Nervtötende Werbung auf allen Websiten

Florian19 · 04.05.2014, 22:45

Hallo,
Ich habe wohl mehr als nur ein Problem und bin kurz davor einfach mal mein System komplett zu bereinigen.

Ich bekomme auf allen Webseiten mehrere Werbebanner, trotz Adblock.
Ich habe Grün unterstrichene Wörter die Werbung aufblenden lassen.
Es werden laufend neue Werbe Webseiten geöffnet und Pop-Ups aufgemacht die mit PC Sicherheit zutun haben.

Ich habe ein Normales Antivir und Spybot S&D zum Scannen.

Vielleicht mache ich aber auch einfach etwas grundlegendes falsch.

Ich habe Spybot und Antivir laufen lassen und anschließend Fabar laufen lassen, aber wie es aussieht hat das alles nichts geholfen.

Bitte um Hilfe
Mfg
Florian

schrauber · 05.05.2014, 06:50

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Florian19 · 05.05.2014, 11:23

Hier die Addition.txt: File-Upload.net - Addition.txt
Hier die FRST.txt: File-Upload.net - FRST_05-05-2014_11-40-37.txt

EDIT: Sorry, irgendwie kann ich keinen Link reinstellen. Wie kann ich die Dateien hier im Forum hochladen?

schrauber · 06.05.2014, 09:01

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Florian19 · 06.05.2014, 13:38

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-05-2014
Ran by Florian223 at 2014-05-05 12:20:00
Running from C:\Users\Florian223\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
a2zLyrics-16 (HKLM-x32\...\a2zLyrics-16) (Version: 1.29.153.0 - dealscompare) <==== ATTENTION
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12580 - Systweak Software) <==== ATTENTION
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
AppGraffiti (HKLM-x32\...\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1) (Version: 1.0.0.29 - Omega Partners Ltd)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{83331044-D350-569A-3AB2-524C864AC8A5}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar plus Web Protection (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0202}) (Version: 12.2.2.663 - Ask Partner Network)
BabylonObjectInstaller (HKLM-x32\...\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}) (Version: 2.0.0.4 - Babylon Ltd) <==== ATTENTION
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1012.0301 - Micro-Star International Co., Ltd.)
BearShare (HKLM-x32\...\BearShare) (Version: 10.0.0.112380 - Musiclab, LLC)
BEWERBUNGSMASTER (HKLM-x32\...\ST6UNST #1) (Version:  - )
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonanza Deals (remove only) (HKLM-x32\...\Bonanza Deals) (Version: 5.0.1.0 - Bonanza Deals) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Browser Guard (HKLM-x32\...\Browser Guard) (Version:  - )
Browser Manager (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - )
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon MP280 series Benutzerregistrierung (HKLM-x32\...\Canon MP280 series Benutzerregistrierung) (Version:  - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center InstallProxy (x32 Version: 2010.1110.1539.28046 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.1110.1539.28046 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2010.1110.1539.28046 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help English (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help French (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help German (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.1110.1538.28046 - ATI) Hidden
ccc-core-static (x32 Version: 2010.1110.1539.28046 - ATI) Hidden
ccc-utility64 (Version: 2010.1110.1539.28046 - ATI) Hidden
Cinema ProII Setup (HKLM-x32\...\{C13926BE-159B-4494-BEEC-AB6E207F70AD}) (Version: 1.0.0.10 - Micro-Star International Co., Ltd.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Click to Call with Skype (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8153 - Skype Technologies S.A.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Coupon Server (HKLM-x32\...\35852_Coupon Server) (Version: 1.1 - Smart Apps) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.10.0 - Delta) <==== ATTENTION
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Driver Pro v3.0 (HKLM-x32\...\Driver Pro_is1) (Version: 3.0 - PC Utilities Pro)
DVDVideoSoftTB Toolbar (HKLM-x32\...\DVDVideoSoftTB Toolbar) (Version: 6.8.9.0 - DVDVideoSoftTB)
ETDWare PS/2-x64 7.0.5.10_WHQL (HKLM\...\Elantech) (Version: 7.0.5.10 - ELAN Microelectronics Corp.)
Faceb662 version 1.5 (HKLM-x32\...\{D84B0E27-4DDF-46CB-8539-696F0F97C2D7}_is1) (Version: 1.5 - Faceb662)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Feven 1.5 (HKLM-x32\...\Feven 1.5) (Version: 1.32.153.0 - Feven) <==== ATTENTION
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version:  - ) <==== ATTENTION
FlexibleShopPer (HKLM-x32\...\{A30F3754-C0DC-8242-F3A9-52B360AE9798}) (Version:  - FlExIbleSHopoPerr) <==== ATTENTION
FoxyDeal (HKLM-x32\...\FoxyDeal) (Version: 1.1.0 - R&E Media GmbH)
Funmoods (HKLM-x32\...\funmoods) (Version:  - ) <==== ATTENTION
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gameforge Live 1.10.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.10.0 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{2A83AD05-56E6-3FBD-8752-B4143162EF59}) (Version: 4.9.1.16010 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HomeTab 4.4 (HKLM-x32\...\{327b0f8c-49d9-466c-a8ab-0c30310a3ad0}_is1) (Version: 4.4 - HomeTab) <==== ATTENTION
HomeTab 4.4 (HKLM-x32\...\{3a4935b3-b7a0-4065-8ccc-0030471b33f1}_is1) (Version: 4.4 - HomeTab) <==== ATTENTION
Hotspot Shield 3.32 (HKLM-x32\...\HotspotShield) (Version: 3.32 - AnchorFree Inc.)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{ECC840AB-FC9C-4DFA-A26A-C639CDA005BD}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
i-Charger (HKLM-x32\...\i-Charger_is1) (Version:  - msi, Inc.)
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.3276 - Bandoo Media Inc) <==== ATTENTION
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 4.10.0.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 4.10.0.0 - Iminent) Hidden <==== ATTENTION
IMinent Toolbar (HKLM-x32\...\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}) (Version: 3.26.0 - IMinent) <==== ATTENTION
Inbox Toolbar (HKLM-x32\...\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1) (Version: 1.0.0 - Inbox.com, Inc.)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LMMS 0.4.11 (HKLM-x32\...\lmms) (Version: 0.4.11 - LMMS Developers)
Lyrics-Pal (HKLM-x32\...\lrcspal@lyricspal.co) (Version:  - LyricsPal Soft. LTD) <==== ATTENTION
MAGIX Foto Manager 9 (HKLM-x32\...\MAGIX Foto Manager 9 D) (Version: 7.0.3.118 - MAGIX AG)
MAGIX Music Maker 16 Download-Version (HKLM-x32\...\MAGIX Music Maker 16 Download-Version D) (Version: 16.0.3.0 - MAGIX AG)
MAGIX Online Druck Service (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video easy SE (HKLM-x32\...\MAGIX_MSI_Video_easy_SE) (Version: 1.0.4.1 - MAGIX AG)
MAGIX Video easy SE (x32 Version: 1.0.4.1 - MAGIX AG) Hidden
Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version:  - Oberon Media)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Movies Toolbar for Chrome (Dist. by Bandoo Media, Inc.) (HKLM-x32\...\ilividmoviestoolbardlaGC) (Version: 1.5.0.0 - APN LLC) <==== ATTENTION
MSI Game Corner Console (HKLM-x32\...\{A86A4C1D-05B5-46B0-A808-1A15DCD17A17}_is1) (Version: 5.5.0.1 - Oberon Media, Inc.)
MSI HOUSE (HKLM-x32\...\{DA5597C9-9216-44FF-9670-D1E48817B998}) (Version: 10.07.1601 - MSI)
msi Software Install (HKLM-x32\...\{A840FFFB-3A80-4C24-AB34-BE9F56BEB4CE}) (Version: 3.1000.1005.1101 - Micro-Star International Co., Ltd.)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
mufin player 2.5 (HKLM-x32\...\MAGIX_MSI_mufin_player_2_5) (Version: 2.5.1.248 - mufin GmbH)
mufin player 2.5 (x32 Version: 2.5.1.248 - mufin GmbH) Hidden
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.1 - MusicBrainz)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.071 - Deutsche Telekom AG)
Netzmanager (Version: 1.071 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.7.2.3 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.13580 - Symantec Corporation)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version:  - Gameforge 4D GmbH)
NVIDIA PhysX v8.10.29 (HKLM-x32\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
PC Speed Maximizer v3.2 (HKLM-x32\...\PC Speed Maximizer_is1) (Version: 3.2 - Smart PC Solutions)
Plus-HD-3.8 (HKLM-x32\...\Plus-HD-3.8) (Version: 1.27.153.11 - Plus HD) <==== ATTENTION
Plus-HD-5.5 (HKLM-x32\...\Plus-HD-5.5) (Version: 1.33.153.1 - Plus HD) <==== ATTENTION
Plus-HD-7.6 (HKLM-x32\...\Plus-HD-7.6) (Version: 1.34.1.29 - Plus HD) <==== ATTENTION
PriceGong 2.6.4 (HKLM-x32\...\PriceGong) (Version: 2.6.4 - PriceGong) <==== ATTENTION
PricePeep (HKLM-x32\...\PricePeep) (Version: 2.2.0.2 - betwikx LLC) <==== ATTENTION
Protected Search 1.1 (HKLM-x32\...\Protected Search_is1) (Version:  - Protected Search) <==== ATTENTION
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RadioRage Internet Explorer Toolbar (HKLM-x32\...\RadioRage_4jbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.32.1111.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0168 - )
RebateInformer (HKLM-x32\...\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1) (Version: 1.0.0.83 - Inbox.com, Inc.)
RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.1 - Systweak Inc) <==== ATTENTION
Sanny Builder 3.04 (HKLM-x32\...\Sanny Builder 3_is1) (Version:  - )
SaveSense (remove only) (HKLM-x32\...\SaveSense) (Version: 5.3.0.6 - SaveSense) <==== ATTENTION
S-Bar (HKLM-x32\...\{297F53AA-3863-4CD5-A506-0F805630F1F4}) (Version: 20.011.02251 - MSI)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
simfy (HKLM-x32\...\Simfy) (Version: 1.4.9 - simfy GmbH)
simfy (x32 Version: 1.4.9 - simfy GmbH) Hidden
SiteRanker (HKLM-x32\...\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1) (Version: 1.0.0.21 - Crawler, LLC)
Skype™ 6.7 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.7.102 - Skype Technologies S.A.)
Snap.Do (HKLM-x32\...\{254006BC-97DE-4C82-A1A1-A2BAD2520083}) (Version: 10.239.1.14117 - ReSoft Ltd.) <==== ATTENTION
Snap.Do (HKLM-x32\...\{4333CA76-5C11-4D7C-AA07-C429D1C6B142}) (Version: 1.55.1.11210 - ReSoft Ltd.) <==== ATTENTION
Snap.Do (HKLM-x32\...\{B153BEB7-EF24-4323-8584-3FE956AAE7D1}) (Version: 1.149.1.12678 - ReSoft Ltd.) <==== ATTENTION
Socialbox (HKLM-x32\...\com.socialbox.socialbox) (Version: 2.114.2 - Zoosk, Inc.)
Socialbox (x32 Version: 2.114.2 - Zoosk, Inc.) Hidden
SpeedMaxPc (HKLM-x32\...\{1341F917-C3E5-413E-A11C-AA58273843C4}) (Version: 3.1.6.0 - SpeedMaxPc)
SpeedUpMyComputer (HKLM-x32\...\SpeedUpMyComputer) (Version: 38.1 - SmartTweak Software) <==== ATTENTION
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.13.0 - SRS Labs, Inc.)
Studie zur Verbesserung von HP Deskjet 1050 J410 series Produkten (HKLM\...\{32F69C20-FB09-4C40-A7B2-0E055D26867A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
SweetIM for Messenger 3.7 (HKLM-x32\...\{7683B745-6060-41FD-AA75-0BBB383FEAD4}) (Version: 3.7.0005 - SweetIM Technologies Ltd.) <==== ATTENTION
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Technitium MAC Address Changer v6.0.3 (HKLM-x32\...\TMACv6.0) (Version: 6.0.3 - Technitium)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
topDEal (HKLM-x32\...\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}) (Version:  - teOpdieal)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D7D96A96-F61F-48AD-B2DC-4F4B6938D2AB}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
VIS (HKLM-x32\...\VIS) (Version:  - ) <==== ATTENTION
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
VuuPC, You're Always a Click Away! (HKLM-x32\...\VuuPC) (Version: 1.0.0.267 - VuuPC Limited)
Wajam (HKLM-x32\...\Wajam) (Version: 2.02 - Wajam) <==== ATTENTION
WeatherBug Alert (HKLM-x32\...\{7426428E-71D4-452C-BA13-B14E5EB52859}) (Version: 1.3.0.1 - AWS Convergence Technologies)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Utils (HKLM-x32\...\Windows Utils) (Version:  - )
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
WPM17.8.0.3159 (HKLM-x32\...\WPM) (Version: 17.8.0.3159 - Cherished Technololgy LIMITED) <==== ATTENTION
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Suche Schutzvorkehrung (HKLM-x32\...\Yahoo! Search Defender) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2012-12-16 17:15 - 00000857 ____A C:\windows\system32\Drivers\etc\hosts
cybertest21.no-ip.org localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {009C518B-90AE-446A-ADB5-0EACF0917DB4} - System32\Tasks\a2zLyrics-16-codedownloader => C:\Program Files (x86)\a2zLyrics-16\a2zLyrics-16-codedownloader.exe [2013-10-19] (dealscompare) <==== ATTENTION
Task: {02F108DA-C95E-4702-A94C-8A7F6E865136} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {0377483A-AB0A-469D-BF73-44B34B240611} - \Feven 1.5-firefoxinstaller No Task File <==== ATTENTION
Task: {067E0420-4D6C-47DD-9B82-DE16D72A3FED} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: {0DC7DEA4-1F69-4275-BFA6-F376370A0A60} - \Feven 1.5-enabler No Task File <==== ATTENTION
Task: {1259C9EA-CB1A-4CF3-BE3D-29EAC1784DDB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1004Core => C:\Users\Florian.michaela-MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {143B9354-5463-4B04-BA47-8EFDBD025A68} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000Core => C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-25] (Facebook Inc.)
Task: {182D53F9-EAAF-48D8-A99B-0FCEA633892C} - \DigitalSite No Task File <==== ATTENTION
Task: {1D504B4C-689E-4F9A-8753-911C15C449B3} - System32\Tasks\{F5E0F700-A602-46D1-9F5C-ECB45AF14864} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {1FB42B0A-FDEF-47AC-B4F2-56084FD6F3D2} - System32\Tasks\Plus-HD-7.6-enabler => C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-enabler.exe [2014-02-03] (Plus HD) <==== ATTENTION
Task: {1FD530C9-B35E-41C8-A42E-FAA107C3B986} - \Plus-HD-3.8-chromeinstaller No Task File <==== ATTENTION
Task: {208B6EB3-1FF8-4A59-881C-EF1C50C17006} - System32\Tasks\a2zLyrics-16-chromeinstaller => C:\Program Files (x86)\a2zLyrics-16\a2zLyrics-16-chromeinstaller.exe <==== ATTENTION
Task: {220F4FD4-4DC3-4AF9-ABDF-AA9C6D7CFD23} - \Software Updater No Task File <==== ATTENTION
Task: {2E6E9B1B-5A59-4B69-8762-D6D449AB2AA2} - \Plus-HD-3.8-codedownloader No Task File <==== ATTENTION
Task: {3484BDDC-8B82-4CC6-ADD4-8318983FAF15} - System32\Tasks\SpeedMaxPc Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SpeedMaxPc\UUS3\UUS3.dll" RunUns
Task: {3E50C3B5-B059-40A5-9783-45256BA18151} - System32\Tasks\Plus-HD-5.5-updater => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-updater.exe [2014-01-05] (Plus HD) <==== ATTENTION
Task: {3F581B3F-93D4-4E6C-87FF-B44B904FC72A} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-01-19] (SaveSense) <==== ATTENTION
Task: {414B786B-2A08-4C8C-A55F-3401AD5A9820} - System32\Tasks\Plus-HD-7.6-firefoxinstaller => C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-firefoxinstaller.exe [2014-02-03] (Plus HD) <==== ATTENTION
Task: {49C9105C-25F5-49DA-9427-E0F97C43ECF8} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2014-01-19] (BonanzaDeals) <==== ATTENTION
Task: {4ACAFFD4-1F92-42C0-83E8-6F1C7C8EE360} - \Feven 1.5-chromeinstaller No Task File <==== ATTENTION
Task: {4ACE38D2-5563-4948-B687-33D6D706747D} - System32\Tasks\VuuPCUpdateLogin => C:\Program Files (x86)\VuuPC\VuuPCUpdater.exe [2014-02-10] (VuuPC Limited)
Task: {4D6E8C9E-BC0F-4645-802B-3D360992E0EA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1004UA => C:\Users\Florian.michaela-MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {4E73FC1A-FBAD-4125-84D7-3F70C775F725} - System32\Tasks\{CA15F4E7-2604-4724-B0FC-276951D98F1B} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/en/abandoninstall?page=tsProgressBar
Task: {507261EC-F864-4BC6-8BB6-C7F457222592} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {535033E4-4FAA-4920-A5B6-EBEC5ACCA244} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000UA => C:\Users\michaela\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {53BB09B7-AA82-4987-B3AB-C51EB6531815} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {55605355-442F-4B3D-AAC9-00F85AB364A4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000Core => C:\Users\michaela\AppData\Local\Google\Update\GoogleUpdate.exe [2013-02-07] (Google Inc.)
Task: {5B975147-1AE0-4838-B5EF-B3C2C0E4EA21} - System32\Tasks\{AE71045C-9BE9-45E5-A227-02A615F9BD1A} => Firefox.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {5C7515BD-B2EF-45B0-A8E6-2E8C78A02C00} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: {5D8082E9-A2EE-478C-988C-0F63CFFEEE1A} - System32\Tasks\{A9A70C2D-8725-47BA-857A-BCA5D46B74C4} => Chrome.exe hxxp://ui.skype.com/ui/0/6.9.0.106/en/abandoninstall?page=tsProgressBar
Task: {6B99BF0D-A8B6-4478-9449-53C2CD1F0BF9} - System32\Tasks\SpeedMaxPc => C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe [2013-03-13] (SpeedMaxPc)
Task: {6E71C6FD-3F82-4E9A-9F25-C4D06D28092F} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {6F58A7B5-DE40-4DFA-89F0-E4A570ADA3BD} - System32\Tasks\Plus-HD-5.5-firefoxinstaller => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-firefoxinstaller.exe [2014-01-05] (Plus HD) <==== ATTENTION
Task: {71CB4F5D-5B62-4A29-A42F-CD9BB4975D70} - \Plus-HD-3.8-updater No Task File <==== ATTENTION
Task: {73FDFF02-5CA7-404B-9235-EA3D233B216C} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: {787D306A-E9F7-42B9-A65B-BC3C6CA73C68} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
Task: {7B74E17A-2CC1-40FB-BB68-664B6E4C36EA} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2014-01-19] (SaveSense) <==== ATTENTION
Task: {7C98A424-E396-4AD2-A59F-F280C4132F3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-27] (Google Inc.)
Task: {7E31213B-C003-429A-A088-6823E5911C64} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {82D73DD4-E6C8-41C6-8F7D-5786DF5C6B59} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-01-15] (Systweak) <==== ATTENTION
Task: {859DC3C6-0D41-4F07-9D12-68231450F600} - \Plus-HD-3.8-enabler No Task File <==== ATTENTION
Task: {86D8E702-8AB8-436E-8E49-55AA8F66FA4E} - System32\Tasks\VuuPCUpdate => C:\Program Files (x86)\VuuPC\VuuPCUpdater.exe [2014-02-10] (VuuPC Limited)
Task: {929BA62F-027E-4F4F-876F-B545B05EEA3F} - System32\Tasks\Plus-HD-5.5-enabler => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-enabler.exe [2014-01-05] (Plus HD) <==== ATTENTION
Task: {932E0523-9C14-4B5B-8961-ECDC4EBA3662} - \Feven 1.5-codedownloader No Task File <==== ATTENTION
Task: {946BC705-FA0F-4EB7-A439-E0C021B9C280} - \Feven 1.5-updater No Task File <==== ATTENTION
Task: {966773C8-10CD-4420-93DF-2BDCBF4BE350} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation)
Task: {9C819BF0-1748-41C2-BB31-D136570ED2A0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {9F4C7490-A761-48D1-93C5-1BF51B3BEFC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-27] (Google Inc.)
Task: {A6200F54-B157-4AA9-80EE-692070C4FEE3} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2014-01-19] (BonanzaDeals) <==== ATTENTION
Task: {A90F5D33-A75C-414D-9747-54BF27AF7B3D} - \ProtectedSearch\Protected Search No Task File <==== ATTENTION
Task: {AA82EDA2-F611-4B49-8305-2312FB0515BE} - System32\Tasks\bench-S-1-5-21-2611249187-1414960373-3837357557-1017 => C:\Program Files (x86)\Bench\Updater\updater.exe [2013-12-20] () <==== ATTENTION
Task: {AEBE71E9-3FDC-464E-8B10-316ACCA2E903} - System32\Tasks\Plus-HD-7.6-validator => C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-validator.exe [2014-02-03] (Plus HD) <==== ATTENTION
Task: {B333A9F9-7BB8-48FB-B34A-4E8AF1764504} - \YourFile Update No Task File <==== ATTENTION
Task: {B98E9850-5681-42EC-98B1-49C94291A4A7} - System32\Tasks\Plus-HD-7.6-updater => C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-updater.exe [2014-02-03] (Plus HD) <==== ATTENTION
Task: {B990713F-D2FA-46B8-BDEA-206DED6EF0E1} - System32\Tasks\SaveSense => C:\Users\Michaela123\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {BC248B81-84B4-4A67-AA61-A86E108B4FC2} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== ATTENTION
Task: {C3CED1BB-99C3-4AB2-907C-705B78FB93B3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000UA => C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-25] (Facebook Inc.)
Task: {C814A966-732F-4BB1-8EF0-33C943CA4067} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2013-12-20] () <==== ATTENTION
Task: {C895649A-16FF-44B9-AF42-EDABAB46FD9D} - System32\Tasks\SpeedMaxPc Update3 => C:\Program Files (x86)\Common Files\SpeedMaxPc\UUS3\Update3.exe [2013-03-13] (SpeedMaxPc)
Task: {D21D56F1-9171-4ED4-B3CB-66ECE6F55853} - System32\Tasks\Plus-HD-5.5-codedownloader => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-codedownloader.exe [2014-01-05] (Plus HD) <==== ATTENTION
Task: {D54800AD-E9F4-4B9E-B660-A6F8530C6428} - \Lyrics-Pal Update No Task File <==== ATTENTION
Task: {E1DDF58D-F682-4786-B660-0F3D4D09199C} - System32\Tasks\Plus-HD-7.6-codedownloader => C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-codedownloader.exe [2014-02-03] (Plus HD) <==== ATTENTION
Task: {E8486DE8-E5C4-4F2D-BC81-4279E40D25D0} - \Software Updater Ui No Task File <==== ATTENTION
Task: {E92C87EA-BC14-47FD-86E3-11FB60773470} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {EA98FA4F-6577-41E7-B99B-CD3FEFBF983C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EB1F4AD3-8A7B-4C88-8CB8-7A2252A45E03} - System32\Tasks\Plus-HD-5.5-chromeinstaller => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-chromeinstaller.exe [2014-01-05] (Plus HD) <==== ATTENTION
Task: {F0087DA1-12F4-4EBB-B409-4B7AE9F19D5E} - \Browser Updater\Browser Updater No Task File <==== ATTENTION
Task: {F1F27C3C-9CB9-45E8-8ADF-1DAD42CD678B} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: C:\windows\Tasks\a2zLyrics-16-chromeinstaller.job => C:\Program Files (x86)\a2zLyrics-16\a2zLyrics-16-chromeinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\a2zLyrics-16-codedownloader.job => C:\Program Files (x86)\a2zLyrics-16\a2zLyrics-16-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\bench-S-1-5-21-2611249187-1414960373-3837357557-1017.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000Core.job => C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000UA.job => C:\Users\michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1004Core.job => C:\Users\Florian.michaela-MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1004UA.job => C:\Users\Florian.michaela-MSI\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000Core.job => C:\Users\michaela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000UA.job => C:\Users\michaela\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Plus-HD-5.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-chromeinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-5.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-5.5-enabler.job => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-5.5-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-5.5-updater.job => C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-updater.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-7.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-codedownloader.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-7.6-enabler.job => C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-enabler.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-7.6-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-firefoxinstaller.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-7.6-updater.job => C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-updater.exe <==== ATTENTION
Task: C:\windows\Tasks\Plus-HD-7.6-validator.job => C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-validator.exe <==== ATTENTION
Task: C:\windows\Tasks\SaveSense.job => C:\Users\MICHAE~2\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\windows\Tasks\SpeedMaxPc Registration3.job => C:\Program Files (x86)\Common Files\SpeedMaxPc\UUS3\UUS3.dll
Task: C:\windows\Tasks\SpeedMaxPc Update3.job => C:\Program Files (x86)\Common Files\SpeedMaxPc\UUS3\Update3.exe
Task: C:\windows\Tasks\SpeedMaxPc.job => C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
Task: C:\windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION
Task: C:\windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-11-27 11:59 - 2010-04-05 21:55 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-10-16 19:02 - 2013-10-16 19:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2005-06-07 21:26 - 2005-06-07 21:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR 3.61 Multi\rarext64.dll
2014-02-27 19:09 - 2014-02-27 19:09 - 00049664 _____ () C:\Program Files (x86)\Bench\BService\bservice.exe
2014-02-27 19:09 - 2014-02-27 19:09 - 00060416 _____ () C:\Program Files (x86)\Bench\Wd\wd.exe
2013-10-16 19:01 - 2013-10-16 19:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-08-19 18:30 - 2013-08-19 18:29 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-01 22:17 - 2012-07-25 13:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-03-01 22:17 - 2014-01-15 19:53 - 01731312 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-03-01 22:17 - 2012-07-25 13:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2014-02-27 19:09 - 2014-02-27 19:09 - 00049664 _____ () C:\Program Files (x86)\Bench\BService\bhelper.dll
2013-10-17 17:45 - 2013-10-17 17:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 14:42 - 2013-06-05 15:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2014-04-29 20:11 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-29 20:11 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-29 20:11 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-29 20:11 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-29 20:11 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-29 20:11 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-29 20:11 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:4CF61E54
AlternateDataStreams: C:\ProgramData\TEMP:AB689DEA
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\Users\Florian1\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Florian1\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliSrvc => 3
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssSrv => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TelevisionFanaticService => 2
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: WajamUpdater => 2
MSCONFIG\startupfolder: C:^Users^Florian.michaela-MSI^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ctfmon.lnk => C:\windows\pss\ctfmon.lnk.Startup
MSCONFIG\startupreg: 1 => C:\Users\Florian.michaela-MSI\AppData\Local\Temp\aimbot.exe
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: Cinema ProII AP => C:\Program Files (x86)\MSI\Cinema ProII\CinemaProII.exe
MSCONFIG\startupreg: Cinema ProII Controler => C:\Program Files (x86)\MSI\Cinema ProII\Cinema ProII Controler.exe
MSCONFIG\startupreg: ETDWare => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: FixMyRegistry => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
MSCONFIG\startupreg: HKCU => C:\Users\Florian.michaela-MSI\AppData\Roaming\InstallDir\sound.exe
MSCONFIG\startupreg: IMBooster => C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe /warmup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MS Sound Drivers => C:\Users\Florian.michaela-MSI\AppData\Local\Temp\943mssounds.exe
MSCONFIG\startupreg: My => C:\Users\Florian.michaela-MSI\Desktop\scrpit lf4.exe
MSCONFIG\startupreg: NortonOnlineBackup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: PCPowerSpeed => "C:\Program Files (x86)\PCPowerSpeed\PCPowerTray.exe" /startup
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: S-Bar => %PROGRAMFILES%\S-Bar\S-Bar.exe
MSCONFIG\startupreg: SDP => C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto 
MSCONFIG\startupreg: SiteRanker => "C:\Program Files (x86)\SiteRanker\SiteRankTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SpeedUpMyComputer => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe /ot /as /ss
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: svh0st.exe => C:\Users\Florian.michaela-MSI\Desktop\scrpit lf4.exe
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: system module => C:\windows\system32\MSDCSC\sys.exe
MSCONFIG\startupreg: TelevisionFanatic Browser Plugin Loader => C:\PROGRA~2\TELEVI~2\bar\1.bin\64brmon.exe
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: winupdater => C:\windupdt\winupdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/05/2014 00:20:09 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (05/05/2014 00:20:09 PM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (05/05/2014 11:36:57 AM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (05/05/2014 11:36:57 AM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (05/04/2014 11:33:06 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\FLORIA~2\AppData\Local\Temp\set6C04.tmp -deleter -l0x7 -removeonly -your_launchersetup.exe -clone_of"C:\Program Files (x86)\InstallShield Installation Information\{086BADF8-9B1F-4E89-B207-2EDA520972D6}\"; Beschreibung = Entfernt Grand Theft Auto San Andreas; Fehler = 0x80042302).

Error: (05/04/2014 11:33:06 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "GetProviderMgmtInterface" ist ein unerwarteter Fehler aufgetreten. hr = 0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten.
.

Error: (05/04/2014 11:33:06 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (05/04/2014 11:33:06 PM) (Source: VSS) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} und dem Namen "SW_PROV" kann nicht gestartet werden. [0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
]


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (05/04/2014 11:25:01 PM) (Source: Microsoft-Windows-User Profiles Service) (User: michaela-MSI)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\Samantha. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden. 

 DETAIL - Das Verzeichnis ist nicht leer.

Error: (05/04/2014 07:00:09 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Fehler beim Bestimmen des Bibliothekenspeicherorts eines der in die Scherung eingeschlossenen Benutzer durch die Windows-Sicherung. (0x81000031)"


System errors:
=============
Error: (05/05/2014 11:26:22 AM) (Source: DCOM) (User: )
Description: {9EA8702C-EEDB-4731-BE68-E9A167DD3597}

Error: (05/05/2014 11:26:09 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (05/05/2014 11:26:09 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (05/05/2014 11:26:09 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (05/05/2014 11:25:22 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (05/05/2014 11:25:14 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM

Error: (05/05/2014 11:25:14 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (05/05/2014 11:25:14 AM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_COMPLETE

Error: (05/04/2014 09:42:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/04/2014 03:34:09 PM) (Source: RTL8192Ce) (User: )
Description: OID_SCAN_NUM


Microsoft Office Sessions:
=========================
Error: (05/05/2014 00:20:09 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (05/05/2014 00:20:09 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (05/05/2014 11:36:57 AM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (05/05/2014 11:36:57 AM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (05/04/2014 11:33:06 PM) (Source: System Restore)(User: )
Description: C:\Users\FLORIA~2\AppData\Local\Temp\set6C04.tmp -deleter -l0x7 -removeonly -your_launchersetup.exe -clone_of"C:\Program Files (x86)\InstallShield Installation Information\{086BADF8-9B1F-4E89-B207-2EDA520972D6}\"Entfernt Grand Theft Auto San Andreas0x80042302

Error: (05/04/2014 11:33:06 PM) (Source: VSS)(User: )
Description: GetProviderMgmtInterface0x8004230f, Unerwarteter Fehler beim Schattenkopieanbieter bei dem Versuch, den angegebenen Vorgang zu verarbeiten.

Error: (05/04/2014 11:33:06 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (05/04/2014 11:33:06 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Anbieterverwaltungsschnittstelle wird abgerufen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: -1
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}

Error: (05/04/2014 11:25:01 PM) (Source: Microsoft-Windows-User Profiles Service)(User: michaela-MSI)
Description: C:\Users\SamanthaDas Verzeichnis ist nicht leer.

Error: (05/04/2014 07:00:09 PM) (Source: Windows Backup)(User: )
Description: Fehler beim Bestimmen des Bibliothekenspeicherorts eines der in die Scherung eingeschlossenen Benutzer durch die Windows-Sicherung. (0x81000031)


==================== Memory info =========================== 

Percentage of memory in use: 74%
Total physical RAM: 2683.76 MB
Available physical RAM: 682.52 MB
Total Pagefile: 9577.14 MB
Available Pagefile: 1037.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:272.19 GB) (Free:179.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:181.47 GB) (Free:181.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 86B3C551)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=272 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=181 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Florian19 · 06.05.2014, 13:39

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-05-2014
Ran by Florian223 (administrator) on MICHAELA-MSI on 05-05-2014 11:32:24
Running from C:\Users\Florian223\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\S-Bar\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(COMPANYVERS_NAME) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ClickMeIn Limited) C:\Program Files (x86)\VuuPC\Connectivity.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ClickMeIn Limited) C:\Program Files (x86)\VuuPC\RemoteEngine.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccsvchst.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
( ) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe
(VER_COMPANY_NAME) C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon64.exe
() C:\Program Files (x86)\Bench\BService\bservice.exe
() C:\Program Files (x86)\Bench\Wd\wd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_13_0_0_206_ActiveX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\consent.exe
(ClickMeIn Limited) C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe
(ClickMeIn Limited) C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [RadioRage Home Page Guard 64 bit] => C:\Program Files (x86)\RadioRage_4j\bar\1.bin\AppIntegrator64.exe [485448 2014-02-15] ( )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM-x32\...\Run: [TelevisionFanatic Search Scope Monitor] => "C:\PROGRA~2\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [RadioRage EPM Support] => C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jmedint.exe [12872 2014-02-15] (Mindspark Interactive Network, Inc.)
HKLM-x32\...\Run: [RadioRage Search Scope Monitor] => C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrchMn.exe [55368 2014-02-15] (Mindspark)
HKLM-x32\...\Run: [RadioRage_4j Browser Plugin Loader] => C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon.exe [61512 2014-02-15] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [RadioRage_4j Browser Plugin Loader 64] => C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbrmon64.exe [71752 2014-02-15] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [BService] => C:\Program Files (x86)\Bench\BService\bservice.exe [49664 2014-02-27] ()
HKLM-x32\...\Run: [Wd] => C:\Program Files (x86)\Bench\Wd\wd.exe [60416 2014-02-27] ()
HKLM-x32\...\Runonce: [Coupon Server-repairJob] - wscript.exe "C:\Users\Michaela123\AppData\Local\Coupon Server\repair.js" "Coupon Server-repairJob" [X]
HKU\S-1-5-21-2611249187-1414960373-3837357557-1011\...\Run: [fTalk] => C:\Users\MICHAELA1\AppData\Local\fTalk\fTalk.exe [9428528 2013-06-27] (Koyote-Lab Inc.)
HKU\S-1-5-21-2611249187-1414960373-3837357557-1011\...\Run: [Messenger (Yahoo!)] => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
HKU\S-1-5-21-2611249187-1414960373-3837357557-1011\...\Run: [Search Protection] => C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856 2009-02-23] (Yahoo! Inc)
HKU\S-1-5-21-2611249187-1414960373-3837357557-1011\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\S-1-5-21-2611249187-1414960373-3837357557-1011\...\Run: [AppsHat] => C:\Users\MICHAELA1\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
HKU\S-1-5-21-2611249187-1414960373-3837357557-1011\...\Run: [TBHostSupport] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\MICHAELA1\AppData\Local\TBHostSupport\TBHostSupport_0.dll",DLLRunTBHostSupportPlugin <===== ATTENTION
HKU\S-1-5-21-2611249187-1414960373-3837357557-1011\...\Run: [lollipop_11061441] => lollipop_11061441
HKU\S-1-5-21-2611249187-1414960373-3837357557-1011\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2611249187-1414960373-3837357557-1011\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2611249187-1414960373-3837357557-1018\...\Run: [SpeedUpMyComputer] => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe [2054776 2013-07-22] ()
HKU\S-1-5-21-2611249187-1414960373-3837357557-1018\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2611249187-1414960373-3837357557-1018\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1344800 2014-01-29] (Conduit)
AppInit_DLLs:  c:\progra~3\wincert\win64c~1.dll => c:\progra~3\wincert\win64c~1.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS PC Sound.lnk
ShortcutTarget: SRS PC Sound.lnk -> C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe (SRS Labs, Inc.)
InternetURL: C:\Users\Florian1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Faceb662.url -> hxxp://faceb662.eu/earn/
Startup: C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)
Startup: C:\Users\michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Socialbox.lnk
ShortcutTarget: Socialbox.lnk -> C:\Program Files (x86)\Socialbox\Socialbox.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2611249187-1414960373-3837357557-1010\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1380557861592&tguid=66920-6787-1380557861592-C2C6B61006A6431E590DFAF678EAB5B5&st=chrome&q=
URLSearchHook: HKLM-x32 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
URLSearchHook: HKCU - (No Name) - {3c35ad63-af1d-4e21-b484-b6651a8efcf9} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (Mindspark)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388005201&from=tugs&uid=HitachiXHTS545050B9A300_110201PBN418M7EV2ADEX&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=400&systemid=406&apn_uid=1776316604834059&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
SearchScopes: HKLM - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=vsl&chnl=vsl&cd=2XzuyEtN2Y1L1Qzu0EtD0Bzy0AyDtD0C0A0ByDyC0B0BtC0AtN0D0Tzu0CtAtDtCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1964685818
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=bb57e530-ed2d-c65f-5983-99a34bdb02e1&searchtype=ds&q={searchTerms}&installDate=29/12/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=bb57e530-ed2d-c65f-5983-99a34bdb02e1&searchtype=ds&q={searchTerms}&installDate=29/12/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {110a9ea2-8810-4c04-b916-cfd4e9427fec} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZX^stu238^YYA^de&ptb=1A764C3E-1D86-4AC3-BDEA-42D95E838084&ind=2014021514&n=780b878a&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm049YYde&ptnrS=XPxdm049YYde&si=2271&ptb=157922C7-260E-4B64-B3A1-C24B91B3D2F6&psa=&ind=2013122819&st=sb&n=77fdd103&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Feven 1.5 - {11111111-1111-1111-1111-110311851132} -  No File
BHO: Plus-HD-5.5 - {11111111-1111-1111-1111-110411901160} - C:\Program Files (x86)\Plus-HD-5.5\Plus-HD-5.5-bho64.dll (Plus HD)
BHO: Plus-HD-7.6 - {11111111-1111-1111-1111-110511071178} - C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho64.dll (Plus HD)
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: ValueApps - {93DBF2BB-A2B3-4683-A92E-57E60751F346} - C:\Program Files\Conduit\ValueApps\IE\ValueAppsLoader.dll (Conduit Ltd.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Coupon Server BHO - {F791D8AE-47E8-40A5-A913-EB2D2AF29602} - C:\Program Files (x86)\Coupon Server\FrameworkBHO64.dll ()
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -  No File
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll (Browser Guard)
BHO-x32: ProxTube - {0AA2810A-F009-4BD7-A10A-32F140A1B9F3} -  No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: SaveSense - {0f21b1e5-5afc-43c9-9c66-515046e92ec2} - C:\Program Files (x86)\SaveSense\SaveSenseIE.dll (SaveSense)
BHO-x32: Feven 1.5 - {11111111-1111-1111-1111-110311851132} -  No File
BHO-x32: Plus-HD-7.6 - {11111111-1111-1111-1111-110511071178} - C:\Program Files (x86)\Plus-HD-7.6\Plus-HD-7.6-bho.dll (Plus HD)
BHO-x32: No Name - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} -  No File
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} -  No File
BHO-x32: No Name - {31ad400d-1b06-4e33-a59a-90c2c140cba0} -  No File
BHO-x32: No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
BHO-x32: Lyrics-Pal - {436d7c25-2977-4342-ad2a-84c05cc66881} -  No File
BHO-x32: Toolbar BHO - {48909954-14fb-4971-a7b3-47e7af10b38a} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (Mindspark)
BHO-x32: TBSB01620 Class - {58124A0B-DC32-4180-9BFF-E0E21AE34026} -  No File
BHO-x32: Search Assistant BHO - {5848763c-2668-44ca-adbe-2999a6ee2858} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jSrcAs.dll (Mindspark)
BHO-x32: Search Assistant BHO - {5d79f641-c168-40df-a32f-bacea7509e75} -  No File
BHO-x32: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: No Name - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} -  No File
BHO-x32: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {872b5b88-9db5-4310-bdd0-ac189557e5f5} -  No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -  No File
BHO-x32: HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} -  No File
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} -  No File
BHO-x32: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} -  No File
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: HomeTab - {ba696155-d96e-4281-b467-0367a0456474} -  No File
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -  No File
BHO-x32: No Name - {cb41fc95-f1b3-4797-8bb6-1012ff62abba} -  No File
BHO-x32: No Name - {CCB69577-088B-4004-9ED8-FF5BCC83A039} -  No File
BHO-x32: No Name - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} -  No File
BHO-x32: Coupon Server BHO - {F791D8AE-47E8-40A5-A913-EB2D2AF29602} - C:\Program Files (x86)\Coupon Server\FrameworkBHO.dll ()
BHO-x32: No Name - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -  No File
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - IMinent Toolbar - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -  No File
Toolbar: HKLM-x32 - &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} -  No File
Toolbar: HKLM-x32 - No Name - {c98d5b61-b0ea-4d48-9839-1079d352d880} -  No File
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -  No File
Toolbar: HKLM-x32 - No Name - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - HomeTab - {ba696155-d96e-4281-b467-0367a0456474} -  No File
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} -  No File
Toolbar: HKLM-x32 - RadioRage - {78ba36c9-6036-482b-b48d-ecca6f964b84} - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbar.dll (Mindspark)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} -  No File
Handler: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} -  No File
Handler-x32: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RadioRage_4j.com/Plugin - C:\Program Files (x86)\RadioRage_4j\bar\1.bin\NP4jStub.dll (Mindspark)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: Click to call with Skype - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-10-21]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn_2011_7_13_2 [2014-05-04]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR StartupUrls: "hxxp://www.google.com"
CHR Extension: (Plus-HD-5.5) - C:\Users\Florian223\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoilcbjfkbdplcfglkiedhefcomondlk [2014-04-15]
CHR Extension: (Google Drive) - C:\Users\Florian223\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-11]
CHR Extension: (YouTube) - C:\Users\Florian223\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-11]
CHR Extension: (Adblock Plus) - C:\Users\Florian223\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-12]
CHR Extension: (Google-Suche) - C:\Users\Florian223\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-11]
CHR Extension: (AirDroid) - C:\Users\Florian223\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2014-04-29]
CHR Extension: (Plus-HD-7.6) - C:\Users\Florian223\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmkpokpaimeklljpdkakobjepcnpmhok [2014-04-15]
CHR Extension: (Google Wallet) - C:\Users\Florian223\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-11]
CHR Extension: (Google Mail) - C:\Users\Florian223\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-11]
CHR Extension: (FlexibleShopPer) - C:\ProgramData\ldolbfnemdcnlmhmgpkehneiccmhhkid [2013-12-22]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\FLORIA~1.MIC\AppData\Local\funmoods.crx [2013-12-22]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\FLORIA~1.MIC\AppData\Local\funmoods-speeddial_sf.crx [2013-12-22]
CHR HKLM-x32\...\Chrome\Extension: [aaaaabcbmongicmdegkmmfgdickgnnob] - C:\Users\MICHAELA1\AppData\Local\ilividmoviestoolbardla\GC\toolbar.crx [2013-12-22]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-12-22]
CHR HKLM-x32\...\Chrome\Extension: [ahilkiibpgjnonbhdfkkgjddddmapala] - C:\Users\Florian1\AppData\Local\CRE\ahilkiibpgjnonbhdfkkgjddddmapala.crx [2012-05-07]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\FLORIA~1.MIC\AppData\Local\funmoods.crx [2012-05-07]
CHR HKLM-x32\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx [2012-05-07]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.4\pricegong.crx [2012-05-07]
CHR HKLM-x32\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\Florian1\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx [2012-05-08]
CHR HKLM-x32\...\Chrome\Extension: [chakodcglgpacmjpjfaoopegbglbollk] - C:\Users\Florian.michaela-MSI\AppData\LocalLow\ProxTube\CHROME\ProxTube.crx [2012-05-08]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\FLORIA~1.MIC\AppData\Local\funmoods-speeddial_sf.crx [2012-05-08]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2012-05-08]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Florian1.michaela-MSI\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-05-08]
CHR HKLM-x32\...\Chrome\Extension: [jhjgfmbkeimlmjfijfgkjincpdaejnkp] - C:\Users\MICHAELA1\AppData\Local\CRE\jhjgfmbkeimlmjfijfgkjincpdaejnkp.crx [2013-06-09]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Florian.michaela-MSI\AppData\Local\Wajam\Chrome\wajam.crx [2013-06-09]
CHR HKLM-x32\...\Chrome\Extension: [kfepagcelbegkpkcjgfeecmlnmkedjin] - C:\Program Files (x86)\Browser Guard\browserguard.crx [2013-08-27]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\MICHAELA1\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-08-27]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Florian1.michaela-MSI\AppData\Local\CRE\leocdeigfnkaojcapikdjcdbedcjmffc.crx [2013-08-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-08-16]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\Florian1.michaela-MSI\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files (x86)\1ClickDownload\oneclickdownloader11.crx [2013-12-21]
CHR HKLM-x32\...\Chrome\Extension: [pnbbffeddnekkhjmokkhdebbfbibbflc] - C:\Program Files (x86)\LyricsPal\128.crx [2013-12-21]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-18] (Avira Operations GmbH & Co. KG)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2014-01-19] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2014-01-19] (BonanzaDeals)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-10-25] (IObit)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [160768 2011-02-25] (Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-17] (MSI)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008 2011-04-17] (Symantec Corporation)
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-03-06] (Symantec Corporation)
S4 OberonGameConsoleService; C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [44432 2010-01-28] ()
R2 RadioRage_4jService; C:\Program Files (x86)\RadioRage_4j\bar\1.bin\4jbarsvc.exe [88648 2014-02-15] (COMPANYVERS_NAME)
R2 RemoteEngineService; C:\Program Files (x86)\VuuPC\remoteengine.exe [2967568 2014-02-10] (ClickMeIn Limited)
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-01-19] (SaveSense)
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2014-01-19] (SaveSense)
R2 VuuPCConnectivity; C:\Program Files (x86)\VuuPC\Connectivity.exe [4747280 2014-02-10] (ClickMeIn Limited)
S2 APNMCP; "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-07-12] (Symantec Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-11-13] (AnchorFree Inc.)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20130726.001\IDSvia64.sys [513184 2013-07-19] (Symantec Corporation)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130727.004\ENG64.SYS [126040 2013-07-12] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20130727.004\EX64.SYS [2098776 2013-07-12] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-15] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-08-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-21] (Symantec Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-09-17] (Anchorfree Inc.)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 MGHwCtrl; \??\C:\Program Files\msi\msi Software Install\MGHwCtrl.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 X6va015; \??\C:\windows\SysWOW64\Drivers\X6va015 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-05 11:32 - 2014-05-05 11:33 - 00037828 _____ () C:\Users\Florian223\Downloads\FRST.txt
2014-05-05 11:31 - 2014-05-05 11:32 - 00000000 ____D () C:\FRST
2014-05-05 11:31 - 2014-05-05 11:31 - 02062336 _____ (Farbar) C:\Users\Florian223\Downloads\FRST64.exe
2014-05-04 22:50 - 2014-05-04 22:50 - 00003160 _____ () C:\windows\System32\Tasks\{33A89801-84CD-4A32-9CAD-EB56813C425E}
2014-05-04 15:36 - 2014-05-04 15:36 - 00003120 _____ () C:\windows\System32\Tasks\Advanced System Protector_startup
2014-05-02 20:41 - 2014-05-02 20:41 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 20:40 - 2014-05-02 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 20:40 - 2014-05-02 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-02 20:40 - 2014-05-02 20:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-02 20:40 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-05-02 20:40 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-05-02 20:40 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-05-02 18:12 - 2010-10-17 01:17 - 00814009 _____ () C:\Users\Florian223\Desktop\Holzhacker 1.0 By WiiZocker 64 Bit.exe
2014-05-01 19:11 - 2013-02-11 18:44 - 00810085 _____ () C:\Users\Florian223\Desktop\Tastendrücker 64Bit.exe
2014-05-01 14:48 - 2014-05-02 13:18 - 00000000 ____D () C:\Users\Michaela123\AppData\Roaming\Skype
2014-04-29 15:07 - 2014-05-04 16:33 - 00000000 ____D () C:\Users\Florian223\Desktop\Neuer Ordner (3)
2014-04-28 13:40 - 2014-04-28 13:40 - 00000000 ____D () C:\Users\MICHAELA1\AppData\Local\Windows Live
2014-04-28 13:38 - 2014-04-28 13:39 - 00000000 ____D () C:\Users\MICHAELA1\AppData\Local\{CE5BC078-2B93-4892-8BA9-621E986CA776}
2014-04-15 19:23 - 2014-04-15 19:23 - 00000000 ____D () C:\Users\Florian223\AppData\Local\Systweak
2014-04-15 02:51 - 2014-04-15 02:51 - 00000000 ____D () C:\Users\Florian223\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-04-14 14:36 - 2014-04-14 14:36 - 00000000 ____D () C:\Users\Florian223\AppData\Roaming\TuneUp Software

==================== One Month Modified Files and Folders =======

2014-05-05 11:33 - 2014-05-05 11:32 - 00037828 _____ () C:\Users\Florian223\Downloads\FRST.txt
2014-05-05 11:33 - 2014-01-05 12:24 - 00000356 _____ () C:\windows\Tasks\bench-S-1-5-21-2611249187-1414960373-3837357557-1017.job
2014-05-05 11:32 - 2014-05-05 11:31 - 00000000 ____D () C:\FRST
2014-05-05 11:32 - 2013-06-15 20:27 - 00000962 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1004UA.job
2014-05-05 11:31 - 2014-05-05 11:31 - 02062336 _____ (Farbar) C:\Users\Florian223\Downloads\FRST64.exe
2014-05-05 11:31 - 2014-01-19 14:26 - 00000942 _____ () C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-05-05 11:26 - 2014-01-19 14:33 - 00000936 _____ () C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2014-05-05 11:26 - 2014-01-05 12:26 - 00001340 _____ () C:\windows\Tasks\Plus-HD-5.5-updater.job
2014-05-05 11:26 - 2014-01-05 12:25 - 00001164 _____ () C:\windows\Tasks\Plus-HD-5.5-enabler.job
2014-05-05 11:26 - 2011-08-27 18:27 - 00001114 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-05 11:25 - 2014-01-19 14:25 - 00000310 _____ () C:\windows\Tasks\SaveSense.job
2014-05-05 11:25 - 2014-01-05 12:25 - 00002138 _____ () C:\windows\Tasks\Plus-HD-5.5-firefoxinstaller.job
2014-05-05 11:25 - 2014-01-05 12:25 - 00001292 _____ () C:\windows\Tasks\Plus-HD-5.5-codedownloader.job
2014-05-05 11:25 - 2014-01-05 12:24 - 00002132 _____ () C:\windows\Tasks\Plus-HD-5.5-chromeinstaller.job
2014-05-05 11:25 - 2014-01-05 12:24 - 00000356 _____ () C:\windows\Tasks\bench-sys.job
2014-05-05 11:25 - 2013-12-29 02:14 - 00000290 _____ () C:\windows\Tasks\SpeedUpMyPC Maintenance.job
2014-05-05 11:25 - 2013-12-27 19:03 - 00021515 _____ () C:\windows\setupact.log
2014-05-05 11:25 - 2013-10-19 23:12 - 00001964 _____ () C:\windows\Tasks\a2zLyrics-16-chromeinstaller.job
2014-05-05 11:25 - 2013-10-19 23:12 - 00001256 _____ () C:\windows\Tasks\a2zLyrics-16-codedownloader.job
2014-05-05 11:25 - 2013-04-25 21:37 - 00000940 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000UA.job
2014-05-05 11:25 - 2013-04-10 15:52 - 00001132 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000UA.job
2014-05-05 11:25 - 2012-08-29 00:15 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-05-05 06:01 - 2014-02-03 18:56 - 00002402 _____ () C:\windows\Tasks\Plus-HD-7.6-validator.job
2014-05-05 05:57 - 2014-02-03 18:57 - 00001518 _____ () C:\windows\Tasks\Plus-HD-7.6-updater.job
2014-05-05 05:57 - 2014-02-03 18:56 - 00001372 _____ () C:\windows\Tasks\Plus-HD-7.6-enabler.job
2014-05-05 05:56 - 2014-02-03 18:56 - 00002336 _____ () C:\windows\Tasks\Plus-HD-7.6-firefoxinstaller.job
2014-05-05 05:56 - 2014-02-03 18:56 - 00001474 _____ () C:\windows\Tasks\Plus-HD-7.6-codedownloader.job
2014-05-04 23:48 - 2014-02-18 21:06 - 00000329 _____ () C:\Users\Florian223\Desktop\online.txt
2014-05-04 23:37 - 2014-01-12 02:27 - 00000000 ____D () C:\Users\Florian223\AppData\Roaming\Splitscreen Studios
2014-05-04 23:33 - 2011-03-04 18:49 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-04 23:32 - 2012-10-23 12:21 - 00000000 ____D () C:\Fraps
2014-05-04 23:25 - 2012-04-06 15:18 - 00000000 ____D () C:\Users\Samantha
2014-05-04 22:51 - 2014-02-03 18:55 - 00000000 ____D () C:\Users\Florian223\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-05-04 22:51 - 2013-10-21 18:05 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-05-04 22:50 - 2014-05-04 22:50 - 00003160 _____ () C:\windows\System32\Tasks\{33A89801-84CD-4A32-9CAD-EB56813C425E}
2014-05-04 22:44 - 2011-08-27 18:27 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-04 21:42 - 2013-04-25 21:37 - 00000918 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000Core.job
2014-05-04 20:32 - 2013-06-15 20:27 - 00000940 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1004Core.job
2014-05-04 18:00 - 2014-02-03 19:09 - 00000474 _____ () C:\windows\Tasks\SpeedMaxPc Registration3.job
2014-05-04 16:33 - 2014-04-29 15:07 - 00000000 ____D () C:\Users\Florian223\Desktop\Neuer Ordner (3)
2014-05-04 15:44 - 2009-07-14 06:45 - 00024432 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-04 15:44 - 2009-07-14 06:45 - 00024432 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-04 15:36 - 2014-05-04 15:36 - 00003120 _____ () C:\windows\System32\Tasks\Advanced System Protector_startup
2014-05-04 15:34 - 2014-01-19 14:33 - 00000932 _____ () C:\windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2014-05-04 15:34 - 2014-01-19 14:26 - 00000938 _____ () C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-05-04 15:34 - 2013-12-29 02:14 - 00000284 _____ () C:\windows\Tasks\SpeedUpMyPC Startup.job
2014-05-04 15:33 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-05-03 14:35 - 2014-01-19 14:32 - 00000000 ____D () C:\Program Files (x86)\VuuPC
2014-05-03 13:52 - 2013-04-10 15:52 - 00001080 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2611249187-1414960373-3837357557-1000Core.job
2014-05-03 10:03 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-05-03 08:46 - 2013-12-30 20:50 - 00066389 _____ () C:\windows\WindowsUpdate.log
2014-05-02 21:56 - 2014-01-20 19:35 - 00000000 ____D () C:\Users\Florian223\AppData\Local\CrashDumps
2014-05-02 20:41 - 2014-05-02 20:41 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 20:40 - 2014-05-02 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 20:40 - 2014-05-02 20:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-02 20:40 - 2014-05-02 20:40 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-02 14:42 - 2014-02-02 13:42 - 00000294 _____ () C:\windows\Tasks\DLL-Files FixerASKUSER.job
2014-05-02 13:18 - 2014-05-01 14:48 - 00000000 ____D () C:\Users\Michaela123\AppData\Roaming\Skype
2014-04-29 15:36 - 2012-08-29 00:15 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 15:36 - 2012-08-29 00:15 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 15:36 - 2011-08-27 18:51 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-28 13:50 - 2013-10-24 23:37 - 00000000 ____D () C:\Users\MICHAELA1\Desktop\Ida-Projekt
2014-04-28 13:40 - 2014-04-28 13:40 - 00000000 ____D () C:\Users\MICHAELA1\AppData\Local\Windows Live
2014-04-28 13:39 - 2014-04-28 13:38 - 00000000 ____D () C:\Users\MICHAELA1\AppData\Local\{CE5BC078-2B93-4892-8BA9-621E986CA776}
2014-04-28 13:37 - 2013-08-03 12:26 - 00000000 ____D () C:\Users\MICHAELA1\Tracing
2014-04-22 20:47 - 2011-03-04 04:00 - 00698494 _____ () C:\windows\system32\perfh007.dat
2014-04-22 20:47 - 2011-03-04 04:00 - 00149288 _____ () C:\windows\system32\perfc007.dat
2014-04-22 20:47 - 2009-07-14 07:13 - 01618376 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-22 20:45 - 2014-02-03 19:09 - 00000410 _____ () C:\windows\Tasks\SpeedMaxPc.job
2014-04-21 15:07 - 2009-07-14 07:08 - 00032640 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-04-18 17:43 - 2013-12-22 19:24 - 00000000 ____D () C:\ProgramData\topDEal
2014-04-17 15:26 - 2014-01-11 16:56 - 00000000 ____D () C:\Users\Michaela123\AppData\Local\CrashDumps
2014-04-15 19:23 - 2014-04-15 19:23 - 00000000 ____D () C:\Users\Florian223\AppData\Local\Systweak
2014-04-15 02:51 - 2014-04-15 02:51 - 00000000 ____D () C:\Users\Florian223\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-04-14 23:11 - 2013-12-22 19:25 - 00000000 ____D () C:\ProgramData\FlexibleShopPer
2014-04-14 23:05 - 2014-01-05 12:24 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-5.5
2014-04-14 15:33 - 2013-12-30 23:38 - 00152206 _____ () C:\windows\PFRO.log
2014-04-14 14:36 - 2014-04-14 14:36 - 00000000 ____D () C:\Users\Florian223\AppData\Roaming\TuneUp Software
2014-04-14 12:53 - 2014-01-19 15:42 - 00000000 ____D () C:\Users\Florian223\AppData\Roaming\Systweak
2014-04-12 02:22 - 2014-02-03 19:09 - 00000432 _____ () C:\windows\Tasks\SpeedMaxPc Update3.job

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2611249187-1414960373-3837357557-1000\$40ce088d44bf7e656fd9ac4caf606b95

Files to move or delete:
====================
C:\ProgramData\ras_0oed.pad


Some content of TEMP:
====================
C:\Users\Florian1\AppData\Local\Temp\Parkour Mod.exe
C:\Users\Florian1\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Florian223\AppData\Local\Temp\avgnt.exe
C:\Users\michaela\AppData\Local\Temp\AskSLib.dll
C:\Users\michaela\AppData\Local\Temp\avgnt.exe
C:\Users\michaela\AppData\Local\Temp\BackupSetup.exe
C:\Users\michaela\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\michaela\AppData\Local\Temp\SkypeSetup.exe
C:\Users\MICHAELA1\AppData\Local\Temp\avgnt.exe
C:\Users\Michaela123\AppData\Local\Temp\avgnt.exe
C:\Users\Michaela123\AppData\Local\Temp\BackupSetup.exe
C:\Users\Michaela123\AppData\Local\Temp\dlLogic.exe
C:\Users\Michaela123\AppData\Local\Temp\EnableExtDll.dll
C:\Users\Michaela123\AppData\Local\Temp\GCVerifier.dll
C:\Users\Michaela123\AppData\Local\Temp\install_helper.exe
C:\Users\Michaela123\AppData\Local\Temp\iobwnedxjvdevl.exe
C:\Users\Michaela123\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Michaela123\AppData\Local\Temp\nsbA441.exe
C:\Users\Michaela123\AppData\Local\Temp\nsbB15C.exe
C:\Users\Michaela123\AppData\Local\Temp\nsc1A2E.exe
C:\Users\Michaela123\AppData\Local\Temp\nsr3BC2.exe
C:\Users\Michaela123\AppData\Local\Temp\promote-upx.exe
C:\Users\Michaela123\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Michaela123\AppData\Local\Temp\SPSetup.exe
C:\Users\Michaela123\AppData\Local\Temp\verifier.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-02 01:37

==================== End Of Log ============================

--- --- ---

schrauber · 07.05.2014, 08:50

Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Nervtötende Werbung auf allen Websiten

Plagegeister aller Art und deren Bekämpfung: Nervtötende Werbung auf allen Websiten