-F687F69A3C79}}_is1) (Version:  - )
Land der Magie (HKLM-x32\...\Land der Magie) (Version: 1.0.0.0 - INTENIUM GmbH)
Legendary Demo (HKLM-x32\...\InstallShield_{A6755FD5-4CD1-44A7-8886-6C56FA0A9E21}) (Version: 1.00.0000 - Spark Unlimited)
Legendary Demo (x32 Version: 1.00.0000 - Spark Unlimited) Hidden
M6 Processing 1.0 (HKCU\...\M6 Processing) (Version: 1.0 - Pysy Software S.L.)
Magelo Sync (uninstall only) (HKLM\...\Magelo Sync) (Version:  - )
MAGIX Filme auf DVD Download-Version (x32 Version: 9.0.1.2 - MAGIX AG) Hidden
MAGIX Video deluxe 16 Plus Sonderedition Download-Version (HKLM-x32\...\MAGIX_MSI_Videodeluxe16_plus) (Version: 9.0.5.10 - MAGIX AG)
MAGIX Video deluxe 16 Plus Sonderedition Download-Version (x32 Version: 9.0.5.10 - MAGIX AG) Hidden
MAGIX Video deluxe 17 Download-Version (x32 Version: 10.0.1.14 - MAGIX AG) Hidden
Mah Jong Quest (HKLM-x32\...\Mah Jong Quest) (Version: 0.0.0.0 - INTENIUM GmbH)
Mah Jong Quest II (HKLM-x32\...\Mah Jong Quest II) (Version: 0.0.0.0 - INTENIUM GmbH)
Mah Jong Quest III (HKLM-x32\...\Mah Jong Quest III) (Version: 0.0.0.0 - INTENIUM GmbH)
Mahjongg – Ancient Egypt (HKLM-x32\...\Mahjongg – Ancient Egypt) (Version: 1.0.0.0 - INTENIUM GmbH)
Mahjongg – Ancient Mayas (HKLM-x32\...\Mahjongg – Ancient Mayas) (Version: 0.0.0.0 - INTENIUM GmbH)
Mahjongg Artifacts (HKLM-x32\...\Mahjongg Artifacts) (Version: 0.0.0.0 - INTENIUM GmbH)
Mahjongg Artifacts 2 (HKLM-x32\...\Mahjongg Artifacts 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Mahjongg Dimensions Deluxe: Tiles in Time (HKLM-x32\...\Mahjongg Dimensions Deluxe: Tiles in Time) (Version: 1.0.0.0 - INTENIUM GmbH)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Media Player (HKLM-x32\...\MediaPlayerV1alpha718) (Version: 1.1 - Media Player)
Media View (HKLM-x32\...\MediaViewV1alpha3700) (Version: 1.1 - Media View)
Media View (HKLM-x32\...\MediaViewV1alpha9390) (Version: 1.1 - Media View)
Media Viewer (HKLM-x32\...\MediaViewerV1alpha1479) (Version: 1.1 - Media Viewer)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{91110407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (BWDATOOLSET) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Moorhuhn Schatzjäger 3 (HKLM-x32\...\Moorhuhn Schatzjäger 3) (Version: 1.00 - phenomedia publishing gmbh)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Mozilla Firefox 13.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 13.0 (x86 de)) (Version: 13.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 13.0 - Mozilla)
Mozilla Thunderbird (3.1.7) (HKLM-x32\...\Mozilla Thunderbird (3.1.7)) (Version: 3.1.7 (de) - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery Solitaire: Secret Island (HKLM-x32\...\Mystery Solitaire: Secret Island) (Version: 0.0.0.0 - INTENIUM GmbH)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version:  - NCsoft)
NewPlayer (HKLM-x32\...\NewPlayer) (Version: v2.1.1.0 - TUGUU SL) <==== ATTENTION
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller Driver (x32 Version: 270.61 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.95.599 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 310.90 (Version: 310.90 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office-Bibliothek (HKLM-x32\...\{5C81B189-5456-40C4-9313-7FE6FA6DD64C}) (Version: 5.00.3 - Bibliographisches Institut & F.A. Brockhaus AG)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version:  - PC Utilities Software Limited) <==== ATTENTION
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{FE8E927E-8099-4C6B-A337-1CAB00E213C7}) (Version: 0.50.310 - Overwolf)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PCSUITE ADVISOR (HKLM-x32\...\PCSUITE_ADVISOR_PRO_is1) (Version:  - Markement GmbH)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Pinball Escape (HKLM\...\UDK-4601a1a3-d3ca-4b8b-99ca-a569081d9943) (Version:  - Epic Games, Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plus-HD-9.5A (HKLM-x32\...\Plus-HD-9.5A) (Version: 1.34.3.17 - Plus-HD1) <==== ATTENTION
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
PowerDirector (Version: 10.00.0000 - CyberLink Corp.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Restricted Area (HKLM-x32\...\Restricted Area_is1) (Version: Restricted Area - Master Creating)
Retter in der Not (HKLM-x32\...\Retter in der Not) (Version: 1.0.0.0 - INTENIUM GmbH)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
RIFT Beta (HKCU\...\RIFT-Beta) (Version:  - Trion Worlds, Inc.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version:  - )
Risen Hotfix 1.01 (HKLM-x32\...\{EE91E474-9298-47B8-817F-8E0042408998}) (Version: 1.01 - Deep Silver)
Ritter Arthur (HKLM-x32\...\Ritter Arthur) (Version: 1.0.0.0 - INTENIUM GmbH)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Serif PhotoPlus X2 (HKLM-x32\...\{FC935397-C56E-4EE3-B9BC-1F7F3EA6CE41}) (Version: 12.0.3.013 - Serif (Europe) Ltd)
Shaiya-DE (HKLM-x32\...\Shaiya-DE) (Version:  - )
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Soda PDF 2012 (HKLM-x32\...\{A5EB5C60-5303-46C2-ABC8-860D94A8A973}) (Version: 2.0.33.2835 - LULU Software)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.7 - ) <==== ATTENTION
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.3.0 - Uniblue Systems Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
SuperLyrics (HKLM-x32\...\superlrcs@svenyor.net) (Version:  - Sven & Yorgen) <==== ATTENTION
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
SweetPacks bundle uninstaller (HKLM-x32\...\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}) (Version: 1.0.0000 - SweetIM Technologies Ltd.) <==== ATTENTION
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.12 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
The Whispered World (HKLM-x32\...\{82225685-1513-4975-B624-155C10F3EE16}) (Version: 1.01 - Deep Silver)
The Witcher (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
TileSetMaker (HKLM-x32\...\TileSetMaker) (Version:  - )
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Torchlight (HKLM-x32\...\Runic Games Torchlight) (Version: 1.0.69.23 - )
Treiber-Studio 2013 (HKLM\...\{7660521A-062D-41F5-AA5E-CBA0E0511131}) (Version: 8.0.519 - Publish Data)
Uncompressor (HKCU\...\Uncompressor) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Updater Service (HKLM-x32\...\Updater Service) (Version: 14,1,1,3 - ) <==== ATTENTION
USB Audio/Video Driver (HKLM-x32\...\InstallShield_{015C057F-D7B9-4D82-B266-FBCF0178F382}) (Version: 1.00.0000 - )
USB Audio/Video Driver (x32 Version: 1.00.0000 - ) Hidden
USB Network Driver (HKLM-x32\...\{66ED8E01-C915-41F5-B33E-C5C31F27B885}) (Version: 2007.07.3 - )
V-bates 2.0.0.437 (HKLM\...\{77BEC163-D389-42c1-91A4-C758846296A5}_is1) (Version: 2.0.0.437 - Southstarco) <==== ATTENTION
Venetica (HKLM-x32\...\Venetica_is1) (Version:  - dtp)
Video Player (HKLM-x32\...\Video Player) (Version: 1.1 - Video Player) <==== ATTENTION
Video Thumbnails Maker by Scorp (remove only) (HKLM-x32\...\Video Thumbnails Maker) (Version:  - )
ViGlance (HKLM-x32\...\ViGlance) (Version: 1001194 - Lee-Soft.com)
Vindictus (HKLM-x32\...\Vindictus) (Version:  - )
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Vista Start Menu 3.36 (HKLM-x32\...\Vista Start Menu_is1) (Version: 3.36 - OrdinarySoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VP3 Codec Version 3.2.6.1 (HKLM-x32\...\VP3 Codec Version 3.2.6.1) (Version:  - )
Wajam (HKLM-x32\...\Wajam) (Version: 1.45 - Wajam) <==== ATTENTION
Webexp Enhanced (HKLM-x32\...\Webexp Enhanced) (Version: 1.1 - Webexp Enhanced) <==== ATTENTION
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Wincore MediaBar (HKLM-x32\...\Wincore MediaBar) (Version: 4.0.0.2881 - Musiclab, LLC) <==== ATTENTION
Windows iLivid Toolbar (HKLM-x32\...\Windows Searchqu Toolbar) (Version: 3.0.0.118320 - Bandoo Media, Inc) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.8.9.0 - Winload)
WPM17.8.0.3325 (HKLM-x32\...\WPM) (Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
XLink Kai Evolution 7 (HKLM-x32\...\{F90592EC-5E58-4EE6-A333-EC05ED57ACF4}) (Version: 7.1.7.7 - Team XLink)
Yontoo Layers Runtime 1.10.01 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.01 - Yontoo LLC) <==== ATTENTION
YourFileDownloader (HKCU\...\YourFileDownloader) (Version: 1.0.4 - hxxp://yourfiledownloader.com/) <==== ATTENTION
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
ZyDAS Wireless LAN (ZD1211 USB) (HKLM-x32\...\{CA701FF8-2D57-41B0-B70B-CB6908CE913D}) (Version: 1.00.0000 - ZyDAS Technology Corporation)

==================== Restore Points  =========================

12-03-2014 13:16:27 Paint.NET v3.5.11
14-03-2014 02:01:04 Windows Update
19-03-2014 02:00:35 Windows Update
21-03-2014 11:01:01 Uniblue SpeedUpMyPC installation

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01A8FBEE-F847-42AC-BA4F-00A1898D52EA} - System32\Tasks\{A1B14BEA-175E-4E8C-BEE2-5DDA0F36CE9D} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {03BF4D27-0973-4D9D-95F9-13E99149D8BE} - System32\Tasks\bProtector => Sc.exe start bProtector
Task: {07C3EB77-BAD1-4CE8-A8AC-7F7B2FC0B156} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] ()
Task: {099D38D9-347D-4927-A8D6-717739F0B2D9} - System32\Tasks\{7F6DEF33-A300-41FA-A541-DBEC7DD61924} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {10767F79-86BB-4CBE-A00F-FFEEAF2BB163} - System32\Tasks\{66C961E8-5007-4324-903F-35DBDB476678} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {14001BFE-1F98-4D9A-A750-6AE835038689} - System32\Tasks\{E285D0AD-6380-4D20-A7E3-50700C93908A} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {1D253A63-D540-4C66-B6C6-563742BC0F6E} - System32\Tasks\{9CA9B3AA-1AD3-4D26-BB36-A9DA9005BE34} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {1EDA99EA-7455-4F84-A4AD-D1CC2C972E15} - System32\Tasks\{A67E58E4-AE88-49A7-85A6-7453A92EB2A9} => C:\Program Files (x86)\Drakensang Online\thinclient.exe
Task: {228BDEE1-C8C3-4C7F-BEE3-91A0B6F66C2F} - System32\Tasks\{67DA8AEA-6354-42CE-B407-E33C42A282D5} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {23B7FBBE-A7D5-4A34-AD46-060CC765D92E} - System32\Tasks\{7FD504B3-841B-408D-8619-E88E190DA8D6} => C:\Program Files (x86)\Divinity II - Ego Draconis\Divinity_II_Patch_1.03_GERMAN.exe
Task: {245A5C11-D036-4CE3-A206-3D0087FF869D} - System32\Tasks\{85FDF290-C320-404D-84B8-6779231A31E0} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {2521C72D-ACF7-4E0D-9F18-A11B57FE74CC} - System32\Tasks\{68E7106A-FDBD-4F0D-8550-DF8A459AFE69} => C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
Task: {2553768B-2AE4-48DF-A613-C7A4A494EE9C} - System32\Tasks\{9CA5AF8D-3F0F-42C7-BD91-D915420ACFE3} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {25873280-90E2-4ABF-8132-3C02CBDE87D0} - System32\Tasks\Feven 2.5-chromeinstaller => C:\Program Files (x86)\Feven 2.5\Feven 2.5-chromeinstaller.exe [2014-01-25] (Feven) <==== ATTENTION
Task: {29C47B50-5DFF-438F-99CB-706D6E748C95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-27] (Google Inc.)
Task: {2D359077-ABF9-455A-A2BD-11A8CA7A3FAE} - System32\Tasks\{C9EE2AD4-524E-414F-A50C-DA6B832B5BF8} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {32D184EF-A82C-44B6-9E6E-23488E1E6F81} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {3DF64CDE-D27B-4C6D-BDBE-B77C15AE6721} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2355925718-3238339638-3018866954-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {42D95011-430F-42F0-A494-B45A84D8E644} - System32\Tasks\{897D3095-7A62-409F-BEF5-A770BF0CF4DE} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {49C78CDC-889A-45FC-B75C-6600F9966CAB} - System32\Tasks\{79015419-0F92-45C0-8EE4-4E179F736190} => C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
Task: {4D7CE54F-A316-4F1F-9A87-EF12C12DC7EC} - System32\Tasks\AmiUpdXp => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\SwvUpdater\Updater.exe [2013-07-21] (Amonetize ltd.) <==== ATTENTION
Task: {50806D0A-2107-49B6-A98D-57965254570C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {55C47305-75B5-48A0-908E-0D9AF695E449} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-09-18] (Hewlett-Packard Company)
Task: {56506F83-9B43-4450-B403-9696BE10DBD9} - System32\Tasks\{0D8E4BFB-4760-4899-941A-A04A53FD3A39} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {58C2BEB1-2B7A-4C4C-B1A1-AC302CE23429} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-27] (Google Inc.)
Task: {58D1CC36-2DB1-4333-8242-A9D00DC284C5} - System32\Tasks\Feven 2.5-codedownloader => C:\Program Files (x86)\Feven 2.5\Feven 2.5-codedownloader.exe [2014-01-25] (Feven) <==== ATTENTION
Task: {5A2C67D9-88D2-4AEC-B074-A4829C40D7C8} - System32\Tasks\{36C8FF93-8BD8-4E30-A5D6-ED25FFEC2812} => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [2014-03-14] (TeamSpeak Systems GmbH)
Task: {5D92F5D7-5F78-4E3B-AF91-2B41FEE2270B} - System32\Tasks\{4973F1FB-630E-40E2-9C70-88009C1BB43E} => C:\Program Files (x86)\Monte Cristo\Silverfall - Wächter der Elemente - Demo\SilverfallDemo.exe
Task: {5DF0F1DF-816A-4B0D-8969-D28DE8BE9CD6} - System32\Tasks\{1E96FC8D-8C2B-460C-9F54-28CBC2884878} => C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
Task: {6C474D59-BADE-4612-B48A-1DA5017652E1} - System32\Tasks\Feven 2.5-firefoxinstaller => C:\Program Files (x86)\Feven 2.5\Feven 2.5-firefoxinstaller.exe [2014-01-25] (Feven) <==== ATTENTION
Task: {71B4D24B-817F-41DE-BE2E-C87686063F41} - System32\Tasks\{500EE935-E46A-4AA0-AD58-8D8A54253987} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {74FB1AD8-296D-4FA7-B1F0-D01E746BCD72} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {7B12E0BF-43DB-4F65-8785-1D2E6D54C158} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe [2012-10-29] (hxxp://yourfiledownloader.com) <==== ATTENTION
Task: {8A6FC5E8-EF62-41F8-A8A5-3E3757027530} - System32\Tasks\{C58DA0D1-31F7-475E-BE33-B1F7592A93B5} => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [2014-03-14] (TeamSpeak Systems GmbH)
Task: {91694934-2F87-401B-8B0D-8F0944DDC76C} - System32\Tasks\Plus-HD-9.5A-enabler => C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-enabler.exe [2014-03-21] (Plus-HD1) <==== ATTENTION
Task: {91934300-CEC9-47DD-AB0B-98ED0BDB9100} - System32\Tasks\Plus-HD-9.5A-firefoxinstaller => C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-firefoxinstaller.exe [2014-03-21] (Plus-HD1) <==== ATTENTION
Task: {953B319A-52DE-4460-B15C-45ED8C6E5A27} - System32\Tasks\{7BDD7497-A7C0-4293-AC7A-CA49768B3715} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {9A3001AE-0F9D-453E-BAFE-78FE333C8D39} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-08-20] (CyberLink)
Task: {9EE58FF6-A4F8-4493-89EB-61F5B8006377} - System32\Tasks\{83F7BE8B-3672-4C01-806C-B8D7BADBA939} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {9F7A8A39-9A36-4B20-989E-CFCE33B1E8F2} - System32\Tasks\{EDA016A9-6648-481B-BB50-DF45ED33DA31} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {9F7CA800-2D8A-4033-A94A-9FC9B217E7A7} - System32\Tasks\{412675ED-C224-4FF8-8571-5445803EC050} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {AA0124CC-BC0A-4B21-8CDF-374DDF37F368} - System32\Tasks\Plus-HD-9.5A-chromeinstaller => C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-chromeinstaller.exe [2014-03-21] (Plus-HD1) <==== ATTENTION
Task: {AB2859EC-7065-4D93-AE2D-344A32FF0098} - System32\Tasks\{088F98D3-4398-4748-B038-7915992C069D} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {AC239D12-5FF9-4F16-8A55-EBEBEDA89C6D} - System32\Tasks\{AB9E4B60-D7D4-4489-A561-614D85309523} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {ADC8DFD5-05B7-48C8-A7CC-B236983A1808} - System32\Tasks\{F779D376-AED6-4FEE-B8E4-143428962663} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {B3279C17-9920-4EFF-98BD-52652976909F} - System32\Tasks\{8DB3F366-A097-4A5D-A000-0C16DFFE209E} => C:\Program Files (x86)\JoWooD\SpellForce Demo\SpellForced.exe
Task: {B63FF6D1-52A1-44F6-8079-FC59CAC150F7} - System32\Tasks\{19AA9B0E-513F-411F-8A36-5A48E0FDB28B} => C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
Task: {BA15EECA-B7C6-4088-9C2A-6DD3302112CA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {BE152DD4-9412-404F-975A-AA8027D5757E} - System32\Tasks\{C14076FC-5996-456C-B87D-9D686938FE02} => C:\Program Files (x86)\Datel\WiFi MAX\WM.EXE
Task: {BF2F502A-C412-4289-B7B9-25BBA3E3FE9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-09-18] (Hewlett-Packard Company)
Task: {BF4535F7-7D67-4A06-9535-F8EA8F75B06E} - System32\Tasks\Feven 2.5-updater => C:\Program Files (x86)\Feven 2.5\Feven 2.5-updater.exe [2014-01-25] (Feven) <==== ATTENTION
Task: {BFA405E4-5BEB-485B-98CB-9ECC004C7486} - System32\Tasks\Plus-HD-9.5A-codedownloader => C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-codedownloader.exe [2014-03-21] (Plus-HD1) <==== ATTENTION
Task: {C62C9580-EE55-4935-93AC-F8A8A80A7E06} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2355925718-3238339638-3018866954-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {CB364AAC-8A72-4DD4-B732-AA4FB27DADC6} - System32\Tasks\{FD932190-4DCE-4EFB-8275-CCB6841E084C} => C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
Task: {CD7FF6C1-E9D1-4FA5-9131-A6B5D93F3C3C} - System32\Tasks\{B26BBC9F-AC7C-4953-9FA7-CA011047A7F0} => C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
Task: {D0E886EE-2AB7-4E36-BEDA-B15643EBDA63} - System32\Tasks\{7A4735AA-26B5-4F00-A23A-E669986102AD} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {DC4A8E46-4BBC-43C4-B86A-962F9763E636} - System32\Tasks\{7DD8442C-43A1-46AA-8D56-18DE6AC9AA25} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {DC8D724C-1FC6-4E88-BFA8-431DBC63E82E} - System32\Tasks\{F003A125-9256-4022-8C48-DEA75D2EC1F8} => C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
Task: {DD1A7CB4-E492-40E3-9C7F-FABBE9236E96} - System32\Tasks\Plus-HD-9.5A-updater => C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-updater.exe [2014-03-21] (Plus-HD1) <==== ATTENTION
Task: {EB112395-5E92-4203-9283-9439B69C0623} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14] (Adobe Systems Incorporated)
Task: {EBB7FBBD-513B-4EF3-BE2F-03A46C4F49EF} - System32\Tasks\Feven 2.5-enabler => C:\Program Files (x86)\Feven 2.5\Feven 2.5-enabler.exe [2014-01-25] (Feven) <==== ATTENTION
Task: {F0265FC3-20B1-4069-B9C3-B431DE2697DA} - System32\Tasks\{17F06A71-0601-42A9-B5DB-F57D4063A6DE} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {FDB3A3A8-567C-4150-A17A-4444C631180E} - System32\Tasks\{13F537D5-0AB6-4A55-9307-8A4EF1088C32} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-chromeinstaller.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-codedownloader.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-enabler.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-updater.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-9.5A-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5A-codedownloader.job => C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5A-enabler.job => C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5A-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5A-updater.job => C:\Program Files (x86)\Plus-HD-9.5A\Plus-HD-9.5A-updater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-04-07 22:19 - 2012-12-29 09:40 - 00087480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-04-05 19:06 - 2005-03-11 23:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-09-22 14:16 - 2011-08-24 02:13 - 00083240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
2012-06-04 11:03 - 2012-02-15 16:05 - 00014848 _____ () C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe
2012-04-20 15:30 - 2010-08-19 10:43 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-11-07 14:31 - 2013-11-05 11:48 - 00188760 _____ () C:\Program Files\Video downloader\ExtensionUpdaterService.exe
2014-03-19 18:34 - 2014-03-28 17:20 - 00186880 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M6.exe
2014-03-19 18:34 - 2014-03-19 18:34 - 00175424 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe
2013-12-10 15:15 - 2013-10-18 09:40 - 00738496 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2013-05-21 02:49 - 2013-05-21 02:49 - 00014848 ____N () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Apps\2.0\ZMP2Y4Q7.91E\ALEDZCCW.XAM\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.WowDb.dll
2013-05-21 02:49 - 2013-05-21 02:49 - 00035840 ____N () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Apps\2.0\ZMP2Y4Q7.91E\ALEDZCCW.XAM\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.Advertising.dll
2013-05-21 02:49 - 2013-05-21 02:49 - 00099840 ____N () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Apps\2.0\ZMP2Y4Q7.91E\ALEDZCCW.XAM\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.CMOD2.dll
2014-03-28 17:37 - 2014-03-28 17:37 - 00099840 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M602\64\cpusrv.dat
2014-03-28 17:37 - 2014-03-28 17:37 - 00216576 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M602\64\libcurl-4.dll
2014-03-28 17:37 - 2014-03-28 17:37 - 00095744 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M602\64\zlib1.dll
2014-03-14 14:15 - 2014-03-14 14:15 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-14 14:15 - 2014-03-14 14:15 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-14 14:15 - 2014-03-14 14:15 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-08-06 08:19 - 2014-03-14 14:15 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-08-06 08:19 - 2014-03-14 14:15 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-14 14:15 - 2014-03-14 14:15 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-14 14:15 - 2014-03-14 14:15 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-08-06 08:19 - 2014-03-14 14:15 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-09 14:49 - 2014-03-14 14:15 - 00577480 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-14 14:15 - 2014-03-14 14:15 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-03-20 21:45 - 2014-03-19 11:00 - 01380704 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
2013-12-10 15:21 - 2013-12-10 15:19 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-09-22 14:16 - 2011-08-26 05:57 - 00260096 _____ () C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\sqlite3.dll
2014-02-14 03:38 - 2014-02-14 03:38 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2011-01-07 20:20 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-12-14 09:55 - 2012-03-19 10:26 - 00008608 _____ () C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00034848 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00063008 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\srau.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00150560 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00113184 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 02057760 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00055840 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\spbl.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00013344 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\siem.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00049184 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\sppsm.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00728096 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00082464 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00014368 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00017440 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-12-11 09:56 - 2013-12-11 09:56 - 00031264 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\srut.dll
2013-12-11 09:56 - 2013-12-11 09:56 - 00020512 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\srsbs.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00057888 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-12-11 09:56 - 2013-12-11 09:56 - 00014880 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\srpdm.dll
2013-04-05 19:04 - 2013-04-05 19:04 - 00911432 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00014368 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\sgml.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00053280 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00048160 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00026144 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00025632 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-12-11 09:55 - 2013-12-11 09:55 - 00248864 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\srns.dll
2014-03-05 19:30 - 2013-11-27 12:52 - 00025600 _____ () C:\Program Files (x86)\Overwolf\CoreAudioApi.dll
2014-03-05 19:29 - 2013-11-27 12:52 - 00607232 _____ () C:\Program Files (x86)\Overwolf\client_c_api_win32.dll
2014-03-23 21:50 - 2014-03-23 21:50 - 00129024 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M601\M601.plg
2014-03-28 17:37 - 2014-03-28 17:37 - 00149504 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M602\M602.plg
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2012-06-22 22:53 - 2012-06-22 22:53 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2012-06-22 22:24 - 2012-06-22 22:24 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2012-06-22 22:39 - 2012-06-22 22:39 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2012-06-22 22:55 - 2012-06-22 22:55 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 21:28 - 2012-02-06 21:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 21:28 - 2012-02-06 21:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 21:28 - 2012-02-06 21:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 20:01 - 2011-05-10 20:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2012-06-22 22:59 - 2012-06-22 22:59 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2012-10-27 08:53 - 2012-10-27 08:53 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-03-20 21:45 - 2014-03-19 11:00 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\libglesv2.dll
2014-03-20 21:45 - 2014-03-19 11:00 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\libegl.dll
2014-03-20 21:45 - 2014-03-19 11:00 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\ffmpegsumo.dll
2014-03-14 10:58 - 2014-03-14 10:58 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe /startup
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/28/2014 05:37:02 PM) (Source: Adobe Version Cue CS2) (User: )
Description: VersionCueCS2Tray.exe: openVCService - OpenService() failed <1060>

Error: (03/28/2014 05:30:12 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (03/28/2014 05:21:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: CVHSVC.EXE, Version: 14.0.7101.5000, Zeitstempel: 0x5175098b
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0x40000015
Fehleroffset: 0x0005beae
ID des fehlerhaften Prozesses: 0x14d8
Startzeit der fehlerhaften Anwendung: 0xCVHSVC.EXE0
Pfad der fehlerhaften Anwendung: CVHSVC.EXE1
Pfad des fehlerhaften Moduls: CVHSVC.EXE2
Berichtskennung: CVHSVC.EXE3

Error: (03/28/2014 05:20:34 PM) (Source: Adobe Version Cue CS2) (User: )
Description: VersionCueCS2Tray.exe: openVCService - OpenService() failed <1060>

Error: (03/28/2014 05:20:23 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (03/28/2014 10:27:23 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: opera_crashreporter.exe, Version: 0.0.0.0, Zeitstempel: 0x5329626b
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18205, Zeitstempel: 0x51db9710
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00039153
ID des fehlerhaften Prozesses: 0x1bd0
Startzeit der fehlerhaften Anwendung: 0xopera_crashreporter.exe0
Pfad der fehlerhaften Anwendung: opera_crashreporter.exe1
Pfad des fehlerhaften Moduls: opera_crashreporter.exe2
Berichtskennung: opera_crashreporter.exe3

Error: (03/28/2014 09:16:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7129

Error: (03/28/2014 09:16:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7129

Error: (03/28/2014 09:16:11 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/28/2014 09:16:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6115


System errors:
=============
Error: (03/28/2014 05:32:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/28/2014 05:32:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (03/28/2014 05:31:02 PM) (Source: ipnathlp) (User: )
Description: 192.168.2.100192.168.137.0255.255.255.0

Error: (03/28/2014 05:31:02 PM) (Source: ipnathlp) (User: )
Description: 

Error: (03/28/2014 05:30:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde mit folgendem dienstspezifischem Fehler beendet: %%1.

Error: (03/28/2014 05:30:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater15.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/28/2014 05:25:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/28/2014 05:25:21 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (03/28/2014 05:25:05 PM) (Source: ipnathlp) (User: )
Description: 192.168.2.100192.168.137.0255.255.255.0

Error: (03/28/2014 05:25:05 PM) (Source: ipnathlp) (User: )
Description: 


Microsoft Office Sessions:
=========================
Error: (03/28/2014 05:37:02 PM) (Source: Adobe Version Cue CS2)(User: )
Description: VersionCueCS2Tray.exeopenVCService - OpenService() failed <1060>

Error: (03/28/2014 05:30:12 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x0

Error: (03/28/2014 05:21:36 PM) (Source: Application Error)(User: )
Description: CVHSVC.EXE14.0.7101.50005175098bMSVCR90.dll9.0.30729.61614dace5b9400000150005beae14d801cf4aa1c7a196cbC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll083e5482-b695-11e3-886a-6c626d9ce7a5

Error: (03/28/2014 05:20:34 PM) (Source: Adobe Version Cue CS2)(User: )
Description: VersionCueCS2Tray.exeopenVCService - OpenService() failed <1060>

Error: (03/28/2014 05:20:23 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x0

Error: (03/28/2014 10:27:23 AM) (Source: Application Error)(User: )
Description: opera_crashreporter.exe0.0.0.05329626bRPCRT4.dll6.1.7601.1820551db9710c0000005000391531bd001cf477f53a7db63C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exeC:\Windows\syswow64\RPCRT4.dll2adcc03f-b65b-11e3-a4ae-6c626d9ce7a5

Error: (03/28/2014 09:16:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7129

Error: (03/28/2014 09:16:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7129

Error: (03/28/2014 09:16:11 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/28/2014 09:16:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6115


==================== Memory info =========================== 

Percentage of memory in use: 35%
Total physical RAM: 8055.08 MB
Available physical RAM: 5198.29 MB
Total Pagefile: 16108.34 MB
Available Pagefile: 12744.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1383.24 GB) (Free:725 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.92 GB) (Free:1.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397 GB) (Disk ID: B3DBC71D)

Partition: GPT Partition Type.

==================== End Of Log ============================

--- --- ---

schrauber · 29.03.2014, 09:56

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Blitzi · 29.03.2014, 12:11

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 29/03/2014 um 11:41:13
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Spieler - HEIKEHARDER-HP
# Gestartet von : C:\Users\Spieler.HeikeHarder-HP\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : 70e6ca8c
Dienst Gelöscht : Video downloader Updater
Dienst Gelöscht : WajamUpdater

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\blekko toolbars
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\bProtectorForWindows
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\MovieMode
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\WinMaximizer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue
Ordner Gelöscht : C:\Program Files (x86)\~BabylonToolbar
Ordner Gelöscht : C:\Program Files (x86)\AddLyrics
Ordner Gelöscht : C:\Program Files (x86)\BearShare Applications
Ordner Gelöscht : C:\Program Files (x86)\BetterSurf
Ordner Gelöscht : C:\Program Files (x86)\Better-Surf
Ordner Gelöscht : C:\Program Files (x86)\dvdvideosofttoolbar
Ordner Gelöscht : C:\Program Files (x86)\MediaPlayerV1
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\ParetoLogic
Ordner Gelöscht : C:\Program Files (x86)\Uncompressor
Ordner Gelöscht : C:\Program Files (x86)\uniblue
Ordner Gelöscht : C:\Program Files (x86)\VideoPlayerV3
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\Program Files (x86)\WebexpEnhancedV1
Ordner Gelöscht : C:\Program Files (x86)\Windows iLivid Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Yontoo Layers Runtime
Ordner Gelöscht : C:\Program Files (x86)\media enhance
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Plasmoo
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Program Files\Babylon
Ordner Gelöscht : C:\Program Files\v-bates
Ordner Gelöscht : C:\Program Files\Video downloader
Ordner Gelöscht : C:\Users\SPIELE~1.HEI\AppData\Local\Temp\Smartbar
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Public\Desktop\speedupmypc.lnk
Datei Gelöscht : C:\Windows\SysWOW64\conduitEngine.tmp
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\SPIELE~1.HEI\AppData\Local\Temp\searchqutoolbar-manifest.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\bProtector
Datei Gelöscht : C:\Windows\System32\Tasks\YourFile Update

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Opera.lnk
Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\Desktop\Search.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{77BEC163-D389-42c1-91A4-C758846296A5}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{77BEC163-D389-42c1-91A4-C758846296A5}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [lightningnewtab@gmail.com]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [superlrcs@svenyor.net]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bgnjcnjlaajofpendibcoodneacalfho
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pkndmigholgfjlniaohblojbhgjbkakn
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Schlüssel Gelöscht : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
Schlüssel Gelöscht : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\b
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\f
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ilivid
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\addlyrics_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\addlyrics_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdateHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBAutoUpdateHelper_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\smartbar_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Sweetpacks Communicator]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1351351
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2325506
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2704262
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_camstudio_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_camstudio_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cheatbook-database_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cheatbook-database_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cyberlink-powerdirector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cyberlink-powerdirector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-sound-recorder_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_free-sound-recorder_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hypercam_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hypercam_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_mwsnap_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_mwsnap_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_soundtap_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_soundtap_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_video-thumbnails-maker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_video-thumbnails-maker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vindictus_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_vindictus_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{77BEC163-D389-42C1-91A4-C758846296A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{40C3CC16-7269-4B32-9531-17F2950FB06F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77BEC163-D389-42C1-91A4-C758846296A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77BEC163-D389-42C1-91A4-C758846296A5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5812E8F-0E16-4C65-88F7-492D36174CB2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{77BEC163-D389-42C1-91A4-C758846296A5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD8812D4-E5B8-41C6-94D4-59872A484BF1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CD8812D4-E5B8-41C6-94D4-59872A484BF1}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{77BEC163-D389-42C1-91A4-C758846296A5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77BEC163-D389-42C1-91A4-C758846296A5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Babylon
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\bProtector
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DSNR Labs
Schlüssel Gelöscht : HKCU\Software\facemoods.com
Schlüssel Gelöscht : HKCU\Software\Funmoods
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\incredibar.com
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Babylon
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\WinMaximizer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\I Want This
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\MyAshampoo\toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Bandoo
Schlüssel Gelöscht : HKLM\Software\BonanzaDealsLive
Schlüssel Gelöscht : HKLM\Software\Cheat Engine\OpenCandy
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\ParetoLogic
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Video downloader
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\Software\WinMaximizer
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Uncompressor
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{608FB285-F572-48DE-AE44-28ABFF3F6BF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E513E8F5-24BC-4F37-B3CA-D41E84960E99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Video downloader
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{77BEC163-D389-42c1-91A4-C758846296A5}_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v13.0 (de)

-\\ Google Chrome v33.0.1750.146

*************************

AdwCleaner[R0].txt - [74444 octets] - [29/03/2014 11:40:39]
AdwCleaner[S0].txt - [67653 octets] - [29/03/2014 11:41:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [67714 octets] ##########

--- --- ---

~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Spieler on 29.03.2014 at 11:56:03,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etype_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypesetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeuninstall_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\etypeupdate_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\superlyricsupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\superlyricsupdater_rasmancs
Successfully deleted: [Registry Key] HKEY_USERS\.DEFAULT\Software\bProtector
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511311166}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511311166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Softonic_DeutschAutoUpdaterHelper_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\Softonic_DeutschAutoUpdaterHelper_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Softonic_DeutschAutoUpdaterHelper_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\Softonic_DeutschAutoUpdaterHelper_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F954646-744D-46D8-8E07-AEF2486FAB9F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F954646-744D-46D8-8E07-AEF2486FAB9F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3F954646-744D-46D8-8E07-AEF2486FAB9F}

~~~ Files

Successfully deleted: [File] "C:\Users\Spieler.HeikeHarder-HP\appdata\local\funmoods-speeddial.crx"
Successfully deleted: [File] "C:\Users\Spieler.HeikeHarder-HP\appdata\local\funmoods.crx"
Successfully deleted: [File] "C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"
Successfully deleted: [File] C:\Windows\syswow64\sho1828.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho27F5.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4656.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho48FC.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho64A8.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6C3B.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho7FB.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8FFE.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho938F.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho9437.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA932.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoADE1.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB2C3.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC847.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC9C0.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEA.tmp

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\etype"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\local\babylon"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\local\i want this"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\local\mobogenie"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\local\smartbar"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\local\tempdir"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\local\wajam"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\conduitengine"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\dvdvideosofttb"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\facemoods.com"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\funmoods"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\incredibar.com"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\searchquband"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\searchresultstb"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\smartbar"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\locallow\softonic"
Successfully deleted: [Folder] "C:\Program Files (x86)\superlyrics"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\microsoft\windows\start menu\programs\wajam"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\appdata\local\google\chrome\user data\default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0"
Successfully deleted: [Folder] "C:\Users\Spieler.HeikeHarder-HP\documents\optimizer pro"
Successfully deleted: [Empty Folder] C:\Users\Spieler.HeikeHarder-HP\appdata\local\{626743D8-48F3-4015-A1ED-6E84C39D57CB}
Successfully deleted: [Empty Folder] C:\Users\Spieler.HeikeHarder-HP\appdata\local\{70E83149-ACE9-4CAE-B9C2-7C7FC7DA13FA}
Successfully deleted: [Empty Folder] C:\Users\Spieler.HeikeHarder-HP\appdata\local\{B7577097-E597-466F-827F-B5DBD0279543}

~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted: [File] C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\user.js
Successfully deleted: [File] C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
Successfully deleted: [File] C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\extensions\{eee6c361-6118-11dc-9c72-001320c79847}.xpi
Successfully deleted: [File] C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\searchplugins\web search.xml
Successfully deleted: [Folder] C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\smartbar
Successfully deleted: [Folder] C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\sweetpackstoolbardata
Successfully deleted: [Folder] C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\extensions\ffxtlbr@babylon.com
Successfully deleted: [Folder] C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\extensions\ffxtlbr@funmoods.com
Successfully deleted the following from C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\prefs.js

user_pref("CT2319825.1000082.isPlayDisplay", "true");
user_pref("CT2319825.1000082.state", "{\"state\":\"stopped\",\"text\":\"1Live\",\"description\":\"1Live\",\"url\":\"hxxp://gffstream.ic.llnwd.net/stream/gffstream_stream_wdr_e
user_pref("CT2319825.1000234.TWC_TMP_city", "SULZBACH");
user_pref("CT2319825.1000234.TWC_TMP_country", "DE");
user_pref("CT2319825.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2319825.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2319825.FirstTime", "true");
user_pref("CT2319825.FirstTimeFF3", "true");
user_pref("CT2319825.ID", "49598849");
user_pref("CT2319825.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=2&q=");
user_pref("CT2319825.UserID", "UN11434160759576761");
user_pref("CT2319825.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT2319825.autoDisableScopes", 0);
user_pref("CT2319825.browser.search.defaultthis.engineName", true);
user_pref("CT2319825.defaultSearch", "true");
user_pref("CT2319825.embeddedsData", "[{\"appId\":\"128898076802619666\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT2319825.enableAlerts", "always");
user_pref("CT2319825.enableSearchFromAddressBar", "true");
user_pref("CT2319825.firstTimeDialogOpened", "true");
user_pref("CT2319825.fixPageNotFoundError", "true");
user_pref("CT2319825.fixPageNotFoundErrorInHidden", "true");
user_pref("CT2319825.fixUrls", true);
user_pref("CT2319825.installId", "ConduitNSISIntegration");
user_pref("CT2319825.installType", "ConduitNSISIntegration");
user_pref("CT2319825.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2319825.isNewTabEnabled", true);
user_pref("CT2319825.isPerformedSmartBarTransition", "true");
user_pref("CT2319825.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT2319825.keyword", true);
user_pref("CT2319825.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://Winload.OurTo
user_pref("CT2319825.openThankYouPage", "false");
user_pref("CT2319825.openUninstallPage", "true");
user_pref("CT2319825.search.searchAppId", "128898076802619666");
user_pref("CT2319825.search.searchCount", "0");
user_pref("CT2319825.searchInNewTabEnabledInHidden", "true");
user_pref("CT2319825.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2319825.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2319825.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\"}");
user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2319825\"}");
user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://Winload.OurToolbar.com//xpi\"}");
user_pref("CT2319825.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Winload\"}");
user_pref("CT2319825.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2319825.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1346673611388");
user_pref("CT2319825.serviceLayer_services_appsMetadata_lastUpdate", "1346673611306");
user_pref("CT2319825.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1346673611933");
user_pref("CT2319825.serviceLayer_services_login_10.10.20.14_lastUpdate", "1346673612111");
user_pref("CT2319825.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1346673611914");
user_pref("CT2319825.serviceLayer_services_searchAPI_lastUpdate", "1346673610966");
user_pref("CT2319825.serviceLayer_services_serviceMap_lastUpdate", "1346673610829");
user_pref("CT2319825.serviceLayer_services_toolbarContextMenu_lastUpdate", "1346673611864");
user_pref("CT2319825.serviceLayer_services_toolbarSettings_lastUpdate", "1346673610942");
user_pref("CT2319825.serviceLayer_services_translation_lastUpdate", "1346673611316");
user_pref("CT2319825.settingsINI", true);
user_pref("CT2319825.shouldFirstTimeDialog", "false");
user_pref("CT2319825.smartbar.CTID", "CT2319825");
user_pref("CT2319825.smartbar.Uninstall", "0");
user_pref("CT2319825.smartbar.homepage", true);
user_pref("CT2319825.smartbar.toolbarName", "Winload ");
user_pref("CT2319825.toolbarBornServerTime", "3-9-2012");
user_pref("CT2319825.toolbarCurrentServerTime", "3-9-2012");
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=13");
user_pref("Smartbar.ConduitSearchEngineList", "");
user_pref("Smartbar.ConduitSearchUrlList", "");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://dts.search-results.com/sr?src=ffb&appid=928&systemid=2&sr=0&q=");
user_pref("Smartbar.keywordURLSelectedCTID", "CT2319825");
user_pref("accessibility.lightning.homepage", "hxxp://www.awesomehp.com/?type=hp&ts=1390666556&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612");
user_pref("backup.old.browser.search.selectedEngine", "Search the web (Babylon)");
user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=nt&install
user_pref("browser.search.order.1", "Search the web (Babylon)");
user_pref("browser.search.selectedEngine", "Web Search");
user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=hp&i
user_pref("extensions.BabylonToolbar.admin", false);
user_pref("extensions.BabylonToolbar.aflt", "babsst");
user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
user_pref("extensions.BabylonToolbar.autoRvrt", "false");
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=112542&tt=040912_mnt_3612_3");
user_pref("extensions.BabylonToolbar.bbDpng", "22");
user_pref("extensions.BabylonToolbar.cntry", "DE");
user_pref("extensions.BabylonToolbar.dfltLng", "en");
user_pref("extensions.BabylonToolbar.dfltSrch", false);
user_pref("extensions.BabylonToolbar.dpkLst", "");
user_pref("extensions.BabylonToolbar.excTlbr", false);
user_pref("extensions.BabylonToolbar.hdrMd5", "7A669A103695C6925015AB03DE8C9F9E");
user_pref("extensions.BabylonToolbar.hmpg", false);
user_pref("extensions.BabylonToolbar.id", "ecc3245c0000000000006c626d9ce7a5");
user_pref("extensions.BabylonToolbar.instlDay", "15589");
user_pref("extensions.BabylonToolbar.instlRef", "sst");
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.7.2.014:24:10");
user_pref("extensions.BabylonToolbar.newTab", false);
user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"76\",\"lastVrsn\":\"76\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs
user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar.sg", "azb");
user_pref("extensions.BabylonToolbar.smplGrp", "azb");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.tlbrId", "base");
user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=ecc3245c0000000000006c626d9ce7a5&q=");
user_pref("extensions.BabylonToolbar.vrsn", "1.7.2.0");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.7.2.014:24:10");
user_pref("extensions.BabylonToolbar.vrsni", "1.7.2.0");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112542&tt=040912_mnt_3612_3");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.7.2.014:24:10");
user_pref("extensions.crossrider.bic", "1398c0075a3b08972f90921ff88f66cb");
user_pref("extensions.crossriderapp2258.2258.InstallationThankYouPage", true);
user_pref("extensions.crossriderapp2258.2258.InstallationTime", 1339172399);
user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.searchUserConifrmation", false);
user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setHomepage", false);
user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setNewTab", false);
user_pref("extensions.crossriderapp2258.2258.InstallationUserSettings.setSearch", false);
user_pref("extensions.crossriderapp2258.2258.active", true);
user_pref("extensions.crossriderapp2258.2258.addressbar", "");
user_pref("extensions.crossriderapp2258.2258.affid", "0");
user_pref("extensions.crossriderapp2258.2258.backgroundjs", "\n\n//\n");
user_pref("extensions.crossriderapp2258.2258.backgroundver", 51);
user_pref("extensions.crossriderapp2258.2258.can_run_bg_code", true);
user_pref("extensions.crossriderapp2258.2258.certdomaininstaller", "");
user_pref("extensions.crossriderapp2258.2258.changeprevious", false);
user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie.InstallationTime.value", "1339172399");
user_pref("extensions.crossriderapp2258.2258.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_aoi.value", "1339172399");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_country_code.expiration", "Sat Mar 01 2014 14:57:59 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_country_code.value", "%22DE%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_crr.value", "1393077523");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_hotfix20111102645.value", "%221%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%2220647%22%2C%22sub_id%22%3A%22default%22%2C%22uzid%22%3A%2220647%26su
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_parent_zoneid.value", "%2220647%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_product_id.value", "%221112%22");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie._GPL_zoneid.value", "%2243555%22");
user_pref("extensions.crossriderapp2258.2258.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.cookie.dbtest.value", "1368023979825");
user_pref("extensions.crossriderapp2258.2258.description", "I Want This!");
user_pref("extensions.crossriderapp2258.2258.domain", "");
user_pref("extensions.crossriderapp2258.2258.emailsig", "");
user_pref("extensions.crossriderapp2258.2258.enablesearch", false);
user_pref("extensions.crossriderapp2258.2258.exposesites", "");
user_pref("extensions.crossriderapp2258.2258.fbremoteurl", "");
user_pref("extensions.crossriderapp2258.2258.group", 0);
user_pref("extensions.crossriderapp2258.2258.homepage", "");
user_pref("extensions.crossriderapp2258.2258.iframe", false);
user_pref("extensions.crossriderapp2258.2258.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22B58F9AFED4F64B6BA1031795A72FB902IE%22%2C%22installer_verifier
user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_appVer.value", "144");
user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_lastVersion.value", "0");
user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_nextCheck.expiration", "Sat Feb 22 2014 20:57:59 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp2258.2258.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.crossriderapp2258.2258.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:21,baseCDN:\"co
user_pref("extensions.crossriderapp2258.2258.manifesturl", "");
user_pref("extensions.crossriderapp2258.2258.name", "I Want This");
user_pref("extensions.crossriderapp2258.2258.newtab", "");
user_pref("extensions.crossriderapp2258.2258.opensearch", "");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(b){if(void 0===this||null===this)throw n
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000014.ver", 15);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(b)
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.name", "GPL Background (BG)");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_1000015.ver", 38);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelectio
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_13.ver", 3);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_14.ver", 3);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.name", "FFAppAPIWrapper");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_16.ver", 7);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.name", "jQuery");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_17.ver", 4);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.name", "resources_background");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_47.ver", 3);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j){return(typeof j===\"object\"&&j!==null);};v
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.name", "appApiMessage");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_64.ver", 2);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var k={};var f=appAPI.appInfo.name;var l=fu
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.name", "appApiValidation");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_72.ver", 3);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigator!==\"undefined\"&&typeof navigator.userAgent
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_78.ver", 3);
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\";var a=function(){var d=function(g){if(g===tru
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_98.name", "omniCommands");
user_pref("extensions.crossriderapp2258.2258.plugins.plugin_98.ver", 2);
user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_0", "14,78,16,64,47,72,98,1000015");
user_pref("extensions.crossriderapp2258.2258.plugins_lists.plugins_1", "17,14,78,13,16,64,72,98,1000014");
user_pref("extensions.crossriderapp2258.2258.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/2258/plugins/081/ff/plugins.json");
user_pref("extensions.crossriderapp2258.2258.pluginsversion", 69);
user_pref("extensions.crossriderapp2258.2258.premium", true);
user_pref("extensions.crossriderapp2258.2258.publisher", "Innovative Apps");
user_pref("extensions.crossriderapp2258.2258.searchstatus", 0);
user_pref("extensions.crossriderapp2258.2258.setnewtab", false);
user_pref("extensions.crossriderapp2258.2258.settingsurl", "");
user_pref("extensions.crossriderapp2258.2258.thankyou", "hxxp://iw.antthis.com/thankyou.html");
user_pref("extensions.crossriderapp2258.2258.updateinterval", 360);
user_pref("extensions.crossriderapp2258.2258.ver", 144);
user_pref("extensions.crossriderapp2258.adsOldValue", -1);
user_pref("extensions.crossriderapp2258.apps", "2258");
user_pref("extensions.crossriderapp2258.bic", "1398c0075a3b08972f90921ff88f66cb");
user_pref("extensions.crossriderapp2258.cid", 2258);
user_pref("extensions.crossriderapp2258.firstrun", false);
user_pref("extensions.crossriderapp2258.hadappinstalled", true);
user_pref("extensions.crossriderapp2258.installationdate", 1346673604);
user_pref("extensions.crossriderapp2258.lastcheck", 23217969);
user_pref("extensions.crossriderapp2258.lastcheckitem", 23217969);
user_pref("extensions.crossriderapp2258.misc.lastBgWorkerTimer", "1393078147407");
user_pref("extensions.crossriderapp2258.misc.lastDomWorkerTimer", "1393078147405");
user_pref("extensions.crossriderapp2258.updating", true);
user_pref("extensions.funmoods.aflt", "iron2");
user_pref("extensions.funmoods.autoRvrt", false);
user_pref("extensions.funmoods.cntry", "DE");
user_pref("extensions.funmoods.cv", "cv5");
user_pref("extensions.funmoods.dfltLng", "");
user_pref("extensions.funmoods.dfltSrch", false);
user_pref("extensions.funmoods.dnsErr", true);
user_pref("extensions.funmoods.envrmnt", "production");
user_pref("extensions.funmoods.excTlbr", false);
user_pref("extensions.funmoods.hdrMd5", "46DE9F639BED714F3D785C7FED11B07F");
user_pref("extensions.funmoods.hmpg", false);
user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0Dzy0C0EyB0AyDtByEyD0CtN0D0Tzu0CtByDtDtN1L2XzutBtFtCtF
user_pref("extensions.funmoods.id", "6C626D9CE7A5245C");
user_pref("extensions.funmoods.instlDay", "15589");
user_pref("extensions.funmoods.instlRef", "iron2");
user_pref("extensions.funmoods.isdcmntcmplt", true);
user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2214:24:38");
user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
user_pref("extensions.funmoods.newTab", true);
user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0Dzy0C0EyB0AyDtByEyD0CtN0D0Tzu0CtByDtDtN1L2XzutBtFtC
user_pref("extensions.funmoods.pnu_base", "{\"newVrsn\":\"256\",\"lastVrsn\":\"256\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true\",\"msgTs\":0,\"lstMsgTs\":\
user_pref("extensions.funmoods.prdct", "funmoods");
user_pref("extensions.funmoods.prtnrId", "funmoods");
user_pref("extensions.funmoods.sg", "none");
user_pref("extensions.funmoods.smplGrp", "none");
user_pref("extensions.funmoods.srchPrvdr", "Search");
user_pref("extensions.funmoods.tlbrId", "base");
user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzuyC0CyCtByC0Dzy0C0EyB0AyDtByEyD0CtN0D0Tzu0CtByDtDtN1L2XzutBtF
user_pref("extensions.funmoods.vrsn", "1.5.23.22");
user_pref("extensions.funmoods.vrsnTs", "1.5.23.2214:24:38");
user_pref("extensions.funmoods.vrsni", "1.5.23.22");
user_pref("extensions.funmoods_i.newTab", true);
user_pref("extensions.funmoods_i.smplGrp", "none");
user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2214:24:38");
user_pref("extensions.helperbar.SmartbarDisabled", false);
user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
user_pref("extensions.wajam.affiliate_id", "6447");
user_pref("extensions.wajam.firstrun", "false");
user_pref("extensions.wajam.log_send_info", "false");
user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"update_interval\":1365,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\
user_pref("extensions.wajam.no_trace", "false");
user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
user_pref("extensions.wajam.trace_log", "1368024025197 - onFlagInfoReceived - Server mapping version: 0.21086\n1368024025198 - onFlagInfoReceived - No client-side server mappi
user_pref("extensions.wajam.unique_id", "59EDD4690CF0EE51DB27C89D48DDD270");
user_pref("extensions.wajam.user_current_mapping_version", "0");
user_pref("extensions.wajam.version", "1.25");
user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=ds&installDate=05
user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
user_pref("sweetim.toolbar.Visibility.enable", "true");
user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
user_pref("sweetim.toolbar.cargo", "3.1010000.10001");
user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
user_pref("sweetim.toolbar.dialogs.0.height", "335");
user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff_1_6.html");
user_pref("sweetim.toolbar.dialogs.0.width", "761");
user_pref("sweetim.toolbar.dialogs.1.enable", "true");
user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
user_pref("sweetim.toolbar.dialogs.1.height", "300");
user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
user_pref("sweetim.toolbar.dialogs.1.width", "500");
user_pref("sweetim.toolbar.dialogs.2.enable", "true");
user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
user_pref("sweetim.toolbar.dialogs.2.height", "150");
user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
user_pref("sweetim.toolbar.dialogs.2.width", "530");
user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=928&systemid=2&sr=0&q=");
user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.0.enable", "false");
user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "false");
user_pref("sweetim.toolbar.scripts.1.callback", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "");
user_pref("sweetim.toolbar.scripts.1.elementid", "id_predict_include_script");
user_pref("sweetim.toolbar.scripts.1.enable", "false");
user_pref("sweetim.toolbar.scripts.1.id", "id_script_prad");
user_pref("sweetim.toolbar.scripts.1.url", "hxxp://cdn1.predictad.com/scripts/publishers/sweetim/predictadme.js");
user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.2.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.2.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.2.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.2.enable", "false");
user_pref("sweetim.toolbar.scripts.2.id", "id_script_fb_hxxpS");
user_pref("sweetim.toolbar.scripts.2.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://sear
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.searchguard.enable", "false");
user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
user_pref("sweetim.toolbar.simapp_id", "{5102CEF7-5BA5-11E0-BA0A-6C626D9CE7A5}");
user_pref("sweetim.toolbar.version", "1.6.0.3");
Emptied folder: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\mozilla\firefox\profiles\6q039lkv.default\minidumps [1 files]

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Spieler.HeikeHarder-HP\appdata\local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Successfully deleted: [Folder] C:\Users\Spieler.HeikeHarder-HP\appdata\local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Successfully deleted: [Folder] C:\Users\Spieler.HeikeHarder-HP\appdata\local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Successfully deleted: [Folder] C:\Users\Spieler.HeikeHarder-HP\appdata\local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Successfully deleted: [Folder] C:\Users\Spieler.HeikeHarder-HP\appdata\local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.03.2014 at 12:02:05,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 29.03.2014 11:10:28, SYSTEM, HEIKEHARDER-HP, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 29.03.2014 11:10:41, SYSTEM, HEIKEHARDER-HP, Manual, Malware Database, 2014.3.4.9, 2014.3.29.1,

(end)

Blitzi · 29.03.2014, 12:16

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Spieler (administrator) on HEIKEHARDER-HP on 29-03-2014 12:14:21
Running from C:\Users\Spieler.HeikeHarder-HP\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
() C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M6.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M602\64\cpusrv.dat
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MRT] - C:\Windows\system32\MRT.exe [90015360 2014-03-19] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Version Cue CS2] - c:\Users\Heike Harder\Documents\Downloads\Creative Suite 2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [Aeria Ignite] - "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax] - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax_RESTART] - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Raptr] - C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2013-08-19] (Raptr, Inc)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Akamai NetSession Interface] - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Klebezettel NG] - [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1306360 2013-12-17] (Bogdan Sharkov)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [M6] - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M6.exe [186880 2014-03-28] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [vm6] - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe [175424 2014-03-19] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\MountPoints2: {ae8f9719-3d80-11e3-91bb-6c626d9ce7a5} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\VoiceClient.exe
Startup: C:\Users\Heike Harder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
ShortcutTarget: tcbhn.lnk -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\BrowserCompanion\tcbhn.exe (No File)
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = 
BHO: Feven 2.5 - {11111111-1111-1111-1111-110411901108} - C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho64.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Soda PDF 2012 Helper - {ebe8b562-cba0-40d8-b920-af7cfe0c9d94} - C:\Program Files (x86)\Soda PDF 2012\PDFIEHelper.dll (LULU Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - No Name - !{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} -  No File
Toolbar: HKLM - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -  No File
Toolbar: HKLM - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKLM - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} -  No File
Toolbar: HKLM-x32 - Soda PDF 2012 Toolbar - {a8c9d542-fd91-4834-a2e8-adb9ae692b8b} - C:\Program Files (x86)\Soda PDF 2012\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - No Name - !{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} -  No File
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -  No File
Toolbar: HKLM-x32 - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKLM-x32 - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} -  No File
Toolbar: HKCU - No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} -  No File
Toolbar: HKCU - No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} -  No File
Toolbar: HKCU - No Name - {32B29DF0-2237-4370-9A29-37CEBB730E9B} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\awesomehp.xml
FF Extension: media enhance - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com [2014-03-21]
FF Extension: Feven 2.5 - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com [2014-02-27]
FF Extension: I Want This - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\crossriderapp2258@crossrider.com [2012-06-08]
FF Extension: Extension_Protected - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack [2014-01-25]
FF Extension: FineDeaLSoft - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\lvgnow@dnhktwg.co.uk [2014-03-15]
FF Extension: Internet Turbo - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{17372c46-39f1-4c28-8f8c-b25d9b57d042} [2014-01-25]
FF Extension: Wincore Mediabar - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} [2012-07-23]
FF Extension: Lightning Speed Dial - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\lightningnewtab@gmail.com.xpi [2014-01-25]
FF Extension: WEB.DE MailCheck - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\toolbar@web.de.xpi [2014-01-25]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-05-05]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-05-05]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-11]
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDFConverter2012@sodapdf.com] - C:\Program Files (x86)\Soda PDF 2012\FFSodaExt2012
FF Extension: Soda PDF 2012 Converter For Firefox - C:\Program Files (x86)\Soda PDF 2012\FFSodaExt2012 [2012-06-04]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha718.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1479.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff
FF Extension: Media Viewer - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff [2014-02-23]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha3700.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff [2014-02-27]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha9390.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff [2014-03-15]

Chrome: 
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=hp&installDate=05/04/2013
CHR RestoreOnStartup: "hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=hp&installDate=05/04/2013"
CHR DefaultSearchKeyword: awesomehp
CHR DefaultSearchProvider: awesomehp
CHR DefaultSearchURL: hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
CHR Extension: (Media Watch) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\algmmgkfpeaonhjgdngihpchbgkpjnfp [2014-03-22]
CHR Extension: (SuperLyrics) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho [2014-02-23]
CHR Extension: (McAfee Security Scan+) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-23]
CHR Extension: (Video Player) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfgledepjjmkiehpaonaiannadjjdnc [2014-02-23]
CHR Extension: (Media View) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcaiicgcjkjiagjocmccmcmncckndcmh [2014-02-27]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-02-23]
CHR Extension: (Media View) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\laaciepchcabcfgpniblbiecldehkbae [2014-03-15]
CHR Extension: (media enhance) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-21]
CHR Extension: (V-bates) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-03-21]
CHR Extension: (Media Viewer) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnobaakadehgcjbhieegodlndablmao [2014-02-23]
CHR Extension: (Better Surf Plus) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl [2014-02-23]
CHR Extension: (FineDeaLSoft) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkfigoajimddlnfnhlkkbjdgkkigccil [2014-03-06]
CHR Extension: (Google Wallet) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-23]
CHR Extension: (Webexp Enhanced) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\oammkkggampaadcifnaiknbcokpencei [2014-02-23]
CHR Extension: (Feven 2.5) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkbhkhbgdaamliaimlpdlhokkecoibka [2014-01-25]
CHR Extension: (Lightning speedDial) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn [2014-02-23]
CHR HKLM-x32\...\Chrome\Extension: [fcaiicgcjkjiagjocmccmcmncckndcmh] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ch\MediaViewV1alpha3700.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-11]
CHR HKLM-x32\...\Chrome\Extension: [laaciepchcabcfgpniblbiecldehkbae] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ch\MediaViewV1alpha9390.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [mlnobaakadehgcjbhieegodlndablmao] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ch\MediaViewerV1alpha1479.crx [2014-02-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [814344 2009-12-22] (ABBYY)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-01] (Adobe Systems)
S4 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-24] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-08-26] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-08-26] (CyberLink)
R2 DokanMounter; C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe [14848 2012-02-15] ()
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-06] (Hewlett-Packard)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] ()
S3 Soda PDF 2012 Helper Service; C:\Program Files (x86)\Soda PDF 2012\HelperService.exe [827224 2012-01-27] (LULU Software)
R2 Soda PDF 2012 Service; C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe [905560 2012-01-27] (LULU Software)
S2 V-bates Updater; C:\Program Files\Video downloader\ExtensionUpdaterService.exe [X]
S2 vToolbarUpdater15.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [558592 2007-05-16] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-03-19] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
U4 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2012-02-15] (Windows (R) Win 7 DDK provider)
S3 GrabsterSeries.X64; C:\Windows\System32\DRIVERS\GrabsterSeries.X64.SYS [377152 2010-01-22] ()
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation)
S3 iComp; C:\Windows\System32\DRIVERS\p2usbhum.sys [1794112 2009-12-09] (Conexant Systems Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-28] ()
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation                           )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-08-04] ()
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
S3 ZD1211BU(ZyDAS); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S3 ZDPSp50a64; C:\Windows\SysWOW64\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA))
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-08-26] (CyberLink Corp.)
U3 aafyp51z; C:\Windows\System32\Drivers\aafyp51z.sys [0 ] (Microsoft Corporation)
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S1 toqvakfe; \??\C:\Windows\system32\drivers\toqvakfe.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-29 12:11 - 2014-03-29 12:11 - 00000162 ____H () C:\Users\Spieler.HeikeHarder-HP\Documents\~$malw.txt
2014-03-29 12:02 - 2014-03-29 12:02 - 00038515 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\JRT.txt
2014-03-29 11:56 - 2014-03-29 11:56 - 00000000 ____D () C:\Windows\ERUNT
2014-03-29 11:55 - 2014-03-29 11:55 - 01038974 _____ (Thisisu) C:\Users\Spieler.HeikeHarder-HP\Downloads\JRT.exe
2014-03-29 11:39 - 2014-03-29 11:49 - 00000000 ____D () C:\AdwCleaner
2014-03-29 11:39 - 2014-03-29 11:39 - 01950720 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\adwcleaner.exe
2014-03-29 11:36 - 2014-03-29 11:36 - 00000273 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\malw.txt
2014-03-29 11:10 - 2014-03-29 12:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 11:10 - 2014-03-29 11:10 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-29 11:10 - 2014-03-29 11:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 11:10 - 2014-03-29 11:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 11:10 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-29 11:10 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-29 11:10 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-29 11:09 - 2014-03-29 11:09 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-29 10:18 - 2014-03-29 10:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Spieler.HeikeHarder-HP\Downloads\revosetup95.exe
2014-03-29 10:18 - 2014-03-29 10:18 - 00001270 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Revo Uninstaller.lnk
2014-03-29 10:18 - 2014-03-29 10:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-28 21:24 - 2014-03-28 21:24 - 00563616 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Java (1).exe
2014-03-28 18:06 - 2014-03-28 18:07 - 00074129 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Addition.txt
2014-03-28 18:05 - 2014-03-29 12:14 - 00032765 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-03-28 18:05 - 2014-03-29 12:14 - 00000000 ____D () C:\FRST
2014-03-28 18:04 - 2014-03-28 18:04 - 02157056 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-03-22 17:17 - 2014-03-22 17:17 - 00000000 ____D () C:\Program Files (x86)\MediaWatchV1
2014-03-21 12:01 - 2014-03-28 17:37 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing
2014-03-21 12:01 - 2014-03-21 12:01 - 01172664 _____ (AnyProtect.com) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nspA788.tmp
2014-03-21 12:01 - 2014-03-21 12:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Uniblue
2014-03-21 12:01 - 2014-03-21 12:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\M6 Processing
2014-03-21 11:59 - 2014-03-21 11:59 - 00370640 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Java.exe
2014-03-14 14:09 - 2014-03-14 14:09 - 00017547 _____ () C:\Users\Heike Harder\Desktop\Opera 12 Notes.html
2014-03-14 14:08 - 2014-03-14 14:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Roaming\Opera Software
2014-03-14 14:08 - 2014-03-14 14:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Local\Opera Software
2014-03-14 03:23 - 2014-03-29 11:43 - 00011050 _____ () C:\Windows\PFRO.log
2014-03-13 11:19 - 2014-03-13 11:43 - 487137968 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0013.avi
2014-03-13 09:46 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 09:46 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 09:46 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 09:46 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 09:46 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 09:46 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 09:46 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 09:46 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 09:46 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 09:46 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 09:46 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 09:46 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 09:46 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 09:46 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 09:46 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 09:46 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 09:46 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 09:46 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 09:46 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 09:46 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 09:46 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 09:46 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 09:46 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 09:46 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 09:46 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 09:46 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 09:45 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 09:45 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 09:45 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 09:45 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 09:45 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 09:45 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 09:45 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 09:45 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 09:45 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 09:45 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 09:45 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 09:45 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 09:45 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 09:45 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 09:45 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 09:45 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 09:45 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 09:45 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 09:45 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 09:45 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 09:44 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 09:44 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 14:19 - 2014-03-12 14:19 - 00001290 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-03-12 14:16 - 2013-08-17 14:02 - 03765592 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install.exe
2014-03-12 14:15 - 2014-03-12 14:16 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install (1).zip
2014-03-12 14:14 - 2014-03-12 14:15 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install.zip
2014-03-11 23:04 - 2014-03-25 10:46 - 00032768 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).sav
2014-03-11 23:04 - 2014-03-11 23:25 - 485259900 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0010.avi
2014-03-11 16:22 - 2005-03-13 18:17 - 01048576 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).gb
2014-03-11 15:28 - 2014-03-11 15:28 - 00391778 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).zip
2014-03-10 23:16 - 2014-03-10 23:25 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TeamViewer
2014-03-10 23:16 - 2014-03-10 23:16 - 05852336 _____ (TeamViewer GmbH) C:\Users\Spieler.HeikeHarder-HP\Downloads\TeamViewer_Setup_de.exe
2014-03-10 23:16 - 2014-03-10 23:16 - 00001168 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-06 09:38 - 2014-03-06 09:37 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-06 09:37 - 2014-03-06 09:37 - 00000000 ____D () C:\Program Files\Java
2014-03-06 09:34 - 2014-03-06 09:34 - 30796712 _____ (Oracle Corporation) C:\Users\Spieler.HeikeHarder-HP\Downloads\jre-7u51-windows-x64.exe
2014-03-06 08:41 - 2014-03-06 08:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Packages
2014-03-06 08:41 - 2014-03-06 08:41 - 00000000 ____D () C:\ProgramData\70e7a22bf8ff262c
2014-02-27 19:33 - 2014-03-29 11:45 - 00002791 _____ () C:\Windows\setupact.log
2014-02-27 19:33 - 2014-02-27 19:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-27 19:26 - 2014-03-15 19:26 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-02-27 16:19 - 2014-02-27 16:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-27 16:19 - 2014-02-27 16:19 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Skype

==================== One Month Modified Files and Folders =======

2014-03-29 12:15 - 2014-03-28 18:05 - 00032765 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-03-29 12:14 - 2014-03-28 18:05 - 00000000 ____D () C:\FRST
2014-03-29 12:11 - 2014-03-29 12:11 - 00000162 ____H () C:\Users\Spieler.HeikeHarder-HP\Documents\~$malw.txt
2014-03-29 12:11 - 2014-03-29 11:39 - 00000000 ____D () C:\AdwCleaner
2014-03-29 12:10 - 2014-03-29 11:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 12:02 - 2014-03-29 12:02 - 00038515 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\JRT.txt
2014-03-29 11:58 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-29 11:58 - 2009-07-14 05:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-29 11:56 - 2014-03-29 11:56 - 00000000 ____D () C:\Windows\ERUNT
2014-03-29 11:55 - 2014-03-29 11:55 - 01038974 _____ (Thisisu) C:\Users\Spieler.HeikeHarder-HP\Downloads\JRT.exe
2014-03-29 11:51 - 2014-01-23 19:42 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-03-29 11:51 - 2012-12-09 22:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Overwolf
2014-03-29 11:49 - 2012-11-28 10:43 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Raptr
2014-03-29 11:48 - 2011-03-16 15:37 - 00000442 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-29 11:46 - 2011-03-09 16:38 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\PDF Software
2014-03-29 11:45 - 2014-02-27 19:33 - 00002791 _____ () C:\Windows\setupact.log
2014-03-29 11:45 - 2014-01-25 17:16 - 00001506 _____ () C:\Windows\Tasks\Feven 2.5-updater.job
2014-03-29 11:45 - 2014-01-25 17:16 - 00001454 _____ () C:\Windows\Tasks\Feven 2.5-codedownloader.job
2014-03-29 11:45 - 2014-01-25 17:16 - 00001332 _____ () C:\Windows\Tasks\Feven 2.5-enabler.job
2014-03-29 11:45 - 2014-01-25 17:15 - 00002276 _____ () C:\Windows\Tasks\Feven 2.5-chromeinstaller.job
2014-03-29 11:45 - 2014-01-25 17:15 - 00002224 _____ () C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job
2014-03-29 11:45 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-29 11:43 - 2014-03-14 03:23 - 00011050 _____ () C:\Windows\PFRO.log
2014-03-29 11:42 - 2012-06-04 15:38 - 01772631 _____ () C:\Windows\WindowsUpdate.log
2014-03-29 11:41 - 2014-01-16 10:36 - 00001284 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-29 11:41 - 2013-12-11 10:49 - 00001106 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-03-29 11:41 - 2013-12-11 10:49 - 00001076 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Search.lnk
2014-03-29 11:41 - 2011-04-06 18:06 - 00001031 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-29 11:41 - 2011-01-27 18:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 11:41 - 2011-01-27 11:58 - 00000969 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-03-29 11:40 - 2013-09-03 21:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TS3Client
2014-03-29 11:39 - 2014-03-29 11:39 - 01950720 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\adwcleaner.exe
2014-03-29 11:36 - 2014-03-29 11:36 - 00000273 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\malw.txt
2014-03-29 11:10 - 2014-03-29 11:10 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-29 11:10 - 2014-03-29 11:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 11:10 - 2014-03-29 11:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 11:09 - 2014-03-29 11:09 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-29 10:49 - 2014-01-25 17:17 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\newplayer
2014-03-29 10:35 - 2012-12-09 11:38 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-29 10:18 - 2014-03-29 10:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Spieler.HeikeHarder-HP\Downloads\revosetup95.exe
2014-03-29 10:18 - 2014-03-29 10:18 - 00001270 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Revo Uninstaller.lnk
2014-03-29 10:18 - 2014-03-29 10:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-29 02:17 - 2011-02-10 13:16 - 00000000 ____D () C:\ProgramData\Recovery
2014-03-29 02:00 - 2014-01-31 16:26 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\emu
2014-03-29 02:00 - 2014-01-16 11:31 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-29 02:00 - 2013-04-24 01:01 - 00000000 ____D () C:\Users\Gast
2014-03-29 02:00 - 2013-01-19 23:21 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Skype
2014-03-29 02:00 - 2012-12-09 21:30 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai
2014-03-29 02:00 - 2012-10-02 21:27 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\RIFT
2014-03-29 02:00 - 2012-03-07 14:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-29 02:00 - 2012-01-31 16:10 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\FLEXnet
2014-03-29 02:00 - 2011-02-09 22:03 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-03-29 02:00 - 2011-01-27 11:25 - 00000000 ____D () C:\Users\Heike Harder
2014-03-29 02:00 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-29 02:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-03-29 01:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-28 21:24 - 2014-03-28 21:24 - 00563616 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Java (1).exe
2014-03-28 18:07 - 2014-03-28 18:06 - 00074129 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Addition.txt
2014-03-28 18:04 - 2014-03-28 18:04 - 02157056 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-03-28 17:38 - 2013-03-18 21:19 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Deployment
2014-03-28 17:37 - 2014-03-21 12:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing
2014-03-28 17:28 - 2013-12-10 15:15 - 00051542 _____ () C:\Users\Spieler.HeikeHarder-HP\daemonprocess.txt
2014-03-28 17:19 - 2011-01-29 11:51 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP
2014-03-25 10:46 - 2014-03-11 23:04 - 00032768 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).sav
2014-03-25 02:02 - 2009-07-14 08:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-23 10:25 - 2013-02-06 23:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Paint.NET
2014-03-22 22:30 - 2012-06-14 02:45 - 00000000 __SHD () C:\found.000
2014-03-22 17:17 - 2014-03-22 17:17 - 00000000 ____D () C:\Program Files (x86)\MediaWatchV1
2014-03-21 12:01 - 2014-03-21 12:01 - 01172664 _____ (AnyProtect.com) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nspA788.tmp
2014-03-21 12:01 - 2014-03-21 12:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Uniblue
2014-03-21 12:01 - 2014-03-21 12:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\M6 Processing
2014-03-21 11:59 - 2014-03-21 11:59 - 00370640 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Java.exe
2014-03-20 21:45 - 2011-01-27 11:58 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-20 13:55 - 2013-06-26 14:11 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Audacity
2014-03-19 03:06 - 2013-08-16 08:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 03:01 - 2011-01-31 18:17 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-17 19:08 - 2013-01-07 22:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\.minecraft
2014-03-15 19:33 - 2012-04-12 12:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-15 19:26 - 2014-02-27 19:26 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-03-15 19:26 - 2014-01-29 19:26 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-14 14:15 - 2013-08-18 14:58 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-14 14:14 - 2013-10-04 13:37 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\alles
2014-03-14 14:09 - 2014-03-14 14:09 - 00017547 _____ () C:\Users\Heike Harder\Desktop\Opera 12 Notes.html
2014-03-14 14:09 - 2013-12-21 10:14 - 00004157 _____ () C:\Users\Heike Harder\daemonprocess.txt
2014-03-14 14:08 - 2014-03-14 14:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Roaming\Opera Software
2014-03-14 14:08 - 2014-03-14 14:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Local\Opera Software
2014-03-14 10:58 - 2012-04-12 12:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 10:58 - 2012-04-12 12:23 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-14 10:58 - 2011-05-23 09:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-14 10:57 - 2012-04-16 22:21 - 00000000 ____D () C:\Users\Heike Harder\AppData\Roaming\BrowserCompanion
2014-03-14 03:24 - 2013-08-22 08:23 - 00512328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 03:23 - 2013-03-13 15:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 03:23 - 2013-03-13 15:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 11:43 - 2014-03-13 11:19 - 487137968 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0013.avi
2014-03-12 14:19 - 2014-03-12 14:19 - 00001290 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-03-12 14:19 - 2012-03-25 11:15 - 00000000 ____D () C:\Program Files\Paint.NET
2014-03-12 14:16 - 2014-03-12 14:15 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install (1).zip
2014-03-12 14:15 - 2014-03-12 14:14 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install.zip
2014-03-12 14:12 - 2011-01-29 11:51 - 00152288 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-12 10:31 - 2014-01-11 23:50 - 00065536 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Blau (D).sav
2014-03-11 23:25 - 2014-03-11 23:04 - 485259900 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0010.avi
2014-03-11 15:28 - 2014-03-11 15:28 - 00391778 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).zip
2014-03-10 23:25 - 2014-03-10 23:16 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TeamViewer
2014-03-10 23:16 - 2014-03-10 23:16 - 05852336 _____ (TeamViewer GmbH) C:\Users\Spieler.HeikeHarder-HP\Downloads\TeamViewer_Setup_de.exe
2014-03-10 23:16 - 2014-03-10 23:16 - 00001168 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-10 23:16 - 2012-04-16 21:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-06 09:37 - 2014-03-06 09:38 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-06 09:37 - 2014-03-06 09:37 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-06 09:37 - 2014-03-06 09:37 - 00000000 ____D () C:\Program Files\Java
2014-03-06 09:34 - 2014-03-06 09:34 - 30796712 _____ (Oracle Corporation) C:\Users\Spieler.HeikeHarder-HP\Downloads\jre-7u51-windows-x64.exe
2014-03-06 08:41 - 2014-03-06 08:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Packages
2014-03-06 08:41 - 2014-03-06 08:41 - 00000000 ____D () C:\ProgramData\70e7a22bf8ff262c
2014-03-05 09:26 - 2014-03-29 11:10 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-03-29 11:10 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2014-03-29 11:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-01 10:18 - 2011-01-07 20:54 - 00799382 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 10:18 - 2011-01-07 20:54 - 00188890 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 10:18 - 2009-07-14 06:13 - 01903918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-01 07:05 - 2014-03-13 09:45 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 09:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 09:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 09:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 09:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 09:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 09:45 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 09:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 09:45 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 09:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 09:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 09:45 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 09:46 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 09:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 09:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 09:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 09:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 09:45 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 09:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 09:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 09:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 09:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 09:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 09:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 09:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 09:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 09:45 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 09:45 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 09:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 09:45 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 09:45 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 09:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 09:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 09:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 09:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 09:45 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 09:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 09:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 09:45 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 19:33 - 2014-02-27 19:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-27 16:19 - 2014-02-27 16:19 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-27 16:19 - 2014-02-27 16:19 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Skype
2014-02-27 16:19 - 2012-04-06 19:04 - 00000000 ____D () C:\ProgramData\Skype

Files to move or delete:
====================
C:\Users\Heike Harder\Okozo_Installer.exe
C:\Users\Public\CommonRTP.exe


Some content of TEMP:
====================
C:\Users\Heike Harder\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\BackupSetup.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\htmlayout.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\Quarantine.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uninstall63590203.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uninstall63590266.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uninstall63590297.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uninstall63590406.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uninstall63590422.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\UpdUninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-14 03:54

==================== End Of Log =====================

--- --- ---

schrauber · 30.03.2014, 07:10

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Blitzi · 30.03.2014, 13:17

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=729d05bc4529ad4ea48a1456c5ef33f7
# engine=17679
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-30 12:07:54
# local_time=2014-03-30 02:07:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 57312 9499938 6432 0
# compatibility_mode=5893 16776574 100 94 9496169 147811124 0 0
# scanned=457978
# found=14
# cleaned=0
# scan_time=13402
sh=B2163563C53657A15C1A34CA63BED58F1D5B945F ft=1 fh=854865ef772fb1e8 vn="a variant of Win32/Adware.Yontoo.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll.vir"
sh=3792F19D1860B40EB871C041019ED62A427CF00C ft=1 fh=e3e940ab43810265 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll.vir"
sh=1A0F0CEBEDFCEC559615CDDB6C873334633A21E4 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo application" ac=I fn="C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\plugin@yontoo.com\content\overlay.js"
sh=A45A93DAE57089A29736E63FDAAD7A67B7D01090 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.F application" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho\1.111_0\contentscript.js"
sh=CA62F5936C7E6C38A02D619FD4ADD6A1D2BF5DF4 ft=1 fh=5f0caea3c18edbbe vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ICReinstall_nsd772D.tmp"
sh=34520D26BC513DA7121558BEF3508875BBBEB7F2 ft=1 fh=a0122d24c18edbbe vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ICReinstall_nsiCE4A.tmp"
sh=D8B32676746489DFC2B53ED6B84BD503D3D2FB04 ft=1 fh=cb40b1f52d79d722 vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ICReinstall_nsl71B8.tmp"
sh=CA62F5936C7E6C38A02D619FD4ADD6A1D2BF5DF4 ft=1 fh=5f0caea3c18edbbe vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ICReinstall_nsq219B.tmp"
sh=CA62F5936C7E6C38A02D619FD4ADD6A1D2BF5DF4 ft=1 fh=5f0caea3c18edbbe vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\nsd772D.tmp"
sh=CA62F5936C7E6C38A02D619FD4ADD6A1D2BF5DF4 ft=1 fh=5f0caea3c18edbbe vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\nsgCD6B.tmp"
sh=34520D26BC513DA7121558BEF3508875BBBEB7F2 ft=1 fh=a0122d24c18edbbe vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\nsiCE4A.tmp"
sh=D8B32676746489DFC2B53ED6B84BD503D3D2FB04 ft=1 fh=cb40b1f52d79d722 vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\nsl71B8.tmp"
sh=CA62F5936C7E6C38A02D619FD4ADD6A1D2BF5DF4 ft=1 fh=5f0caea3c18edbbe vn="a variant of Win32/Injected.F trojan" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\nsq219B.tmp"
sh=60479F0E1541F9C7122C2C60D739A6FDD2357488 ft=1 fh=0155faa485b69c08 vn="a variant of Generik.MSLHOFC trojan" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\Downlodes\Torchlight\_savegame\torchlight_savegame_editor\Torchligh

Unsupported operating system! Aborted!

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Spieler (administrator) on HEIKEHARDER-HP on 30-03-2014 14:16:02
Running from C:\Users\Spieler.HeikeHarder-HP\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
() C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M6.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M602\64\cpusrv.dat
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MRT] - C:\Windows\system32\MRT.exe [90015360 2014-03-19] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Version Cue CS2] - c:\Users\Heike Harder\Documents\Downloads\Creative Suite 2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [Aeria Ignite] - "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax] - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax_RESTART] - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Raptr] - C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2013-08-19] (Raptr, Inc)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Akamai NetSession Interface] - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Klebezettel NG] - [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Clownfish] - C:\Program Files (x86)\Clownfish\Clownfish.exe [1306360 2013-12-17] (Bogdan Sharkov)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [M6] - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\M6.exe [186880 2014-03-28] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [vm6] - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe [175424 2014-03-19] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\MountPoints2: {ae8f9719-3d80-11e3-91bb-6c626d9ce7a5} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\VoiceClient.exe
Startup: C:\Users\Heike Harder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
ShortcutTarget: tcbhn.lnk -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\BrowserCompanion\tcbhn.exe (No File)
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = 
BHO: Feven 2.5 - {11111111-1111-1111-1111-110411901108} - C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho64.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Soda PDF 2012 Helper - {ebe8b562-cba0-40d8-b920-af7cfe0c9d94} - C:\Program Files (x86)\Soda PDF 2012\PDFIEHelper.dll (LULU Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - No Name - !{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} -  No File
Toolbar: HKLM - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -  No File
Toolbar: HKLM - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKLM - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} -  No File
Toolbar: HKLM-x32 - Soda PDF 2012 Toolbar - {a8c9d542-fd91-4834-a2e8-adb9ae692b8b} - C:\Program Files (x86)\Soda PDF 2012\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - No Name - !{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} -  No File
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -  No File
Toolbar: HKLM-x32 - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKLM-x32 - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} -  No File
Toolbar: HKCU - No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} -  No File
Toolbar: HKCU - No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} -  No File
Toolbar: HKCU - No Name - {32B29DF0-2237-4370-9A29-37CEBB730E9B} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\awesomehp.xml
FF Extension: media enhance - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com [2014-03-21]
FF Extension: Feven 2.5 - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com [2014-02-27]
FF Extension: I Want This - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\crossriderapp2258@crossrider.com [2012-06-08]
FF Extension: Extension_Protected - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack [2014-01-25]
FF Extension: FineDeaLSoft - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\lvgnow@dnhktwg.co.uk [2014-03-15]
FF Extension: Internet Turbo - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{17372c46-39f1-4c28-8f8c-b25d9b57d042} [2014-01-25]
FF Extension: Wincore Mediabar - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} [2012-07-23]
FF Extension: Lightning Speed Dial - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\lightningnewtab@gmail.com.xpi [2014-01-25]
FF Extension: WEB.DE MailCheck - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\toolbar@web.de.xpi [2014-01-25]
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2012-05-05]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2012-05-05]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-11]
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDFConverter2012@sodapdf.com] - C:\Program Files (x86)\Soda PDF 2012\FFSodaExt2012
FF Extension: Soda PDF 2012 Converter For Firefox - C:\Program Files (x86)\Soda PDF 2012\FFSodaExt2012 [2012-06-04]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha718.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1479.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff
FF Extension: Media Viewer - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff [2014-02-23]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha3700.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff [2014-02-27]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha9390.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff [2014-03-15]

Chrome: 
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=hp&installDate=05/04/2013
CHR RestoreOnStartup: "hxxp://feed.snapdo.com/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=17372c46-39f1-4c28-8f8c-b25d9b57d042&searchtype=hp&installDate=05/04/2013"
CHR DefaultSearchKeyword: awesomehp
CHR DefaultSearchProvider: awesomehp
CHR DefaultSearchURL: hxxp://www.awesomehp.com/web/?type=ds&ts=1390666599&from=tugs&uid=WDCXWD15EADS-65R2B0_WD-WMAVU347761277612&q={searchTerms}
CHR Extension: (Media Watch) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\algmmgkfpeaonhjgdngihpchbgkpjnfp [2014-03-22]
CHR Extension: (SuperLyrics) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho [2014-02-23]
CHR Extension: (McAfee Security Scan+) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-23]
CHR Extension: (Video Player) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\edfgledepjjmkiehpaonaiannadjjdnc [2014-02-23]
CHR Extension: (Media View) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcaiicgcjkjiagjocmccmcmncckndcmh [2014-02-27]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-02-23]
CHR Extension: (Media View) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\laaciepchcabcfgpniblbiecldehkbae [2014-03-15]
CHR Extension: (media enhance) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-21]
CHR Extension: (V-bates) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-03-21]
CHR Extension: (Media Viewer) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnobaakadehgcjbhieegodlndablmao [2014-02-23]
CHR Extension: (Better Surf Plus) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmifolfpllfdhilecpdpmemhelmanajl [2014-02-23]
CHR Extension: (FineDeaLSoft) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkfigoajimddlnfnhlkkbjdgkkigccil [2014-03-06]
CHR Extension: (Google Wallet) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-23]
CHR Extension: (Webexp Enhanced) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\oammkkggampaadcifnaiknbcokpencei [2014-02-23]
CHR Extension: (Feven 2.5) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkbhkhbgdaamliaimlpdlhokkecoibka [2014-01-25]
CHR Extension: (Lightning speedDial) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkndmigholgfjlniaohblojbhgjbkakn [2014-02-23]
CHR HKLM-x32\...\Chrome\Extension: [fcaiicgcjkjiagjocmccmcmncckndcmh] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ch\MediaViewV1alpha3700.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-11]
CHR HKLM-x32\...\Chrome\Extension: [laaciepchcabcfgpniblbiecldehkbae] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ch\MediaViewV1alpha9390.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [mlnobaakadehgcjbhieegodlndablmao] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ch\MediaViewerV1alpha1479.crx [2014-02-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [814344 2009-12-22] (ABBYY)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-01] (Adobe Systems)
S4 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-24] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-08-26] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-08-26] (CyberLink)
R2 DokanMounter; C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe [14848 2012-02-15] ()
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-06] (Hewlett-Packard)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] ()
S3 Soda PDF 2012 Helper Service; C:\Program Files (x86)\Soda PDF 2012\HelperService.exe [827224 2012-01-27] (LULU Software)
R2 Soda PDF 2012 Service; C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe [905560 2012-01-27] (LULU Software)
S2 V-bates Updater; C:\Program Files\Video downloader\ExtensionUpdaterService.exe [X]
S2 vToolbarUpdater15.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [558592 2007-05-16] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-03-19] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-10] (Avira Operations GmbH & Co. KG)
U4 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-12] (Avira Operations GmbH & Co. KG)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2012-02-15] (Windows (R) Win 7 DDK provider)
S3 GrabsterSeries.X64; C:\Windows\System32\DRIVERS\GrabsterSeries.X64.SYS [377152 2010-01-22] ()
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation)
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation)
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation)
S3 iComp; C:\Windows\System32\DRIVERS\p2usbhum.sys [1794112 2009-12-09] (Conexant Systems Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-28] ()
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation                           )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-08-04] ()
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
S3 ZD1211BU(ZyDAS); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S3 ZDPSp50a64; C:\Windows\SysWOW64\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA))
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-08-26] (CyberLink Corp.)
U3 aafyp51z; C:\Windows\System32\Drivers\aafyp51z.sys [0 ] (Microsoft Corporation)
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S1 toqvakfe; \??\C:\Windows\system32\drivers\toqvakfe.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-30 14:13 - 2014-03-30 14:13 - 00987442 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\SecurityCheck.exe
2014-03-30 11:08 - 2014-03-30 11:08 - 07289160 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0014.avi
2014-03-30 11:07 - 2014-03-30 11:07 - 00112384 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0012.avi
2014-03-30 10:22 - 2014-03-30 10:22 - 02347384 _____ (ESET) C:\Users\Spieler.HeikeHarder-HP\Downloads\esetsmartinstaller_enu.exe
2014-03-30 10:22 - 2014-03-30 10:22 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-29 13:02 - 2014-03-29 13:02 - 00038515 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\JRT.txt
2014-03-29 12:56 - 2014-03-29 12:56 - 00000000 ____D () C:\Windows\ERUNT
2014-03-29 12:55 - 2014-03-29 12:55 - 01038974 _____ (Thisisu) C:\Users\Spieler.HeikeHarder-HP\Downloads\JRT.exe
2014-03-29 12:39 - 2014-03-29 13:11 - 00000000 ____D () C:\AdwCleaner
2014-03-29 12:39 - 2014-03-29 12:39 - 01950720 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\adwcleaner.exe
2014-03-29 12:36 - 2014-03-29 12:36 - 00000273 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\malw.txt
2014-03-29 12:10 - 2014-03-29 13:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 12:10 - 2014-03-29 12:10 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-29 12:10 - 2014-03-29 12:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 12:10 - 2014-03-29 12:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 12:10 - 2014-03-05 10:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-29 12:10 - 2014-03-05 10:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-29 12:10 - 2014-03-05 10:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-29 12:09 - 2014-03-29 12:09 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-29 11:18 - 2014-03-29 11:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Spieler.HeikeHarder-HP\Downloads\revosetup95.exe
2014-03-29 11:18 - 2014-03-29 11:18 - 00001270 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Revo Uninstaller.lnk
2014-03-29 11:18 - 2014-03-29 11:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-28 22:24 - 2014-03-28 22:24 - 00563616 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Java (1).exe
2014-03-28 19:06 - 2014-03-28 19:07 - 00074129 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Addition.txt
2014-03-28 19:05 - 2014-03-30 14:16 - 00032936 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-03-28 19:05 - 2014-03-30 14:16 - 00000000 ____D () C:\FRST
2014-03-28 19:04 - 2014-03-28 19:04 - 02157056 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-03-22 18:17 - 2014-03-22 18:17 - 00000000 ____D () C:\Program Files (x86)\MediaWatchV1
2014-03-21 13:01 - 2014-03-28 18:37 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing
2014-03-21 13:01 - 2014-03-21 13:01 - 01172664 _____ (AnyProtect.com) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nspA788.tmp
2014-03-21 13:01 - 2014-03-21 13:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Uniblue
2014-03-21 13:01 - 2014-03-21 13:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\M6 Processing
2014-03-21 12:59 - 2014-03-21 12:59 - 00370640 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Java.exe
2014-03-14 15:09 - 2014-03-14 15:09 - 00017547 _____ () C:\Users\Heike Harder\Desktop\Opera 12 Notes.html
2014-03-14 15:08 - 2014-03-14 15:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Roaming\Opera Software
2014-03-14 15:08 - 2014-03-14 15:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Local\Opera Software
2014-03-14 04:23 - 2014-03-29 12:43 - 00011050 _____ () C:\Windows\PFRO.log
2014-03-13 12:19 - 2014-03-13 12:43 - 487137968 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0013.avi
2014-03-13 10:46 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 10:46 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 10:46 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 10:46 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 10:46 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 10:46 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 10:46 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 10:46 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 10:46 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 10:46 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 10:46 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 10:46 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 10:46 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 10:46 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 10:46 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 10:46 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 10:46 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 10:46 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 10:46 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 10:46 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 10:46 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 10:46 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 10:46 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 10:46 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 10:46 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 10:46 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 10:45 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 10:45 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 10:45 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 10:45 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 10:45 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 10:45 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 10:45 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 10:45 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 10:45 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 10:45 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 10:45 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 10:45 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 10:45 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 10:45 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 10:45 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 10:45 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 10:45 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 10:45 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 10:45 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 10:45 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 10:44 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 10:44 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 15:19 - 2014-03-12 15:19 - 00001290 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-03-12 15:16 - 2013-08-17 15:02 - 03765592 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install.exe
2014-03-12 15:15 - 2014-03-12 15:16 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install (1).zip
2014-03-12 15:14 - 2014-03-12 15:15 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install.zip
2014-03-12 00:04 - 2014-03-25 11:46 - 00032768 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).sav
2014-03-12 00:04 - 2014-03-12 00:25 - 485259900 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0010.avi
2014-03-11 17:22 - 2005-03-13 19:17 - 01048576 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).gb
2014-03-11 16:28 - 2014-03-11 16:28 - 00391778 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).zip
2014-03-11 00:16 - 2014-03-11 00:25 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TeamViewer
2014-03-11 00:16 - 2014-03-11 00:16 - 05852336 _____ (TeamViewer GmbH) C:\Users\Spieler.HeikeHarder-HP\Downloads\TeamViewer_Setup_de.exe
2014-03-11 00:16 - 2014-03-11 00:16 - 00001168 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-06 10:38 - 2014-03-06 10:37 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-06 10:37 - 2014-03-06 10:37 - 00000000 ____D () C:\Program Files\Java
2014-03-06 10:34 - 2014-03-06 10:34 - 30796712 _____ (Oracle Corporation) C:\Users\Spieler.HeikeHarder-HP\Downloads\jre-7u51-windows-x64.exe
2014-03-06 09:41 - 2014-03-06 09:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Packages
2014-03-06 09:41 - 2014-03-06 09:41 - 00000000 ____D () C:\ProgramData\70e7a22bf8ff262c

==================== One Month Modified Files and Folders =======

2014-03-30 14:16 - 2014-03-28 19:05 - 00032936 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-03-30 14:16 - 2014-03-28 19:05 - 00000000 ____D () C:\FRST
2014-03-30 14:13 - 2014-03-30 14:13 - 00987442 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\SecurityCheck.exe
2014-03-30 14:13 - 2011-01-29 14:11 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\SoftGrid Client
2014-03-30 14:05 - 2013-09-03 22:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TS3Client
2014-03-30 14:04 - 2013-02-07 00:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Paint.NET
2014-03-30 13:40 - 2012-12-09 12:38 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-03-30 12:38 - 2014-02-27 20:33 - 00002847 _____ () C:\Windows\setupact.log
2014-03-30 12:26 - 2012-06-04 16:38 - 01792026 _____ () C:\Windows\WindowsUpdate.log
2014-03-30 11:16 - 2014-01-25 18:16 - 00001506 _____ () C:\Windows\Tasks\Feven 2.5-updater.job
2014-03-30 11:16 - 2014-01-25 18:16 - 00001454 _____ () C:\Windows\Tasks\Feven 2.5-codedownloader.job
2014-03-30 11:16 - 2014-01-25 18:16 - 00001332 _____ () C:\Windows\Tasks\Feven 2.5-enabler.job
2014-03-30 11:16 - 2014-01-25 18:15 - 00002276 _____ () C:\Windows\Tasks\Feven 2.5-chromeinstaller.job
2014-03-30 11:16 - 2014-01-25 18:15 - 00002224 _____ () C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job
2014-03-30 11:09 - 2013-06-26 15:11 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Audacity
2014-03-30 11:08 - 2014-03-30 11:08 - 07289160 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0014.avi
2014-03-30 11:07 - 2014-03-30 11:07 - 00112384 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0012.avi
2014-03-30 10:22 - 2014-03-30 10:22 - 02347384 _____ (ESET) C:\Users\Spieler.HeikeHarder-HP\Downloads\esetsmartinstaller_enu.exe
2014-03-30 10:22 - 2014-03-30 10:22 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-29 23:22 - 2013-01-07 23:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\.minecraft
2014-03-29 20:05 - 2011-03-16 16:37 - 00000441 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-29 13:11 - 2014-03-29 12:39 - 00000000 ____D () C:\AdwCleaner
2014-03-29 13:10 - 2014-03-29 12:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-29 13:02 - 2014-03-29 13:02 - 00038515 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\JRT.txt
2014-03-29 12:58 - 2009-07-14 06:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-29 12:58 - 2009-07-14 06:45 - 00015568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-29 12:56 - 2014-03-29 12:56 - 00000000 ____D () C:\Windows\ERUNT
2014-03-29 12:55 - 2014-03-29 12:55 - 01038974 _____ (Thisisu) C:\Users\Spieler.HeikeHarder-HP\Downloads\JRT.exe
2014-03-29 12:51 - 2014-01-23 20:42 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-03-29 12:51 - 2012-12-09 23:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Overwolf
2014-03-29 12:49 - 2012-11-28 11:43 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Raptr
2014-03-29 12:46 - 2011-03-09 17:38 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\PDF Software
2014-03-29 12:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-29 12:43 - 2014-03-14 04:23 - 00011050 _____ () C:\Windows\PFRO.log
2014-03-29 12:41 - 2014-01-16 11:36 - 00001284 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-29 12:41 - 2013-12-11 11:49 - 00001106 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-03-29 12:41 - 2013-12-11 11:49 - 00001076 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Search.lnk
2014-03-29 12:41 - 2011-04-06 19:06 - 00001031 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-29 12:41 - 2011-01-27 19:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 12:41 - 2011-01-27 12:58 - 00000969 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-03-29 12:39 - 2014-03-29 12:39 - 01950720 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\adwcleaner.exe
2014-03-29 12:36 - 2014-03-29 12:36 - 00000273 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\malw.txt
2014-03-29 12:10 - 2014-03-29 12:10 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-29 12:10 - 2014-03-29 12:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-29 12:10 - 2014-03-29 12:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-29 12:09 - 2014-03-29 12:09 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.0.1000.exe
2014-03-29 11:49 - 2014-01-25 18:17 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\newplayer
2014-03-29 11:18 - 2014-03-29 11:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Spieler.HeikeHarder-HP\Downloads\revosetup95.exe
2014-03-29 11:18 - 2014-03-29 11:18 - 00001270 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Revo Uninstaller.lnk
2014-03-29 11:18 - 2014-03-29 11:18 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-03-29 03:17 - 2011-02-10 14:16 - 00000000 ____D () C:\ProgramData\Recovery
2014-03-29 03:00 - 2014-01-31 17:26 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\emu
2014-03-29 03:00 - 2014-01-16 12:31 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-29 03:00 - 2013-04-24 02:01 - 00000000 ____D () C:\Users\Gast
2014-03-29 03:00 - 2013-01-20 00:21 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Skype
2014-03-29 03:00 - 2012-12-09 22:30 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai
2014-03-29 03:00 - 2012-10-02 22:27 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\RIFT
2014-03-29 03:00 - 2012-03-07 15:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-29 03:00 - 2012-01-31 17:10 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\FLEXnet
2014-03-29 03:00 - 2011-02-09 23:03 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-03-29 03:00 - 2011-01-27 12:25 - 00000000 ____D () C:\Users\Heike Harder
2014-03-29 03:00 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-29 03:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-03-29 02:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-03-28 22:24 - 2014-03-28 22:24 - 00563616 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Java (1).exe
2014-03-28 19:07 - 2014-03-28 19:06 - 00074129 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Addition.txt
2014-03-28 19:04 - 2014-03-28 19:04 - 02157056 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-03-28 18:38 - 2013-03-18 22:19 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Deployment
2014-03-28 18:37 - 2014-03-21 13:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing
2014-03-28 18:28 - 2013-12-10 16:15 - 00051542 _____ () C:\Users\Spieler.HeikeHarder-HP\daemonprocess.txt
2014-03-28 18:19 - 2011-01-29 12:51 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP
2014-03-25 11:46 - 2014-03-12 00:04 - 00032768 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).sav
2014-03-25 03:02 - 2009-07-14 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-22 23:30 - 2012-06-14 03:45 - 00000000 __SHD () C:\found.000
2014-03-22 18:17 - 2014-03-22 18:17 - 00000000 ____D () C:\Program Files (x86)\MediaWatchV1
2014-03-21 13:01 - 2014-03-21 13:01 - 01172664 _____ (AnyProtect.com) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nspA788.tmp
2014-03-21 13:01 - 2014-03-21 13:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Uniblue
2014-03-21 13:01 - 2014-03-21 13:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\M6 Processing
2014-03-21 12:59 - 2014-03-21 12:59 - 00370640 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Java.exe
2014-03-20 22:45 - 2011-01-27 12:58 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-19 04:06 - 2013-08-16 09:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 04:01 - 2011-01-31 19:17 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-15 20:33 - 2012-04-12 13:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-15 20:26 - 2014-02-27 20:26 - 00000000 ____D () C:\Program Files (x86)\MediaViewV1
2014-03-15 20:26 - 2014-01-29 20:26 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-14 15:15 - 2013-08-18 15:58 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-14 15:14 - 2013-10-04 14:37 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\alles
2014-03-14 15:09 - 2014-03-14 15:09 - 00017547 _____ () C:\Users\Heike Harder\Desktop\Opera 12 Notes.html
2014-03-14 15:09 - 2013-12-21 11:14 - 00004157 _____ () C:\Users\Heike Harder\daemonprocess.txt
2014-03-14 15:08 - 2014-03-14 15:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Roaming\Opera Software
2014-03-14 15:08 - 2014-03-14 15:08 - 00000000 ____D () C:\Users\Heike Harder\AppData\Local\Opera Software
2014-03-14 11:58 - 2012-04-12 13:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 11:58 - 2012-04-12 13:23 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-14 11:58 - 2011-05-23 10:55 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-14 11:57 - 2012-04-16 23:21 - 00000000 ____D () C:\Users\Heike Harder\AppData\Roaming\BrowserCompanion
2014-03-14 04:24 - 2013-08-22 09:23 - 00512328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 04:23 - 2013-03-13 16:15 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 04:23 - 2013-03-13 16:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 12:43 - 2014-03-13 12:19 - 487137968 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0013.avi
2014-03-12 15:19 - 2014-03-12 15:19 - 00001290 _____ () C:\Users\Public\Desktop\Paint.NET.lnk
2014-03-12 15:19 - 2012-03-25 12:15 - 00000000 ____D () C:\Program Files\Paint.NET
2014-03-12 15:16 - 2014-03-12 15:15 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install (1).zip
2014-03-12 15:15 - 2014-03-12 15:14 - 03739157 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Paint.NET.3.5.11.Install.zip
2014-03-12 15:12 - 2011-01-29 12:51 - 00152288 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-12 11:31 - 2014-01-12 00:50 - 00065536 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Blau (D).sav
2014-03-12 00:25 - 2014-03-12 00:04 - 485259900 _____ () C:\Users\Spieler.HeikeHarder-HP\Documents\clip0010.avi
2014-03-11 16:28 - 2014-03-11 16:28 - 00391778 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Rot (D).zip
2014-03-11 00:25 - 2014-03-11 00:16 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TeamViewer
2014-03-11 00:16 - 2014-03-11 00:16 - 05852336 _____ (TeamViewer GmbH) C:\Users\Spieler.HeikeHarder-HP\Downloads\TeamViewer_Setup_de.exe
2014-03-11 00:16 - 2014-03-11 00:16 - 00001168 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-11 00:16 - 2012-04-16 22:03 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-06 10:37 - 2014-03-06 10:38 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-06 10:37 - 2014-03-06 10:37 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-06 10:37 - 2014-03-06 10:37 - 00000000 ____D () C:\Program Files\Java
2014-03-06 10:34 - 2014-03-06 10:34 - 30796712 _____ (Oracle Corporation) C:\Users\Spieler.HeikeHarder-HP\Downloads\jre-7u51-windows-x64.exe
2014-03-06 09:41 - 2014-03-06 09:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Packages
2014-03-06 09:41 - 2014-03-06 09:41 - 00000000 ____D () C:\ProgramData\70e7a22bf8ff262c
2014-03-05 10:26 - 2014-03-29 12:10 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 10:26 - 2014-03-29 12:10 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 10:26 - 2014-03-29 12:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-01 11:18 - 2011-01-07 21:54 - 00799382 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 11:18 - 2011-01-07 21:54 - 00188890 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 11:18 - 2009-07-14 07:13 - 01903918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-01 08:05 - 2014-03-13 10:45 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 07:17 - 2014-03-13 10:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 07:16 - 2014-03-13 10:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 06:58 - 2014-03-13 10:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 06:52 - 2014-03-13 10:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 06:51 - 2014-03-13 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 06:42 - 2014-03-13 10:45 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 06:40 - 2014-03-13 10:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 06:37 - 2014-03-13 10:45 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 06:33 - 2014-03-13 10:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 06:33 - 2014-03-13 10:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 06:32 - 2014-03-13 10:45 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 06:30 - 2014-03-13 10:46 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 06:23 - 2014-03-13 10:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 06:17 - 2014-03-13 10:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 06:11 - 2014-03-13 10:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 06:02 - 2014-03-13 10:45 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 05:54 - 2014-03-13 10:45 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 05:52 - 2014-03-13 10:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 05:51 - 2014-03-13 10:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 05:47 - 2014-03-13 10:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 05:43 - 2014-03-13 10:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 05:43 - 2014-03-13 10:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 05:42 - 2014-03-13 10:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 05:40 - 2014-03-13 10:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 05:38 - 2014-03-13 10:45 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 05:37 - 2014-03-13 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 05:35 - 2014-03-13 10:45 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 05:18 - 2014-03-13 10:45 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 05:16 - 2014-03-13 10:45 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 05:14 - 2014-03-13 10:45 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 05:10 - 2014-03-13 10:45 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 05:03 - 2014-03-13 10:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 05:00 - 2014-03-13 10:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 04:57 - 2014-03-13 10:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 04:38 - 2014-03-13 10:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 04:32 - 2014-03-13 10:45 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 04:27 - 2014-03-13 10:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 04:25 - 2014-03-13 10:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 04:25 - 2014-03-13 10:45 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

Files to move or delete:
====================
C:\Users\Heike Harder\Okozo_Installer.exe
C:\Users\Public\CommonRTP.exe


Some content of TEMP:
====================
C:\Users\Heike Harder\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\BackupSetup.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\htmlayout.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\Quarantine.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uninstall63590203.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uninstall63590266.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uninstall63590297.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uninstall63590406.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uninstall63590422.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\UpdUninstall.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-14 04:54

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 31.03.2014, 10:32

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

Startup: C:\Users\Heike Harder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
ShortcutTarget: tcbhn.lnk -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\BrowserCompanion\tcbhn.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Blitzi · 31.03.2014, 13:09

Danke es läuft wieder alles super.

Melde mich wieder falls ich ein Problem hab

schrauber · 01.04.2014, 09:09

Gern Geschehen

01.04.2014, 09:09	#12
schrauber /// the machine /// TB-Ausbilder	Unerklärliche PC abstürze Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Unerklärliche PC abstürze

Plagegeister aller Art und deren Bekämpfung: Unerklärliche PC abstürze