| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: WINDOWS 7 kommen ständig PopUps usw...Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.05.2014, 20:06
| #1 |
 |  WINDOWS 7 kommen ständig PopUps usw... Hi Leute, habe Windows 7 64bit Version und bekomme ständig PopUps und dass ich Flashplayer usw neu laden soll. Frst Log: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014 Ran by (administrator) on -PC on 31-05-2014 20:37:31 Running from C:\Users\\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe (Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe (Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe () C:\Windows\System32\dmwu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ( ) C:\Windows\System32\lxbkcoms.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe () C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\XSManager\WTGService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (4G Systems GmbH & Co. KG) C:\Windows\service4g.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (DealPly Technologies Ltd) C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (AMD) C:\Windows\System32\atieclxx.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe (Symantec Corporation) C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.0.0.128\InstStub.exe () C:\Windows\SysWOW64\jmdp\stij.exe () C:\Windows\System32\ljkb\stij.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe (Google Inc.) C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe (Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (Microsoft Corporation) C:\Windows\System32\wscript.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe (Iminent) C:\Program Files (x86)\Iminent\Iminent.exe (Iminent) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Skillbrains) C:\Users\\AppData\Local\Skillbrains\lightshot\4.4.2.0\Lightshot.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe () C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe (Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe (Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor) HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2011-03-30] (4G Systems GmbH & Co. KG) HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-01-25] (Iminent) HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-01-25] (Iminent) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [775872 2014-02-28] () HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation) HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Google Update] => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-21] (Google Inc.) HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [LightShot] => C:\Users\\AppData\Local\Skillbrains\lightshot\LightShot.exe [195072 2012-02-02] () HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts) HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-08-29] () HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\MountPoints2: {2aaa724c-a03f-11e3-b7f5-1c6f6549ce08} - G:\LG_PC_Programs.exe AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll File Not Found Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs () Startup: C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk ShortcutTarget: tbhcn.lnk -> C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe () Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.) Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: http=127.0.0.1:13828 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=88084d330000000000001c6f6549ce08 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms} URLSearchHook: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) URLSearchHook: HKLM-x32 - appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.) StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms} SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms} SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013 SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms} SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms} SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=18887124-D7CB-4033-904E-4E76245108C3&ref=toolbox&q={searchTerms} SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms} SearchScopes: HKCU - yandex.ru-230807 URL = SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013 SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&q={searchTerms}&SSPV= SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119556&babsrc=SP_ss&mntrId=88084d330000000000001c6f6549ce08 SearchScopes: HKCU - {2233C3F4-E3B3-4C3F-BFEE-D89A63D6FEE4} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3227982 SearchScopes: HKCU - {27433C8B-14CF-4B32-8783-43F982AF9813} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3197087 SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms} SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {8BA3C05B-6624-4F7B-8CEC-7B1D1EBA0142} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848 SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms} SearchScopes: HKCU - {CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} URL = hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms} SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/?a=6R8BbEiZzb&loc=skw&search={searchTerms}&i=26 BHO: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho64.dll (HQ-Video) BHO: Feven Pro 1.2 - {11111111-1111-1111-1111-110511161182} - C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-bho64.dll (Feven) BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll () BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN) BHO: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media Inc) BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.) BHO-x32: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) BHO-x32: Browser Companion Helper - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( ) BHO-x32: appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.) BHO-x32: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho.dll (HQ-Video) BHO-x32: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll (PriceGong) BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) BHO-x32: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll () BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) BHO-x32: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD) BHO-x32: SpecialSavings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( ) BHO-x32: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN) BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com) BHO-x32: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) BHO-x32: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.) Toolbar: HKLM-x32 - appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.) Toolbar: HKLM-x32 - Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com) Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.) Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File Toolbar: HKCU - No Name - {09152F0B-739C-4DEC-A245-1AA8A37594F1} - No File Toolbar: HKCU - No Name - {0CC09160-108C-4759-BAB1-5C12C216E005} - No File Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default FF SearchEngineOrder.1: Delta Search FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF user.js: detected! => C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\user.js FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\%Protector Process Name%.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\babylon.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\bProtect.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\conduit-search.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\conduit.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\delta.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\dvdvideosofttb-de-customized-web-search.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\MyStart Search.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Plusnetwork.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Search_Results.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Web Search.xml FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\yandex.ru-230807.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Browser Companion Helper - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\bbrs_002@blabbers.com [2012-08-14] FF Extension: Plasmoo Search Engine - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\engine@plasmoo.com [2013-10-28] FF Extension: Delta Toolbar - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@delta.com [2013-02-12] FF Extension: incredibar.com - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@incredibar.com [2012-08-05] FF Extension: SpecialSavings - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\specialsavings@superfish.com [2012-08-14] FF Extension: DVDVideoSoftTB DE - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} [2014-04-08] FF Extension: BrowseToolE0201 - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{09152f0b-739c-4dec-a245-1aa8a37594f1} [2014-04-03] FF Extension: appbario8 - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0cc09160-108c-4759-bab1-5c12c216e005} [2013-12-13] FF Extension: PriceGong - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2013-02-19] FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18] FF Extension: DealPly Shopping - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979} [2013-10-28] FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24] FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05] FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05] FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05] FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Program Files (x86)\Iminent\webbooster@iminent.com FF Extension: Iminent Minibar - C:\Program Files (x86)\Iminent\webbooster@iminent.com [2013-02-12] FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05] FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [] FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\extensions\lightningnewtab@gmail.com.xpi FF HKCU\...\Firefox\Extensions: [specialsavings@superfish.com] - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles/3elvxd57.default\extensions\specialsavings@superfish.com FF Extension: SpecialSavings - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles/3elvxd57.default\extensions\specialsavings@superfish.com [2012-08-14] FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi FF Extension: Wajam - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013-12-17] FF HKCU\...\Firefox\Extensions: [{95818252-7aac-4b4b-b6db-2fedbc9902a4}] - C:\Program Files (x86)\Re-markit-soft\155.xpi FF Extension: Re-markit - C:\Program Files (x86)\Re-markit-soft\155.xpi [2014-02-28] Chrome: ======= CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&SSPV=" CHR Plugin: (Remoting Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll () CHR Plugin: (Shockwave Flash) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll No File CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Users\\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File CHR Extension: (BrowseToolE0201) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [2012-09-11] CHR Extension: (PriceGong) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2012-08-14] CHR Extension: (YouTube) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-21] CHR Extension: (Browser Companion Helper) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2012-08-14] CHR Extension: (appbario8) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [2012-08-14] CHR Extension: (Google-Suche) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-21] CHR Extension: (Re-markit) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel [2014-02-28] CHR Extension: (Web Assistant) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2012-08-08] CHR Extension: (DealPly French) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi [2013-10-28] CHR Extension: (Delta Toolbar) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-02-13] CHR Extension: (Iminent) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-02-20] CHR Extension: (Search Assistant) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfelndikbdcohbdimnhdhhokfljdidgn [2012-09-18] CHR Extension: (New tab for Chrome) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-08-08] CHR Extension: (Wajam) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2014-02-16] CHR Extension: (Lightshot (Screenshot Tool)) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2012-09-04] CHR Extension: (DVDVideoSoft) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-10-28] CHR Extension: (Google Wallet) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23] CHR Extension: (SweetPacks Chrome Extension) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2014-03-06] CHR Extension: (Extended Protection) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-27] CHR Extension: (Google Mail) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-21] CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-05] CHR HKCU\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2012-08-13] CHR HKCU\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01] CHR HKCU\...\Chrome\Extension: [caloheeledhajihipjihanmihhegodlc] - C:\Users\\AppData\Local\CRE\caloheeledhajihipjihanmihhegodlc.crx [2012-07-29] CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-10-28] CHR HKLM-x32\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2012-08-13] CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01] CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.4\pricegong.crx [2012-03-25] CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [2012-07-02] CHR HKLM-x32\...\Chrome\Extension: [caloheeledhajihipjihanmihhegodlc] - C:\Users\\AppData\Local\CRE\caloheeledhajihipjihanmihhegodlc.crx [2012-07-29] CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-05] CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\\AppData\Roaming\Delta\delta.crx [2012-11-25] CHR HKLM-x32\...\Chrome\Extension: [fgfdfcbeamjnjdejakdidpniblllnbpg] - C:\Windows\SysWOW64\jmdp\pnte.crx [2012-11-25] CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-08-05] CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\\AppData\Local\Wajam\Chrome\wajam.crx [2014-01-14] CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-04-06] CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-27] ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG) R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.) S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-10-28] (DealPly Technologies Ltd) S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-10-28] (DealPly Technologies Ltd) R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [2276144 2014-04-07] () R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED) R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( ) R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( ) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [126904 2010-05-23] (Symantec Corporation) R2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe [194560 2014-02-28] () R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3088192 2014-05-28] (Iminent) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software) R2 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2013-11-20] (Wajam) R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-01-29] () R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-27] (Taiwan Shui Mu Chih Ching Technology Limited.) R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED) R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-04-05] () R2 XS Stick Service; C:\Windows\service4g.exe [145064 2011-03-30] (4G Systems GmbH & Co. KG) ==================== Drivers (Whitelisted) ==================== R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-04-29] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems) S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-10-05] (Mobile Connector) S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation ) R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2011-10-31] (Realtek Semiconductor Corporation ) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software) S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X] S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X] S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X] S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X] S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X] S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-31 20:37 - 2014-05-31 20:38 - 00042913 _____ () C:\Users\\Desktop\FRST.txt 2014-05-31 20:37 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST 2014-05-31 20:37 - 2014-05-31 20:36 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe 2014-05-31 20:35 - 2014-05-31 20:36 - 02066944 _____ (Farbar) C:\Users\\Downloads\FRST64.exe 2014-05-31 20:10 - 2014-05-31 20:11 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg 2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp 2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games 2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core 2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk 2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies 2014-05-25 02:51 - 2014-05-25 02:51 - 00000000 _____ () C:\Windows\SysWOW64\sho37D5.tmp 2014-05-18 00:25 - 2014-05-18 00:25 - 00000000 _____ () C:\Windows\SysWOW64\shoE10C.tmp 2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job 2014-05-17 00:05 - 2014-05-17 00:05 - 00000000 _____ () C:\Windows\SysWOW64\shoE14A.tmp 2014-05-14 22:03 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-14 22:03 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-14 22:03 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-14 22:03 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-14 22:03 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-14 22:03 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-14 14:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-14 14:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-14 14:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 14:00 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 14:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 14:00 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 14:00 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 14:00 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 14:00 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 14:00 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-14 14:00 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-14 14:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 14:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-14 14:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 14:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 14:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 14:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 14:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 14:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 14:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 14:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 14:00 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 14:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 14:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 14:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 14:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 14:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 14:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 14:00 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-14 14:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-14 14:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-14 14:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-14 14:00 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-14 14:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe 2014-05-11 17:57 - 2014-05-11 17:58 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe 2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job 2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job 2014-05-10 19:18 - 2014-05-10 19:19 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe 2014-05-09 13:02 - 2014-05-09 13:02 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job 2014-05-07 19:02 - 2014-05-07 19:02 - 00614528 _____ () C:\Users\Jürgen\Downloads\Setup (14).exe 2014-05-02 03:23 - 2014-05-02 03:23 - 00000000 _____ () C:\Windows\SysWOW64\shoF15F.tmp ==================== One Month Modified Files and Folders ======= 2014-05-31 20:38 - 2014-05-31 20:37 - 00042913 _____ () C:\Users\\Desktop\FRST.txt 2014-05-31 20:38 - 2013-08-29 02:01 - 00000000 ____D () C:\Users\\AppData\Local\PMB Files 2014-05-31 20:38 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\\AppData\Local\Temp 2014-05-31 20:37 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST 2014-05-31 20:36 - 2014-05-31 20:37 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe 2014-05-31 20:36 - 2014-05-31 20:35 - 02066944 _____ (Farbar) C:\Users\\Downloads\FRST64.exe 2014-05-31 20:11 - 2014-05-31 20:10 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg 2014-05-31 20:08 - 2012-09-12 01:43 - 00000000 ____D () C:\ProgramData\Origin 2014-05-31 20:07 - 2013-11-27 21:58 - 00000000 ____D () C:\Users\\AppData\Roaming\newnext.me 2014-05-31 20:07 - 2012-09-12 01:43 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-05-31 20:07 - 2012-08-14 02:15 - 00000000 ____D () C:\Users\\AppData\Roaming\BrowserCompanion 2014-05-31 20:07 - 2012-07-21 10:07 - 01106898 _____ () C:\Windows\WindowsUpdate.log 2014-05-31 19:54 - 2014-01-21 14:44 - 00000000 ____D () C:\Users\Jürgen\Documents\FIFA 14 2014-05-31 19:02 - 2012-07-21 14:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Temp 2014-05-31 18:55 - 2014-03-06 18:07 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp 2014-05-31 15:00 - 2012-07-21 15:12 - 00000000 ____D () C:\Users\Elvira\AppData\Local\Temp 2014-05-31 10:32 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-31 10:32 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-31 10:25 - 2014-02-27 08:04 - 00000000 ____D () C:\Program Files (x86)\WinZipper 2014-05-31 10:24 - 2013-12-10 00:50 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-05-31 10:22 - 2009-07-14 06:51 - 00178041 _____ () C:\Windows\setupact.log 2014-05-31 08:01 - 2013-12-04 02:02 - 02234293 _____ () C:\Windows\IE11_main.log 2014-05-30 19:35 - 2012-07-21 15:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\Temp 2014-05-30 14:22 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\ 2014-05-30 08:22 - 2012-07-21 15:20 - 00002375 _____ () C:\Users\Elvira\Desktop\Google Chrome.lnk 2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games 2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core 2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk 2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies 2014-05-29 15:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-05-29 15:41 - 2010-10-01 08:19 - 00116460 _____ () C:\Windows\DirectX.log 2014-05-29 15:38 - 2012-09-12 01:55 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-05-29 15:05 - 2012-09-12 01:55 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Origin 2014-05-28 15:35 - 2012-08-14 02:38 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\.minecraft 2014-05-28 08:14 - 2012-07-21 10:38 - 00002380 _____ () C:\Users\\Desktop\Google Chrome.lnk 2014-05-28 08:09 - 2014-02-28 16:46 - 00000000 ____D () C:\Program Files (x86)\Feven Pro 1.2 2014-05-26 15:56 - 2014-01-08 17:58 - 00000000 ____D () C:\Users\Jürgen\Tracing 2014-05-25 02:51 - 2014-05-25 02:51 - 00000000 _____ () C:\Windows\SysWOW64\sho37D5.tmp 2014-05-23 19:34 - 2012-07-21 14:48 - 00002375 _____ () C:\Users\Jürgen\Desktop\Google Chrome.lnk 2014-05-23 17:13 - 2014-04-12 14:19 - 00000000 _____ () C:\end 2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-18 00:25 - 2014-05-18 00:25 - 00000000 _____ () C:\Windows\SysWOW64\shoE10C.tmp 2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-17 10:45 - 2009-07-14 19:58 - 00699884 _____ () C:\Windows\system32\perfh007.dat 2014-05-17 10:45 - 2009-07-14 19:58 - 00149766 _____ () C:\Windows\system32\perfc007.dat 2014-05-17 10:45 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job 2014-05-17 00:05 - 2014-05-17 00:05 - 00000000 _____ () C:\Windows\SysWOW64\shoE14A.tmp 2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-15 16:01 - 2014-04-30 17:52 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-14 22:00 - 2013-07-13 07:57 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-14 22:00 - 2010-10-01 10:17 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe 2014-05-11 17:58 - 2014-05-11 17:57 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe 2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job 2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job 2014-05-10 19:19 - 2014-05-10 19:18 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe 2014-05-10 11:53 - 2010-10-01 09:36 - 00378838 _____ () C:\Windows\PFRO.log 2014-05-09 13:02 - 2014-05-09 13:02 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job 2014-05-09 08:14 - 2014-05-14 14:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 08:11 - 2014-05-14 14:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-07 19:02 - 2014-05-07 19:02 - 00614528 _____ () C:\Users\Jürgen\Downloads\Setup (14).exe 2014-05-06 20:44 - 2012-07-21 15:29 - 00002380 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk 2014-05-06 02:46 - 2014-05-14 22:03 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-06 02:21 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-06 02:21 - 2014-05-14 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-06 01:32 - 2014-05-14 22:03 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-06 01:14 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-06 01:14 - 2014-05-14 22:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-04 13:46 - 2012-08-24 17:14 - 00528384 ____H () C:\Users\Jürgen\Downloads\photothumb.db 2014-05-04 13:45 - 2013-10-17 18:56 - 00000000 ____D () C:\Users\Jürgen\Downloads\Karikatur2 2014-05-02 03:23 - 2014-05-02 03:23 - 00000000 _____ () C:\Windows\SysWOW64\shoF15F.tmp Files to move or delete: ==================== C:\ProgramData\0tbpw.pad C:\ProgramData\winiml.dat Some content of TEMP: ==================== C:\Users\Elvira\AppData\Local\Temp\AskSLib.dll C:\Users\Elvira\AppData\Local\Temp\avgnt.exe C:\Users\Elvira\AppData\Local\Temp\i4jdel0.exe C:\Users\Elvira\AppData\Local\Temp\rtdrvmon.exe C:\Users\Elvira\AppData\Local\Temp\SPSetup.exe C:\Users\\AppData\Local\Temp\APNStub.exe C:\Users\\AppData\Local\Temp\AskSLib.dll C:\Users\\AppData\Local\Temp\avgnt.exe C:\Users\\AppData\Local\Temp\BackupSetup.exe C:\Users\\AppData\Local\Temp\Browser_Helper_Companion_DE.exe C:\Users\\AppData\Local\Temp\ezLooker-S-Setup_Suite1.exe C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer-1.exe C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer-2.exe C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer.exe C:\Users\\AppData\Local\Temp\FreeTwitTube-S-Setup_Suite1.exe C:\Users\\AppData\Local\Temp\FreeTwitTube-S-Setup_Suite1[1].exe C:\Users\\AppData\Local\Temp\IEHistory.exe C:\Users\\AppData\Local\Temp\InstalledPrograms.exe C:\Users\\AppData\Local\Temp\installhelper.dll C:\Users\\AppData\Local\Temp\IT_CON__95-V32_4.exe C:\Users\\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\\AppData\Local\Temp\MyBabylonTB_google_20120807.exe C:\Users\\AppData\Local\Temp\nsa2C4D.exe C:\Users\\AppData\Local\Temp\nsf1320.exe C:\Users\\AppData\Local\Temp\nsf3C94.exe C:\Users\\AppData\Local\Temp\nsfC1D.exe C:\Users\\AppData\Local\Temp\nsi4C98.exe C:\Users\\AppData\Local\Temp\nsi908B.exe C:\Users\\AppData\Local\Temp\nsn464F.exe C:\Users\\AppData\Local\Temp\nsq19C6.exe C:\Users\\AppData\Local\Temp\nsq33FC.exe C:\Users\\AppData\Local\Temp\nst92ED.exe C:\Users\\AppData\Local\Temp\nst95AC.exe C:\Users\\AppData\Local\Temp\nsu62F0.exe C:\Users\\AppData\Local\Temp\nsy494D.exe C:\Users\\AppData\Local\Temp\Optimizer_Pro.exe C:\Users\\AppData\Local\Temp\rtdrvmon.exe C:\Users\\AppData\Local\Temp\setup_fsu_cid.exe C:\Users\\AppData\Local\Temp\SkypeSetup.exe C:\Users\\AppData\Local\Temp\smt_awesomehp_new.exe C:\Users\\AppData\Local\Temp\softonic_ssk_conduit.exe C:\Users\\AppData\Local\Temp\SPSetup.exe C:\Users\\AppData\Local\Temp\SPWrap.exe C:\Users\\AppData\Local\Temp\sqlite3.dll C:\Users\\AppData\Local\Temp\SRAssetsHelper.dll C:\Users\\AppData\Local\Temp\swt-win32-3740.dll C:\Users\\AppData\Local\Temp\tbiNTE.dll C:\Users\\AppData\Local\Temp\uninst1.exe C:\Users\\AppData\Local\Temp\vcredist_x64.exe C:\Users\\AppData\Local\Temp\vlc-2.0.2-win32.exe C:\Users\\AppData\Local\Temp\wajam_download.exe C:\Users\\AppData\Local\Temp\YontooSetup-S.exe C:\Users\Jürgen\AppData\Local\Temp\avgnt.exe C:\Users\Jürgen\AppData\Local\Temp\i4jdel0.exe C:\Users\Jürgen\AppData\Local\Temp\i4jdel1.exe C:\Users\Jürgen\AppData\Local\Temp\i4jdel2.exe C:\Users\Jürgen\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.2-R1.0-b2788jnks.dll C:\Users\Jürgen\AppData\Local\Temp\javagiac0.016783020975253415.dll C:\Users\Jürgen\AppData\Local\Temp\rtdrvmon.exe C:\Users\Jürgen\AppData\Local\Temp\SkypeSetup.exe C:\Users\Jürgen\AppData\Local\Temp\{E5A0C4BB-6690-4D2C-A990-4C6110C79388}-34.0.1847.137_34.0.1847.131_chrome_updater.exe C:\Users\Martina\AppData\Local\Temp\AskSLib.dll C:\Users\Martina\AppData\Local\Temp\avgnt.exe C:\Users\Martina\AppData\Local\Temp\rtdrvmon.exe C:\Users\Martina\AppData\Local\Temp\SPSetup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-09-01 11:24 ==================== End Of Log ============================ Addition: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014 Ran by at 2014-05-31 20:38:47 Running from C:\Users\\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} ==================== Installed Programs ====================== Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.) Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version: - City Interactive) AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden Apowersoft kostenloser Bildschirmrekorder V1.2.4 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.2.4 - Apowersoft) appbario8 Toolbar (HKLM-x32\...\appbario8 Toolbar) (Version: 6.9.0.16 - appbario8) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version: - Bohemia Interactive) ATI Catalyst Install Manager (HKLM\...\{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}) (Version: 3.0.795.0 - ATI Technologies, Inc.) Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira) Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.) BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version: - ) <==== ATTENTION Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0930.2237.38732 - ATI) Hidden Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0930.2237.38732 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2010.0930.2237.38732 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Czech (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Danish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Dutch (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help English (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Finnish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help French (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help German (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Greek (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Hungarian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Italian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Japanese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Korean (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Norwegian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Polish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Portuguese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Russian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Spanish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Swedish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Thai (x32 Version: 2010.0930.2236.38732 - ATI) Hidden CCC Help Turkish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden ccc-core-static (x32 Version: 2010.0930.2237.38732 - Ihr Firmenname) Hidden ccc-utility64 (Version: 2010.0930.2237.38732 - ATI) Hidden Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version: - Z8Games.com) Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1181 - SG INTERACTIVE) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dealply (HKCU\...\Dealply) (Version: - ) <==== ATTENTION DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.3 - DealPly Technologies Ltd.) <==== ATTENTION Delta Chrome Toolbar (HKLM-x32\...\{177586E7-E42E-4F38-83D1-D15B4AF5B714}) (Version: 1.0.0.0 - DeltaInstaller) <==== ATTENTION Delta toolbar (HKLM-x32\...\delta) (Version: 1.8.10.0 - Delta) <==== ATTENTION DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE) Feven Pro 1.2 (HKLM-x32\...\Feven Pro 1.2) (Version: 1.34.2.13 - Feven) <==== ATTENTION FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.2.0.0 - Electronic Arts) FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts) Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.14.1022 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.14.1022 - DVDVideoSoft Ltd.) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.) Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - ) HQ-Video-Profession-1.3 (HKLM-x32\...\HQ-Video-Profession-1.3) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.8.6 - ) <==== ATTENTION IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2208 - Bandoo Media Inc) <==== ATTENTION IM Lock (HKLM-x32\...\IMLock) (Version: - Comvigo, Inc.) Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.4.56.0 - Iminent) <==== ATTENTION Iminent (x32 Version: 6.4.56.0 - Iminent) Hidden <==== ATTENTION Incredibar Toolbar on IE (HKLM-x32\...\incredibar) (Version: - ) <==== ATTENTION Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) ISY N150 Micro WLAN USB-Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - ISY) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version: - Lexmark International, Inc.) lightshot-4.4.2.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 4.4.2.0 - Skillbrains) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.993 - Electronic Arts) Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.0.0.128 - Symantec Corporation) OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.) Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) PriceGong 2.6.4 (HKLM-x32\...\PriceGong) (Version: 2.6.4 - PriceGong) <==== ATTENTION Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.) Re-markit (HKLM-x32\...\f4dc7792-3f3d-43d0-ad79-cb3520fae36c) (Version: - Re-markit Software) <==== ATTENTION Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Sniper - Art of Victory (HKLM-x32\...\sniper_de_is1) (Version: - City Interactive) SpecialSavings (HKLM-x32\...\SpecialSavings) (Version: - ) <==== ATTENTION SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 5.3.4.4 - Uniblue Systems Ltd) <==== ATTENTION Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.8.1 - TeamSpeak Systems GmbH) TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.4 - TuneUp Software) TuneUp Utilities 2013 (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden Video Downloader (HKLM-x32\...\Video Downloader) (Version: 1.14 - hxxp://www.vgrabber.com) VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN) VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION Wajam (HKLM-x32\...\Wajam) (Version: 2.11 - Wajam) <==== ATTENTION Web Assistant 2.0.0.573 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.573 - IncrediBar) <==== ATTENTION Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION WiseConvert (HKLM-x32\...\WiseConvert) (Version: 1.0 - WiseConvert) WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net) XSManager (HKLM-x32\...\XSManager) (Version: 3.2 - XSManager) ==================== Restore Points ========================= 23-05-2014 17:38:13 Windows Update 23-05-2014 23:00:11 Windows Update 24-05-2014 16:20:14 Windows Update 24-05-2014 18:08:19 Windows Update 25-05-2014 00:48:34 Windows Update 25-05-2014 19:14:34 Windows Update 26-05-2014 19:21:38 Windows Update 27-05-2014 19:56:06 Windows Update 28-05-2014 10:10:08 Windows Update 29-05-2014 00:56:57 Windows Update 29-05-2014 13:36:46 DirectX wurde installiert 29-05-2014 23:00:34 Windows Update 30-05-2014 06:27:09 Windows Update 31-05-2014 01:00:50 Windows Update 31-05-2014 05:58:19 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {00CDF369-5C82-4B09-A8B8-22E0110976DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.) Task: {162D19D2-88E6-425F-ACF9-085709C10976} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.) Task: {180C32E6-A575-49A3-AA4D-7E9EDC44A1AA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-09-19] (TuneUp Software) Task: {1FD7E7FA-4C1B-46AA-B808-A6B47969B523} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.) Task: {25715EC7-88B9-4811-B0FD-540AC855053B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.) Task: {2D13B59E-4C34-49F2-81B8-8A7F2D96CC2F} - System32\Tasks\PC Performer Manager => Sc.exe start PC Performer Manager Task: {620FBD68-8B3D-47C5-BEE1-EA19B1705EC4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2465613748-4109621216-2680054910-1001 Task: {62745FA6-88B4-4F26-B2F4-09469D925348} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {635AC757-77D2-41EE-A578-F6A8974BF31D} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {6875CA21-089D-4DC0-A439-FE49B1E33DB4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {6E350C8D-3672-4719-8CF1-5A8B8CA44909} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] () Task: {77E350C2-2250-4BEE-B575-EF12CA6A03F8} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] () Task: {820F5D76-F745-4811-BE70-3E99A14E89D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.) Task: {9C4EF4AE-24AC-494E-BB1E-389E59772369} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-11] (Adobe Systems Incorporated) Task: {A66165D0-A739-46B9-AA91-33C0AE65F710} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.) Task: {ABD96266-25AF-494C-B2F5-17C5D8F015E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.) Task: {B3ACA1F2-AC10-4A74-A012-61E186CB35DD} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] () Task: {BEE6EDB5-D13A-4C37-B3C9-40075E803219} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {D1301EC2-67C9-4E08-9A87-56DB18075640} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION Task: C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe <==== ATTENTION Task: C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\Feven Pro 1.2-enabler.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-enabler.exe <==== ATTENTION Task: C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-firefoxinstaller.exe <==== ATTENTION Task: C:\Windows\Tasks\Feven Pro 1.2-updater.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-updater.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe <==== ATTENTION Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe <==== ATTENTION Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe <==== ATTENTION Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe <==== ATTENTION Task: C:\Windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION Task: C:\Windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\ReMar.exe <==== ATTENTION Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe <==== ATTENTION Task: C:\Windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe ==================== Loaded Modules (whitelisted) ============= 2012-09-03 21:48 - 2014-04-07 16:57 - 02276144 _____ () C:\Windows\system32\dmwu.exe 2014-02-28 16:37 - 2014-02-28 16:37 - 00194560 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe 2012-08-05 21:47 - 2013-01-29 15:28 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe 2012-10-05 10:38 - 2012-04-05 17:35 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe 2014-04-07 16:57 - 2014-04-07 16:57 - 01100592 _____ () C:\Windows\SysWOW64\jmdp\stij.exe 2014-04-07 16:57 - 2014-04-07 16:57 - 01303856 _____ () C:\Windows\System32\ljkb\stij.exe 2014-04-07 16:57 - 2014-04-07 16:57 - 01571120 _____ () C:\Windows\System32\ljkb\lmrn.dll 2013-08-29 01:39 - 2013-08-29 01:40 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe 2013-11-27 21:58 - 2014-02-28 15:16 - 00775872 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe 2012-07-02 11:16 - 2012-07-02 11:16 - 00695448 _____ () C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe 2010-08-04 15:58 - 2010-08-04 15:58 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2010-09-30 22:36 - 2010-09-30 22:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2014-02-27 08:04 - 2014-02-27 08:04 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll 2014-02-14 11:30 - 2014-02-14 11:30 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll 2010-10-01 09:40 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2014-04-07 16:57 - 2014-04-07 16:57 - 01266992 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll 2014-02-28 15:17 - 2014-02-28 15:16 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll 2014-02-28 15:17 - 2014-02-28 15:16 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll 2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll 2014-05-28 08:14 - 2014-05-14 01:40 - 00716616 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll 2014-05-28 08:14 - 2014-05-14 01:40 - 00126280 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll 2014-05-28 08:14 - 2014-05-14 01:40 - 04217672 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll 2014-05-28 08:14 - 2014-05-14 01:40 - 00414536 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll 2014-05-28 08:14 - 2014-05-14 01:40 - 01732424 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll 2014-05-28 08:14 - 2014-05-14 01:40 - 13695816 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\\Downloads\Bestaetigung_Rechnung_zu_Ihrer_byebye_Reise_21200789.eml:OECustomProperty AlternateDataStreams: C:\Users\\Downloads\nachricht (1).eml:OECustomProperty AlternateDataStreams: C:\Users\\Downloads\nachricht.eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden. bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds) bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name) bei BlueStacks.hyperDroid.Service.Service.OnStop() bei BlueStacks.hyperDroid.Service.Service.OnShutdown() bei System.ServiceProcess.ServiceBase.DeferredShutdown() Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000c42d ID des fehlerhaften Prozesses: 0xf28 Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0 Pfad der fehlerhaften Anwendung: Re-markit155.exe1 Pfad des fehlerhaften Moduls: Re-markit155.exe2 Berichtskennung: Re-markit155.exe3 Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: ) Description: Unexpected exception. System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt. bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) bei System.Delegate.DynamicInvokeImpl(Object[] args) bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs) bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler) Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000c42d ID des fehlerhaften Prozesses: 0x8a4 Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0 Pfad der fehlerhaften Anwendung: Re-markit155.exe1 Pfad des fehlerhaften Moduls: Re-markit155.exe2 Berichtskennung: Re-markit155.exe3 Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: bdc Startzeit: 01cf7b2654df9e89 Endzeit: 142 Anwendungspfad: C:\Windows\Explorer.EXE Berichts-ID: c652360f-e766-11e3-b952-1c6f6549ce08 Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000c42d ID des fehlerhaften Prozesses: 0x894 Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0 Pfad der fehlerhaften Anwendung: Re-markit155.exe1 Pfad des fehlerhaften Moduls: Re-markit155.exe2 Berichtskennung: Re-markit155.exe3 Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000c42d ID des fehlerhaften Prozesses: 0x81c Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0 Pfad der fehlerhaften Anwendung: Re-markit155.exe1 Pfad des fehlerhaften Moduls: Re-markit155.exe2 Berichtskennung: Re-markit155.exe3 Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000c42d ID des fehlerhaften Prozesses: 0x864 Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0 Pfad der fehlerhaften Anwendung: Re-markit155.exe1 Pfad des fehlerhaften Moduls: Re-markit155.exe2 Berichtskennung: Re-markit155.exe3 Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden. bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds) bei BlueStacks.hyperDroid.Service.Service.OnStop() bei BlueStacks.hyperDroid.Service.Service.OnShutdown() bei System.ServiceProcess.ServiceBase.DeferredShutdown() Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86 Ausnahmecode: 0xe06d7363 Fehleroffset: 0x0000c42d ID des fehlerhaften Prozesses: 0x83c Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0 Pfad der fehlerhaften Anwendung: Re-markit155.exe1 Pfad des fehlerhaften Moduls: Re-markit155.exe2 Berichtskennung: Re-markit155.exe3 System errors: ============= Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (05/31/2014 01:37:41 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F48FC5B2-094A-44C7-B48C-289738C9582D} Error: (05/31/2014 08:01:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Re-markit" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/31/2014 08:01:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme Error: (05/31/2014 07:27:08 AM) (Source: Server) (EventID: 2505) (User: ) Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{2A1A7AD7-DF00-40FC-9333-1E858D256B18} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden. Error: (05/31/2014 03:03:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme Error: (05/31/2014 03:00:29 AM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (05/30/2014 00:52:11 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F48FC5B2-094A-44C7-B48C-289738C9582D} Error: (05/30/2014 00:38:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden. bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds) bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name) bei BlueStacks.hyperDroid.Service.Service.OnStop() bei BlueStacks.hyperDroid.Service.Service.OnShutdown() bei System.ServiceProcess.ServiceBase.DeferredShutdown() Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42df2801cf7bf37a4253e5C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dllf6f536a7-e888-11e3-9d00-1c6f6549ce08 Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: ) Description: Unexpected exception. System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt. bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor) bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments) bei System.Delegate.DynamicInvokeImpl(Object[] args) bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs) bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler) Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d8a401cf7b2651844dc6C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll8db42bc3-e785-11e3-b952-1c6f6549ce08 Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Explorer.EXE6.1.7601.17567bdc01cf7b2654df9e89142C:\Windows\Explorer.EXEc652360f-e766-11e3-b952-1c6f6549ce08 Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d89401cf7a63585a967bC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dlla4e53e31-e6cc-11e3-b8fd-1c6f6549ce08 Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d81c01cf799b0a1f0c71C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll661f4893-e5d9-11e3-b36f-1c6f6549ce08 Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d86401cf78e6a8b756c4C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll7f5aa995-e50b-11e3-a4d9-1c6f6549ce08 Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden. bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds) bei BlueStacks.hyperDroid.Service.Service.OnStop() bei BlueStacks.hyperDroid.Service.Service.OnShutdown() bei System.ServiceProcess.ServiceBase.DeferredShutdown() Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d83c01cf77e7a66b93feC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll41f967c5-e441-11e3-9d94-1c6f6549ce08 ==================== Memory info =========================== Percentage of memory in use: 74% Total physical RAM: 3959.48 MB Available physical RAM: 995.35 MB Total Pagefile: 7917.15 MB Available Pagefile: 3216.21 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:727.71 GB) (Free:467.25 GB) NTFS Drive d: (Volume) (Fixed) (Total:195.31 GB) (Free:195.22 GB) NTFS Drive e: (Recovery) (Fixed) (Total:8 GB) (Free:2.57 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B6D843) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=728 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=195 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=8 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Hoffe, das ihr mir helfen könnt. Besten Dank im Vorraus !!! Gruß Jackson11 |
|
31.05.2014, 20:08
| #2 |
| /// TB-Ausbilder   | WINDOWS 7 kommen ständig PopUps usw... Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Scan mit Combofix
|
|
31.05.2014, 20:12
| #3 |
| | WINDOWS 7 kommen ständig PopUps usw...FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by (administrator) on -PC on 31-05-2014 20:37:31
Running from C:\Users\\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
() C:\Windows\System32\dmwu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxbkcoms.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
() C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(DealPly Technologies Ltd) C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Symantec Corporation) C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.0.0.128\InstStub.exe
() C:\Windows\SysWOW64\jmdp\stij.exe
() C:\Windows\System32\ljkb\stij.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.exe
(Iminent) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Skillbrains) C:\Users\\AppData\Local\Skillbrains\lightshot\4.4.2.0\Lightshot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2011-03-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe [1074736 2013-01-25] (Iminent)
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe [884784 2013-01-25] (Iminent)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [775872 2014-02-28] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Google Update] => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-21] (Google Inc.)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [LightShot] => C:\Users\\AppData\Local\Skillbrains\lightshot\LightShot.exe [195072 2012-02-02] ()
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-08-29] ()
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\MountPoints2: {2aaa724c-a03f-11e3-b7f5-1c6f6549ce08} - G:\LG_PC_Programs.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{16cdf~1\loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
Startup: C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk -> C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.hyrican.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=88084d330000000000001c6f6549ce08
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
URLSearchHook: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms}
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=18887124-D7CB-4033-904E-4E76245108C3&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKCU - yandex.ru-230807 URL =
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119556&babsrc=SP_ss&mntrId=88084d330000000000001c6f6549ce08
SearchScopes: HKCU - {2233C3F4-E3B3-4C3F-BFEE-D89A63D6FEE4} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3227982
SearchScopes: HKCU - {27433C8B-14CF-4B32-8783-43F982AF9813} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3197087
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {8BA3C05B-6624-4F7B-8CEC-7B1D1EBA0142} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=1770781391334068&q={searchTerms}
SearchScopes: HKCU - {CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} URL = hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/?a=6R8BbEiZzb&loc=skw&search={searchTerms}&i=26
BHO: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho64.dll (HQ-Video)
BHO: Feven Pro 1.2 - {11111111-1111-1111-1111-110511161182} - C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-bho64.dll (Feven)
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media Inc)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
BHO-x32: Browser Companion Helper - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
BHO-x32: appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.)
BHO-x32: HQ-Video-Profession-1.3 - {11111111-1111-1111-1111-110511151178} - C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho.dll (HQ-Video)
BHO-x32: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll (PriceGong)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Web Assistant - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO-x32: SpecialSavings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files (x86)\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: IMinent WebBooster (BHO) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (Delta-search.com)
BHO-x32: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\Program Files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media Inc)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Program Files (x86)\appbario8\prxtbappb.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Search-Results Toolbar - {f34c9277-6577-4dff-b2d7-7d58092f272f} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File
Toolbar: HKCU - No Name - {09152F0B-739C-4DEC-A245-1AA8A37594F1} - No File
Toolbar: HKCU - No Name - {0CC09160-108C-4759-BAB1-5C12C216E005} - No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default
FF SearchEngineOrder.1: Delta Search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\user.js
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\%Protector Process Name%.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\bProtect.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\dvdvideosofttb-de-customized-web-search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\yandex.ru-230807.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Browser Companion Helper - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\bbrs_002@blabbers.com [2012-08-14]
FF Extension: Plasmoo Search Engine - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\engine@plasmoo.com [2013-10-28]
FF Extension: Delta Toolbar - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@delta.com [2013-02-12]
FF Extension: incredibar.com - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@incredibar.com [2012-08-05]
FF Extension: SpecialSavings - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\specialsavings@superfish.com [2012-08-14]
FF Extension: DVDVideoSoftTB DE - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} [2014-04-08]
FF Extension: BrowseToolE0201 - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{09152f0b-739c-4dec-a245-1aa8a37594f1} [2014-04-03]
FF Extension: appbario8 - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0cc09160-108c-4759-bab1-5c12c216e005} [2013-12-13]
FF Extension: PriceGong - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2013-02-19]
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: DealPly Shopping - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979} [2013-10-28]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF Extension: Iminent Minibar - C:\Program Files (x86)\Iminent\webbooster@iminent.com [2013-02-12]
FF HKLM-x32\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-05]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [lightningnewtab@gmail.com] - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\extensions\lightningnewtab@gmail.com.xpi
FF HKCU\...\Firefox\Extensions: [specialsavings@superfish.com] - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles/3elvxd57.default\extensions\specialsavings@superfish.com
FF Extension: SpecialSavings - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles/3elvxd57.default\extensions\specialsavings@superfish.com [2012-08-14]
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: Wajam - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [2013-12-17]
FF HKCU\...\Firefox\Extensions: [{95818252-7aac-4b4b-b6db-2fedbc9902a4}] - C:\Program Files (x86)\Re-markit-soft\155.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit-soft\155.xpi [2014-02-28]
Chrome:
=======
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&SSPV="
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (BrowseToolE0201) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [2012-09-11]
CHR Extension: (PriceGong) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2012-08-14]
CHR Extension: (YouTube) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-21]
CHR Extension: (Browser Companion Helper) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2012-08-14]
CHR Extension: (appbario8) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [2012-08-14]
CHR Extension: (Google-Suche) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-21]
CHR Extension: (Re-markit) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel [2014-02-28]
CHR Extension: (Web Assistant) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2012-08-08]
CHR Extension: (DealPly French) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi [2013-10-28]
CHR Extension: (Delta Toolbar) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-02-13]
CHR Extension: (Iminent) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-02-20]
CHR Extension: (Search Assistant) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfelndikbdcohbdimnhdhhokfljdidgn [2012-09-18]
CHR Extension: (New tab for Chrome) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-08-08]
CHR Extension: (Wajam) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2014-02-16]
CHR Extension: (Lightshot (Screenshot Tool)) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2012-09-04]
CHR Extension: (DVDVideoSoft) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-10-28]
CHR Extension: (Google Wallet) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (SweetPacks Chrome Extension) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj [2014-03-06]
CHR Extension: (Extended Protection) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo [2014-02-27]
CHR Extension: (Google Mail) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-21]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-05]
CHR HKCU\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2012-08-13]
CHR HKCU\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKCU\...\Chrome\Extension: [caloheeledhajihipjihanmihhegodlc] - C:\Users\\AppData\Local\CRE\caloheeledhajihipjihanmihhegodlc.crx [2012-07-29]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-10-28]
CHR HKLM-x32\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2012-08-13]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.4\pricegong.crx [2012-03-25]
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx [2012-07-02]
CHR HKLM-x32\...\Chrome\Extension: [caloheeledhajihipjihanmihhegodlc] - C:\Users\\AppData\Local\CRE\caloheeledhajihipjihanmihhegodlc.crx [2012-07-29]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-05]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\\AppData\Roaming\Delta\delta.crx [2012-11-25]
CHR HKLM-x32\...\Chrome\Extension: [fgfdfcbeamjnjdejakdidpniblllnbpg] - C:\Windows\SysWOW64\jmdp\pnte.crx [2012-11-25]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-08-05]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\\AppData\Local\Wajam\Chrome\wajam.crx [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [ogfjmhfnldnajmfaofeiaepghjenbgjo] - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx [2014-02-27]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-10-28] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-10-28] (DealPly Technologies Ltd)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [2276144 2014-04-07] ()
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [126904 2010-05-23] (Symantec Corporation)
R2 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe [194560 2014-02-28] ()
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3088192 2014-05-28] (Iminent)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
R2 WajamUpdaterV3; C:\Program Files (x86)\Wajam\Updater\WajamUpdaterV3.exe [114176 2013-11-20] (Wajam)
R2 Web Assistant; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-01-29] ()
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-27] (Taiwan Shui Mu Chih Ching Technology Limited.)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-04-05] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2011-03-30] (4G Systems GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-10-05] (Mobile Connector)
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2011-10-31] (Realtek Semiconductor Corporation )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-31 20:37 - 2014-05-31 20:38 - 00042913 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:37 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST
2014-05-31 20:37 - 2014-05-31 20:36 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-05-31 20:35 - 2014-05-31 20:36 - 02066944 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-05-31 20:10 - 2014-05-31 20:11 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-25 02:51 - 2014-05-25 02:51 - 00000000 _____ () C:\Windows\SysWOW64\sho37D5.tmp
2014-05-18 00:25 - 2014-05-18 00:25 - 00000000 _____ () C:\Windows\SysWOW64\shoE10C.tmp
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-17 00:05 - 2014-05-17 00:05 - 00000000 _____ () C:\Windows\SysWOW64\shoE14A.tmp
2014-05-14 22:03 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:03 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:03 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:03 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 14:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 14:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 14:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 14:00 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 14:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 14:00 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 14:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 14:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 14:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 14:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 14:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-11 17:57 - 2014-05-11 17:58 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:18 - 2014-05-10 19:19 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
2014-05-09 13:02 - 2014-05-09 13:02 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job
2014-05-07 19:02 - 2014-05-07 19:02 - 00614528 _____ () C:\Users\Jürgen\Downloads\Setup (14).exe
2014-05-02 03:23 - 2014-05-02 03:23 - 00000000 _____ () C:\Windows\SysWOW64\shoF15F.tmp
==================== One Month Modified Files and Folders =======
2014-05-31 20:38 - 2014-05-31 20:37 - 00042913 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:38 - 2013-08-29 02:01 - 00000000 ____D () C:\Users\\AppData\Local\PMB Files
2014-05-31 20:38 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-05-31 20:37 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST
2014-05-31 20:36 - 2014-05-31 20:37 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-05-31 20:36 - 2014-05-31 20:35 - 02066944 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-05-31 20:11 - 2014-05-31 20:10 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 20:08 - 2012-09-12 01:43 - 00000000 ____D () C:\ProgramData\Origin
2014-05-31 20:07 - 2013-11-27 21:58 - 00000000 ____D () C:\Users\\AppData\Roaming\newnext.me
2014-05-31 20:07 - 2012-09-12 01:43 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-31 20:07 - 2012-08-14 02:15 - 00000000 ____D () C:\Users\\AppData\Roaming\BrowserCompanion
2014-05-31 20:07 - 2012-07-21 10:07 - 01106898 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 19:54 - 2014-01-21 14:44 - 00000000 ____D () C:\Users\Jürgen\Documents\FIFA 14
2014-05-31 19:02 - 2012-07-21 14:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Temp
2014-05-31 18:55 - 2014-03-06 18:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-31 15:00 - 2012-07-21 15:12 - 00000000 ____D () C:\Users\Elvira\AppData\Local\Temp
2014-05-31 10:32 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 10:32 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 10:25 - 2014-02-27 08:04 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-05-31 10:24 - 2013-12-10 00:50 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-31 10:22 - 2009-07-14 06:51 - 00178041 _____ () C:\Windows\setupact.log
2014-05-31 08:01 - 2013-12-04 02:02 - 02234293 _____ () C:\Windows\IE11_main.log
2014-05-30 19:35 - 2012-07-21 15:21 - 00000000 ____D () C:\Users\Martina\AppData\Local\Temp
2014-05-30 14:22 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\
2014-05-30 08:22 - 2012-07-21 15:20 - 00002375 _____ () C:\Users\Elvira\Desktop\Google Chrome.lnk
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-29 15:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-29 15:41 - 2010-10-01 08:19 - 00116460 _____ () C:\Windows\DirectX.log
2014-05-29 15:38 - 2012-09-12 01:55 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-29 15:05 - 2012-09-12 01:55 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Origin
2014-05-28 15:35 - 2012-08-14 02:38 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\.minecraft
2014-05-28 08:14 - 2012-07-21 10:38 - 00002380 _____ () C:\Users\\Desktop\Google Chrome.lnk
2014-05-28 08:09 - 2014-02-28 16:46 - 00000000 ____D () C:\Program Files (x86)\Feven Pro 1.2
2014-05-26 15:56 - 2014-01-08 17:58 - 00000000 ____D () C:\Users\Jürgen\Tracing
2014-05-25 02:51 - 2014-05-25 02:51 - 00000000 _____ () C:\Windows\SysWOW64\sho37D5.tmp
2014-05-23 19:34 - 2012-07-21 14:48 - 00002375 _____ () C:\Users\Jürgen\Desktop\Google Chrome.lnk
2014-05-23 17:13 - 2014-04-12 14:19 - 00000000 _____ () C:\end
2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-18 00:25 - 2014-05-18 00:25 - 00000000 _____ () C:\Windows\SysWOW64\shoE10C.tmp
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 10:45 - 2009-07-14 19:58 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-05-17 10:45 - 2009-07-14 19:58 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-05-17 10:45 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-17 00:05 - 2014-05-17 00:05 - 00000000 _____ () C:\Windows\SysWOW64\shoE14A.tmp
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:01 - 2014-04-30 17:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:00 - 2013-07-13 07:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:00 - 2010-10-01 10:17 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-11 17:58 - 2014-05-11 17:57 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:19 - 2014-05-10 19:18 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
2014-05-10 11:53 - 2010-10-01 09:36 - 00378838 _____ () C:\Windows\PFRO.log
2014-05-09 13:02 - 2014-05-09 13:02 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job
2014-05-09 08:14 - 2014-05-14 14:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 14:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 19:02 - 2014-05-07 19:02 - 00614528 _____ () C:\Users\Jürgen\Downloads\Setup (14).exe
2014-05-06 20:44 - 2012-07-21 15:29 - 00002380 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk
2014-05-06 02:46 - 2014-05-14 22:03 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 22:03 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 22:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:46 - 2012-08-24 17:14 - 00528384 ____H () C:\Users\Jürgen\Downloads\photothumb.db
2014-05-04 13:45 - 2013-10-17 18:56 - 00000000 ____D () C:\Users\Jürgen\Downloads\Karikatur2
2014-05-02 03:23 - 2014-05-02 03:23 - 00000000 _____ () C:\Windows\SysWOW64\shoF15F.tmp
Files to move or delete:
====================
C:\ProgramData\0tbpw.pad
C:\ProgramData\winiml.dat
Some content of TEMP:
====================
C:\Users\Elvira\AppData\Local\Temp\AskSLib.dll
C:\Users\Elvira\AppData\Local\Temp\avgnt.exe
C:\Users\Elvira\AppData\Local\Temp\i4jdel0.exe
C:\Users\Elvira\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Elvira\AppData\Local\Temp\SPSetup.exe
C:\Users\\AppData\Local\Temp\APNStub.exe
C:\Users\\AppData\Local\Temp\AskSLib.dll
C:\Users\\AppData\Local\Temp\avgnt.exe
C:\Users\\AppData\Local\Temp\BackupSetup.exe
C:\Users\\AppData\Local\Temp\Browser_Helper_Companion_DE.exe
C:\Users\\AppData\Local\Temp\ezLooker-S-Setup_Suite1.exe
C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\\AppData\Local\Temp\FreeTwitTube-S-Setup_Suite1.exe
C:\Users\\AppData\Local\Temp\FreeTwitTube-S-Setup_Suite1[1].exe
C:\Users\\AppData\Local\Temp\IEHistory.exe
C:\Users\\AppData\Local\Temp\InstalledPrograms.exe
C:\Users\\AppData\Local\Temp\installhelper.dll
C:\Users\\AppData\Local\Temp\IT_CON__95-V32_4.exe
C:\Users\\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\\AppData\Local\Temp\MyBabylonTB_google_20120807.exe
C:\Users\\AppData\Local\Temp\nsa2C4D.exe
C:\Users\\AppData\Local\Temp\nsf1320.exe
C:\Users\\AppData\Local\Temp\nsf3C94.exe
C:\Users\\AppData\Local\Temp\nsfC1D.exe
C:\Users\\AppData\Local\Temp\nsi4C98.exe
C:\Users\\AppData\Local\Temp\nsi908B.exe
C:\Users\\AppData\Local\Temp\nsn464F.exe
C:\Users\\AppData\Local\Temp\nsq19C6.exe
C:\Users\\AppData\Local\Temp\nsq33FC.exe
C:\Users\\AppData\Local\Temp\nst92ED.exe
C:\Users\\AppData\Local\Temp\nst95AC.exe
C:\Users\\AppData\Local\Temp\nsu62F0.exe
C:\Users\\AppData\Local\Temp\nsy494D.exe
C:\Users\\AppData\Local\Temp\Optimizer_Pro.exe
C:\Users\\AppData\Local\Temp\rtdrvmon.exe
C:\Users\\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\\AppData\Local\Temp\SkypeSetup.exe
C:\Users\\AppData\Local\Temp\smt_awesomehp_new.exe
C:\Users\\AppData\Local\Temp\softonic_ssk_conduit.exe
C:\Users\\AppData\Local\Temp\SPSetup.exe
C:\Users\\AppData\Local\Temp\SPWrap.exe
C:\Users\\AppData\Local\Temp\sqlite3.dll
C:\Users\\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\\AppData\Local\Temp\tbiNTE.dll
C:\Users\\AppData\Local\Temp\uninst1.exe
C:\Users\\AppData\Local\Temp\vcredist_x64.exe
C:\Users\\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\\AppData\Local\Temp\wajam_download.exe
C:\Users\\AppData\Local\Temp\YontooSetup-S.exe
C:\Users\Jürgen\AppData\Local\Temp\avgnt.exe
C:\Users\Jürgen\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jürgen\AppData\Local\Temp\i4jdel1.exe
C:\Users\Jürgen\AppData\Local\Temp\i4jdel2.exe
C:\Users\Jürgen\AppData\Local\Temp\jansi-32-git-Bukkit-1.5.2-R1.0-b2788jnks.dll
C:\Users\Jürgen\AppData\Local\Temp\javagiac0.016783020975253415.dll
C:\Users\Jürgen\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Jürgen\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jürgen\AppData\Local\Temp\{E5A0C4BB-6690-4D2C-A990-4C6110C79388}-34.0.1847.137_34.0.1847.131_chrome_updater.exe
C:\Users\Martina\AppData\Local\Temp\AskSLib.dll
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Martina\AppData\Local\Temp\SPSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 11:24
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by at 2014-05-31 20:38:47
Running from C:\Users\\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
==================== Installed Programs ======================
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version: - City Interactive)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apowersoft kostenloser Bildschirmrekorder V1.2.4 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.2.4 - Apowersoft)
appbario8 Toolbar (HKLM-x32\...\appbario8 Toolbar) (Version: 6.9.0.16 - appbario8)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version: - Bohemia Interactive)
ATI Catalyst Install Manager (HKLM\...\{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version: - ) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help English (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help French (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help German (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0930.2237.38732 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0930.2237.38732 - ATI) Hidden
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version: - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1181 - SG INTERACTIVE)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dealply (HKCU\...\Dealply) (Version: - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.3 - DealPly Technologies Ltd.) <==== ATTENTION
Delta Chrome Toolbar (HKLM-x32\...\{177586E7-E42E-4F38-83D1-D15B4AF5B714}) (Version: 1.0.0.0 - DeltaInstaller) <==== ATTENTION
Delta toolbar (HKLM-x32\...\delta) (Version: 1.8.10.0 - Delta) <==== ATTENTION
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Feven Pro 1.2 (HKLM-x32\...\Feven Pro 1.2) (Version: 1.34.2.13 - Feven) <==== ATTENTION
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.2.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.14.1022 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.14.1022 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - )
HQ-Video-Profession-1.3 (HKLM-x32\...\HQ-Video-Profession-1.3) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.8.6 - ) <==== ATTENTION
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2208 - Bandoo Media Inc) <==== ATTENTION
IM Lock (HKLM-x32\...\IMLock) (Version: - Comvigo, Inc.)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.4.56.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.4.56.0 - Iminent) Hidden <==== ATTENTION
Incredibar Toolbar on IE (HKLM-x32\...\incredibar) (Version: - ) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
ISY N150 Micro WLAN USB-Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - ISY)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version: - Lexmark International, Inc.)
lightshot-4.4.2.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 4.4.2.0 - Skillbrains)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.993 - Electronic Arts)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.0.0.128 - Symantec Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PriceGong 2.6.4 (HKLM-x32\...\PriceGong) (Version: 2.6.4 - PriceGong) <==== ATTENTION
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Re-markit (HKLM-x32\...\f4dc7792-3f3d-43d0-ad79-cb3520fae36c) (Version: - Re-markit Software) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper - Art of Victory (HKLM-x32\...\sniper_de_is1) (Version: - City Interactive)
SpecialSavings (HKLM-x32\...\SpecialSavings) (Version: - ) <==== ATTENTION
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 5.3.4.4 - Uniblue Systems Ltd) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.8.1 - TeamSpeak Systems GmbH)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.4 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
Video Downloader (HKLM-x32\...\Video Downloader) (Version: 1.14 - hxxp://www.vgrabber.com)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Wajam (HKLM-x32\...\Wajam) (Version: 2.11 - Wajam) <==== ATTENTION
Web Assistant 2.0.0.573 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.573 - IncrediBar) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
WiseConvert (HKLM-x32\...\WiseConvert) (Version: 1.0 - WiseConvert)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
XSManager (HKLM-x32\...\XSManager) (Version: 3.2 - XSManager)
==================== Restore Points =========================
23-05-2014 17:38:13 Windows Update
23-05-2014 23:00:11 Windows Update
24-05-2014 16:20:14 Windows Update
24-05-2014 18:08:19 Windows Update
25-05-2014 00:48:34 Windows Update
25-05-2014 19:14:34 Windows Update
26-05-2014 19:21:38 Windows Update
27-05-2014 19:56:06 Windows Update
28-05-2014 10:10:08 Windows Update
29-05-2014 00:56:57 Windows Update
29-05-2014 13:36:46 DirectX wurde installiert
29-05-2014 23:00:34 Windows Update
30-05-2014 06:27:09 Windows Update
31-05-2014 01:00:50 Windows Update
31-05-2014 05:58:19 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00CDF369-5C82-4B09-A8B8-22E0110976DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {162D19D2-88E6-425F-ACF9-085709C10976} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {180C32E6-A575-49A3-AA4D-7E9EDC44A1AA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-09-19] (TuneUp Software)
Task: {1FD7E7FA-4C1B-46AA-B808-A6B47969B523} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {25715EC7-88B9-4811-B0FD-540AC855053B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {2D13B59E-4C34-49F2-81B8-8A7F2D96CC2F} - System32\Tasks\PC Performer Manager => Sc.exe start PC Performer Manager
Task: {620FBD68-8B3D-47C5-BEE1-EA19B1705EC4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2465613748-4109621216-2680054910-1001
Task: {62745FA6-88B4-4F26-B2F4-09469D925348} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {635AC757-77D2-41EE-A578-F6A8974BF31D} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {6875CA21-089D-4DC0-A439-FE49B1E33DB4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {6E350C8D-3672-4719-8CF1-5A8B8CA44909} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {77E350C2-2250-4BEE-B575-EF12CA6A03F8} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {820F5D76-F745-4811-BE70-3E99A14E89D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {9C4EF4AE-24AC-494E-BB1E-389E59772369} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-11] (Adobe Systems Incorporated)
Task: {A66165D0-A739-46B9-AA91-33C0AE65F710} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {ABD96266-25AF-494C-B2F5-17C5D8F015E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {B3ACA1F2-AC10-4A74-A012-61E186CB35DD} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {BEE6EDB5-D13A-4C37-B3C9-40075E803219} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D1301EC2-67C9-4E08-9A87-56DB18075640} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-enabler.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-updater.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\ReMar.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) =============
2012-09-03 21:48 - 2014-04-07 16:57 - 02276144 _____ () C:\Windows\system32\dmwu.exe
2014-02-28 16:37 - 2014-02-28 16:37 - 00194560 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe
2012-08-05 21:47 - 2013-01-29 15:28 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
2012-10-05 10:38 - 2012-04-05 17:35 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01100592 _____ () C:\Windows\SysWOW64\jmdp\stij.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01303856 _____ () C:\Windows\System32\ljkb\stij.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01571120 _____ () C:\Windows\System32\ljkb\lmrn.dll
2013-08-29 01:39 - 2013-08-29 01:40 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2013-11-27 21:58 - 2014-02-28 15:16 - 00775872 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2012-07-02 11:16 - 2012-07-02 11:16 - 00695448 _____ () C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe
2010-08-04 15:58 - 2010-08-04 15:58 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-30 22:36 - 2010-09-30 22:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-02-27 08:04 - 2014-02-27 08:04 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2014-02-14 11:30 - 2014-02-14 11:30 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-10-01 09:40 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-07 16:57 - 2014-04-07 16:57 - 01266992 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2014-02-28 15:17 - 2014-02-28 15:16 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-02-28 15:17 - 2014-02-28 15:16 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00716616 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00126280 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 04217672 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00414536 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 01732424 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 13695816 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\\Downloads\Bestaetigung_Rechnung_zu_Ihrer_byebye_Reise_21200789.eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xf28
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: )
Description: Unexpected exception.
System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
bei System.Delegate.DynamicInvokeImpl(Object[] args)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x8a4
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: bdc
Startzeit: 01cf7b2654df9e89
Endzeit: 142
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: c652360f-e766-11e3-b952-1c6f6549ce08
Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x894
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x81c
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x864
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x83c
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
System errors:
=============
Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (05/31/2014 01:37:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F48FC5B2-094A-44C7-B48C-289738C9582D}
Error: (05/31/2014 08:01:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Re-markit" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/31/2014 08:01:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme
Error: (05/31/2014 07:27:08 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{2A1A7AD7-DF00-40FC-9333-1E858D256B18} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (05/31/2014 03:03:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme
Error: (05/31/2014 03:00:29 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/30/2014 00:52:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F48FC5B2-094A-44C7-B48C-289738C9582D}
Error: (05/30/2014 00:38:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42df2801cf7bf37a4253e5C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dllf6f536a7-e888-11e3-9d00-1c6f6549ce08
Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: )
Description: Unexpected exception.
System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
bei System.Delegate.DynamicInvokeImpl(Object[] args)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d8a401cf7b2651844dc6C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll8db42bc3-e785-11e3-b952-1c6f6549ce08
Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567bdc01cf7b2654df9e89142C:\Windows\Explorer.EXEc652360f-e766-11e3-b952-1c6f6549ce08
Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d89401cf7a63585a967bC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dlla4e53e31-e6cc-11e3-b8fd-1c6f6549ce08
Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d81c01cf799b0a1f0c71C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll661f4893-e5d9-11e3-b36f-1c6f6549ce08
Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d86401cf78e6a8b756c4C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll7f5aa995-e50b-11e3-a4d9-1c6f6549ce08
Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d83c01cf77e7a66b93feC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll41f967c5-e441-11e3-9d94-1c6f6549ce08
==================== Memory info ===========================
Percentage of memory in use: 74%
Total physical RAM: 3959.48 MB
Available physical RAM: 995.35 MB
Total Pagefile: 7917.15 MB
Available Pagefile: 3216.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:727.71 GB) (Free:467.25 GB) NTFS
Drive d: (Volume) (Fixed) (Total:195.31 GB) (Free:195.22 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:8 GB) (Free:2.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B6D843)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=728 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
31.05.2014, 20:24
| #4 |
| /// TB-Ausbilder | WINDOWS 7 kommen ständig PopUps usw... Hab dir schon geantwortet.  |
|
01.06.2014, 00:39
| #5 |
| | WINDOWS 7 kommen ständig PopUps usw... Hi, ComboFix ist immer noch fertig, leider Code:
ATTFilter ComboFix 14-05-29.01 - 31.05.2014 23:06:21.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3959.1227 [GMT 2:00]
ausgeführt von:: c:\users\\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\EPLog.txt
C:\END
C:\Install.exe
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\blabbers-ch.crx
c:\program files (x86)\BrowserCompanion\blabbers-ff-full.xpi
c:\program files (x86)\BrowserCompanion\jsloader.dll
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\tdataprotocol.dll
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\program files (x86)\BrowserCompanion\toolbar.dll
c:\program files (x86)\BrowserCompanion\uninstall.exe
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll
c:\program files (x86)\BrowserCompanion\updater.ini
c:\program files (x86)\BrowserCompanion\widgetserv.exe
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPly.xpi
c:\program files (x86)\DealPly\DealPlyIE.dll
c:\program files (x86)\DealPly\DealPlyIE64.dll
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\DealPlyUpdateVer.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-profession-1.3-bho.dll
c:\program files (x86)\Incredibar.com
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\program files (x86)\PriceGong
c:\program files (x86)\PriceGong\2.6.4\PriceGong.crx
c:\program files (x86)\PriceGong\2.6.4\PriceGongIE.dll
c:\program files (x86)\PriceGong\uninst.exe
c:\program files (x86)\Search Results Toolbar\Datamngr
c:\program files (x86)\Search Results Toolbar\Datamngr\BrowserConnection.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\css\new-tab.css
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_amazon.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ebay.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_facebook.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_fantastigames.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ftalk.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_youtube.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\IDR_WEBSTORE_ICON.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\images\imesh_logo_128.png
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\config\skin\new-tab.html
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\analytics.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\constant.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\default-config.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\jquery.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\localStorage.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\new-tab.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\lib\preferences.js
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\manifest.json
c:\program files (x86)\Search Results Toolbar\Datamngr\ChromeExtension\OurLocalPage.html
c:\program files (x86)\Search Results Toolbar\Datamngr\datamngr.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\datamngrUI.exe
c:\program files (x86)\Search Results Toolbar\Datamngr\DnsBHO.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\chrome.manifest
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF10.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF11.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF12.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF13.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF14.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF15.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF16.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF17.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF8.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF9.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\overlay.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\overlay.xul
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\RequestPreserver.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\Settings.xml
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt
c:\program files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension\install.rdf
c:\program files (x86)\Search Results Toolbar\Datamngr\IEBHO.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\installhelper.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\BrowserConnection.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\datamngr.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\DnsBHO.dll
c:\program files (x86)\Search Results Toolbar\Datamngr\x64\IEBHO.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC
c:\program files (x86)\Uniblue\SpeedUpMyPC\cwebpage.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\InstallerExtensions.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\intermediate_views.dat
c:\program files (x86)\Uniblue\SpeedUpMyPC\latest_scan_results.xsl
c:\program files (x86)\Uniblue\SpeedUpMyPC\Launcher.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\library.dat
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\br\br.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\br\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\de\de.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\de\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\dk\dk.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\dk\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\en\en.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\en\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\es\es.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\es\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\fi\fi.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\fi\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\fr\fr.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\fr\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\it\it.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\it\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\jp\jp.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\jp\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\nl\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\nl\nl.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\no\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\no\no.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\ru\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\ru\ru.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\se\LC_MESSAGES\messages.mo
c:\program files (x86)\Uniblue\SpeedUpMyPC\locale\se\se.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\Microsoft.VC90.CRT.manifest
c:\program files (x86)\Uniblue\SpeedUpMyPC\msvcp90.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\msvcr90.dll
c:\program files (x86)\Uniblue\SpeedUpMyPC\repair_transform.xsl
c:\program files (x86)\Uniblue\SpeedUpMyPC\sp_move_serial.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\spnotifier.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\sump.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\comtypes.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\cwebpage.dll.html
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\decorator.py.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\ordereddict.py.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\py2exe.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\python-changes.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\python.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\simplejson.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\Third Party Terms\wmi.txt
c:\program files (x86)\Uniblue\SpeedUpMyPC\unins000.dat
c:\program files (x86)\Uniblue\SpeedUpMyPC\unins000.exe
c:\program files (x86)\Uniblue\SpeedUpMyPC\unins000.msg
c:\program files (x86)\Uniblue\SpeedUpMyPC\views.dat
c:\program files (x86)\Windows Live\Messenger\msacm32.dll
c:\program files\Web Assistant\ExTEnsion32.dll
c:\programdata\0tbpw.pad
c:\users\Elvira\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\Elvira\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
c:\users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gcjbopemebdnolilndkpjfmhakccapkh_0.localstorage-journal
c:\users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gcjbopemebdnolilndkpjfmhakccapkh_0.localstorage
c:\users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0.localstorage-journal
c:\users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0.localstorage
c:\users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\Martina\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\Martina\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\windows\SysWow64\ChilkatMail_v7_9.dll
c:\windows\Tasks\SpeedUpMyPC.job
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-04-28 bis 2014-05-31 ))))))))))))))))))))))))))))))
.
.
2014-05-31 23:14 . 2014-05-31 23:14 -------- d-----w- c:\users\Jürgen\AppData\Local\temp
2014-05-31 23:13 . 2014-05-31 23:13 -------- d-----w- c:\users\Elvira\AppData\Local\temp
2014-05-31 23:13 . 2014-05-31 23:13 -------- d-----w- c:\users\Martina\AppData\Local\temp
2014-05-31 23:13 . 2014-05-31 23:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-31 18:37 . 2014-05-31 18:40 -------- d-----w- C:\FRST
2014-05-31 05:37 . 2014-05-31 08:29 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{38292580-EECE-42BE-8B81-DB3E92A44A32}\offreg.dll
2014-05-30 10:50 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{38292580-EECE-42BE-8B81-DB3E92A44A32}\mpengine.dll
2014-05-29 13:46 . 2014-05-29 13:46 -------- d-----w- c:\programdata\PopCap Games
2014-05-29 13:46 . 2014-05-29 13:46 -------- d-----w- c:\programdata\EA Core
2014-05-29 13:45 . 2014-05-30 11:02 -------- d-----w- c:\programdata\EA Logs
2014-05-25 00:51 . 2014-05-25 00:51 0 ----a-w- c:\windows\SysWow64\sho37D5.tmp
2014-05-17 22:25 . 2014-05-17 22:25 0 ----a-w- c:\windows\SysWow64\shoE10C.tmp
2014-05-16 22:05 . 2014-05-16 22:05 0 ----a-w- c:\windows\SysWow64\shoE14A.tmp
2014-05-14 20:03 . 2014-05-06 00:21 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-14 20:03 . 2014-05-05 23:14 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-14 20:03 . 2014-05-06 00:46 17847808 ----a-w- c:\windows\system32\mshtml.dll
2014-05-14 20:03 . 2014-05-06 00:21 96768 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-02 01:23 . 2014-05-02 01:23 0 ----a-w- c:\windows\SysWow64\shoF15F.tmp
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-14 20:00 . 2010-10-01 08:17 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-04-30 15:55 . 2014-04-30 15:55 0 ----a-w- c:\windows\SysWow64\sho6040.tmp
2014-04-29 08:19 . 2013-08-15 17:44 130584 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-04-29 08:19 . 2013-08-15 17:44 112080 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-04-26 01:23 . 2014-04-26 01:23 0 ----a-w- c:\windows\SysWow64\sho4F22.tmp
2014-04-24 22:09 . 2014-04-24 22:09 0 ----a-w- c:\windows\SysWow64\sho6F42.tmp
2014-04-24 00:10 . 2014-04-24 00:10 0 ----a-w- c:\windows\SysWow64\shoB455.tmp
2014-04-21 16:34 . 2014-04-21 16:34 0 ----a-w- c:\windows\SysWow64\sho635D.tmp
2014-04-20 01:14 . 2014-04-20 01:14 0 ----a-w- c:\windows\SysWow64\sho3307.tmp
2014-04-14 18:13 . 2014-04-24 18:29 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-11 05:50 . 2012-08-21 04:07 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-11 05:50 . 2012-08-21 04:07 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-07 14:57 . 2012-09-03 19:48 2276144 ----a-w- c:\windows\system32\dmwu.exe
2014-04-07 14:55 . 2012-09-03 19:48 33792 ----a-w- c:\windows\system32\ImHttpComm.dll
2014-04-06 10:24 . 2012-09-03 19:48 829264 ----a-w- c:\windows\system32\msvcr100.dll
2014-04-06 10:24 . 2012-09-03 19:48 608080 ----a-w- c:\windows\system32\msvcp100.dll
2014-04-04 10:27 . 2014-04-04 10:27 0 ----a-w- c:\windows\SysWow64\shoA7B8.tmp
2014-04-02 23:44 . 2014-04-02 23:44 0 ----a-w- c:\windows\SysWow64\sho2158.tmp
2014-04-01 22:33 . 2014-04-01 22:33 0 ----a-w- c:\windows\SysWow64\shoD851.tmp
2014-03-31 19:20 . 2014-03-31 19:20 0 ----a-w- c:\windows\SysWow64\shoBA6F.tmp
2014-03-31 07:35 . 2010-10-01 08:20 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-30 11:46 . 2014-03-30 11:46 0 ----a-w- c:\windows\SysWow64\sho6CD9.tmp
2014-03-28 23:36 . 2014-03-28 23:36 0 ----a-w- c:\windows\SysWow64\shoEE41.tmp
2014-03-28 00:00 . 2014-03-28 00:00 0 ----a-w- c:\windows\SysWow64\shoEFA7.tmp
2014-03-21 18:55 . 2014-03-21 18:55 0 ----a-w- c:\windows\SysWow64\sho2764.tmp
2014-03-18 23:57 . 2014-03-18 23:57 0 ----a-w- c:\windows\SysWow64\shoCDAC.tmp
2014-03-18 19:59 . 2014-03-18 19:59 0 ----a-w- c:\windows\SysWow64\shoEC1B.tmp
2014-03-18 11:23 . 2014-03-18 11:23 0 ----a-w- c:\windows\SysWow64\sho6164.tmp
2014-03-18 08:19 . 2014-03-18 08:19 0 ----a-w- c:\windows\SysWow64\sho272.tmp
2014-03-17 11:21 . 2014-03-17 11:21 0 ----a-w- c:\windows\SysWow64\shoDBE2.tmp
2014-03-17 01:21 . 2014-03-17 01:21 0 ----a-w- c:\windows\SysWow64\sho28E.tmp
2014-03-13 23:57 . 2014-03-13 23:57 0 ----a-w- c:\windows\SysWow64\shoC046.tmp
2014-03-08 04:06 . 2014-04-10 13:02 10926592 ----a-w- c:\windows\system32\ieframe.dll
2014-03-08 03:49 . 2014-04-10 13:02 2334720 ----a-w- c:\windows\system32\jscript9.dll
2014-03-08 03:41 . 2014-04-10 13:02 1347072 ----a-w- c:\windows\system32\urlmon.dll
2014-03-08 03:40 . 2014-04-10 13:02 1392128 ----a-w- c:\windows\system32\wininet.dll
2014-03-08 03:39 . 2014-04-10 13:02 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-08 03:38 . 2014-04-10 13:02 237056 ----a-w- c:\windows\system32\url.dll
2014-03-08 03:37 . 2014-04-10 13:02 85504 ----a-w- c:\windows\system32\jsproxy.dll
2014-03-08 03:34 . 2014-04-10 13:02 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-08 03:34 . 2014-04-10 13:02 816640 ----a-w- c:\windows\system32\jscript.dll
2014-03-08 03:33 . 2014-04-10 13:02 599040 ----a-w- c:\windows\system32\vbscript.dll
2014-03-08 03:32 . 2014-04-10 13:02 729088 ----a-w- c:\windows\system32\msfeeds.dll
2014-03-08 03:32 . 2014-04-10 13:02 2147840 ----a-w- c:\windows\system32\iertutil.dll
2014-03-08 03:24 . 2014-04-10 13:02 248320 ----a-w- c:\windows\system32\ieui.dll
2014-03-07 23:12 . 2014-04-10 13:02 1806848 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-03-07 23:02 . 2014-04-10 13:02 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-03-07 23:02 . 2014-04-10 13:02 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2014-03-07 22:57 . 2014-04-10 13:02 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-03-07 22:56 . 2014-04-10 13:02 421376 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-06 14:03 . 2014-03-06 14:03 0 ----a-w- c:\windows\SysWow64\shoCA96.tmp
2014-03-06 02:32 . 2014-03-06 02:32 0 ----a-w- c:\windows\SysWow64\shoE43C.tmp
2014-03-05 02:31 . 2014-03-05 02:31 0 ----a-w- c:\windows\SysWow64\shoA355.tmp
2014-03-04 09:44 . 2014-04-10 12:33 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-10 12:33 243712 ----a-w- c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-10 12:33 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-10 12:33 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-10 12:33 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-10 12:33 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-10 12:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-10 12:33 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-10 12:33 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-10 12:33 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-10 12:33 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0cc09160-108c-4759-bab1-5c12c216e005}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\appbario8\prxtbappb.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-04-11 02:07 513648 ----a-w- c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}]
2013-01-23 12:24 247704 ----a-w- c:\program files (x86)\Delta\delta\1.8.10.0\bh\delta.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-10-22 19:18 277560 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]
"{0cc09160-108c-4759-bab1-5c12c216e005}"= "c:\program files (x86)\appbario8\prxtbappb.dll" [2011-05-09 176936]
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll" [2013-01-23 321944]
.
[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
.
[HKEY_CLASSES_ROOT\clsid\{0cc09160-108c-4759-bab1-5c12c216e005}]
.
[HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\delta.deltadskBnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightShot"="c:\users\\AppData\Local\Skillbrains\lightshot\LightShot.exe" [2012-02-02 195072]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-04-25 3588952]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-08-28 4287536]
"NextLive"="c:\users\\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-30 98304]
"starter4g"="c:\windows\starter4g.exe" [2011-03-30 160424]
"Iminent"="c:\program files (x86)\Iminent\Iminent.exe" [2013-01-25 1074736]
"IminentMessenger"="c:\program files (x86)\Iminent\Iminent.Messengers.exe" [2013-01-25 884784]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-05-27 737872]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"mobilegeni daemon"="c:\program files (x86)\Mobogenie\DaemonProcess.exe" [2014-02-28 775872]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2013-06-19 601928]
.
c:\users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
tbhcn.lnk - c:\users\\AppData\Roaming\BrowserCompanion\tbhcn.exe -interval=10 -IEhome=0 -IEsearch=0 -FFhome=0 -FFsearch=0 -CHhome=0 -CHsearch=0 -pubId=ginyas_377 -affId=g377_sfexp_de [2012-7-2 695448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
IML.lnk - c:\windows\System32\iml.vbs [2010-5-21 4472]
IML64.lnk - c:\windows\SysWOW64\iml.vbs [2010-5-21 4472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dealplylive;DealPly Live-Dienst (dealplylive);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R2 IePluginService;IePlugin Service;c:\programdata\IePluginService\PluginService.exe;c:\programdata\IePluginService\PluginService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Web Assistant;Web Assistant;c:\program files\Web Assistant\ExtensionUpdaterService.exe;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
R2 Wpm;Wpm Service;c:\programdata\WPM\wprotectmanager.exe;c:\programdata\WPM\wprotectmanager.exe [x]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmnsusbser.sys [x]
R3 dealplylivem;DealPly Live-Dienst (dealplylivem);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 netr7364;RT73 USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187B.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8187B.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 X6va009;X6va009;c:\windows\SysWOW64\Drivers\X6va009;c:\windows\SysWOW64\Drivers\X6va009 [x]
R3 X6va010;X6va010;c:\windows\SysWOW64\Drivers\X6va010;c:\windows\SysWOW64\Drivers\X6va010 [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 X6va014;X6va014;c:\windows\SysWOW64\Drivers\X6va014;c:\windows\SysWOW64\Drivers\X6va014 [x]
R3 X6va015;X6va015;c:\windows\SysWOW64\Drivers\X6va015;c:\windows\SysWOW64\Drivers\X6va015 [x]
R3 X6va016;X6va016;c:\windows\SysWOW64\Drivers\X6va016;c:\windows\SysWOW64\Drivers\X6va016 [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe;c:\windows\SYSNATIVE\lxbkcoms.exe [x]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe;c:\program files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [x]
S2 Re-markit;Re-markit;c:\program files (x86)\Re-markit-soft\Re-markit155.exe;c:\program files (x86)\Re-markit-soft\Re-markit155.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SProtection;SProtection;c:\program files (x86)\Common Files\Umbrella\umbrella.exe;c:\program files (x86)\Common Files\Umbrella\umbrella.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 WajamUpdaterV3;WajamUpdaterV3;c:\program files (x86)\Wajam\Updater\WajamUpdaterV3.exe;c:\program files (x86)\Wajam\Updater\WajamUpdaterV3.exe [x]
S2 winzipersvc;WinZiper service;c:\program files (x86)\WinZipper\winzipersvc.exe;c:\program files (x86)\WinZipper\winzipersvc.exe [x]
S2 WTGService;WTGService;c:\program files (x86)\XSManager\WTGService.exe;c:\program files (x86)\XSManager\WTGService.exe [x]
S2 XS Stick Service;XS Stick Service;c:\windows\service4g.exe;c:\windows\service4g.exe [x]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys;c:\windows\SYSNATIVE\drivers\Apowersoft_AudioDevice.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192cu;Surf Wireless Micro USB Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192cu.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-15 05:50]
.
2013-10-28 c:\windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
- c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-10-28 14:08]
.
2014-02-28 c:\windows\Tasks\Feven Pro 1.2-chromeinstaller.job
- c:\program files (x86)\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe [2014-02-28 14:46]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
- c:\users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 08:34]
.
2013-09-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA.job
- c:\users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 08:34]
.
2014-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
- c:\users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 13:16]
.
2013-09-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA.job
- c:\users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 13:16]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
- c:\users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 13:25]
.
2013-09-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA.job
- c:\users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21 13:25]
.
2014-02-28 c:\windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job
- c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe [2014-02-28 14:40]
.
2014-02-28 c:\windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job
- c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe [2014-02-28 14:40]
.
2014-02-28 c:\windows\Tasks\HQ-Video-Profession-1.3-enabler.job
- c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe [2014-02-28 14:41]
.
2014-02-28 c:\windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job
- c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe [2014-02-28 14:40]
.
2014-02-28 c:\windows\Tasks\HQ-Video-Profession-1.3-updater.job
- c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe [2014-02-28 14:41]
.
2014-02-28 c:\windows\Tasks\Re-markit Update.job
- c:\program files (x86)\Re-markit-soft\ReMar.exe [2014-02-28 14:37]
.
2014-02-28 c:\windows\Tasks\Re-markit_wd.job
- c:\program files (x86)\Re-markit-soft\Re-markit_wd.exe [2014-02-28 14:37]
.
2013-09-15 c:\windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
- c:\program files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-09-19 10:27]
.
2013-09-06 c:\windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2012-07-22 22:26]
.
2013-09-06 c:\windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2012-07-22 22:26]
.
2013-09-06 c:\windows\Tasks\update-sys.job
- c:\program files (x86)\Skillbrains\Updater\Updater.exe [2012-07-22 22:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110511161182}]
2014-02-28 14:47 673792 ----a-w- c:\program files (x86)\Feven Pro 1.2\Feven Pro 1.2-bho64.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-10-22 19:18 336952 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-23 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-23 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-23 415256]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-03 11464296]
"lxbkbmgr.exe"="c:\program files (x86)\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mDefault_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1392503296&from=smt&uid=SAMSUNGXHD103SI_S1VSJD1ZB14888&q={searchTerms}
uInternet Settings,ProxyServer = http=127.0.0.1:13828
uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
IE: Free YouTube Download - c:\users\\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files (x86)\SpecialSavings\SpecialSavingsSinged.dll
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -
FF - ProfilePath - c:\users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227982&SearchSource=3&q={searchTerms}
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8BbEiZzb&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 88084d330000000000001c6f6549ce08
FF - user.js: extensions.incredibar_i.instlDay - 15557
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1421:47
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6R8BbEiZzb
FF - user.js: extensions.incredibar_i.upn2n - 92824830072188233
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10657
FF - user.js: extensions.incredibar_i.ppd -
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 88084d330000000000001c6f6549ce08
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15748
FF - user.js: extensions.delta.vrsn - 1.8.10.0
FF - user.js: extensions.delta.vrsni - 1.8.10.0
FF - user.js: extensions.delta.vrsnTs - 1.8.10.020:37
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{00cbb66b-1d3b-46d3-9577-323a336acb50} - c:\program files (x86)\BrowserCompanion\jsloader.dll
BHO-{11111111-1111-1111-1111-110511151178} - c:\program files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-bho.dll
BHO-{1631550F-191D-4826-B069-D9439253D926} - c:\program files (x86)\PriceGong\2.6.4\PriceGongIE.dll
BHO-{336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\Web Assistant\Extension32.dll
BHO-{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
BHO-{9cf699ca-2174-4ed8-bec1-ba82095edce0} - c:\program files (x86)\DealPly\DealPlyIE.dll
BHO-{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - c:\progra~2\SEARCH~1\Datamngr\BROWSE~1.DLL
BHO-{f34c9277-6577-4dff-b2d7-7d58092f272f} - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
Toolbar-Locked - (no file)
Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
Toolbar-{f34c9277-6577-4dff-b2d7-7d58092f272f} - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
Toolbar-10 - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
WebBrowser-{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - (no file)
WebBrowser-{09152F0B-739C-4DEC-A245-1AA8A37594F1} - (no file)
WebBrowser-{0CC09160-108C-4759-BAB1-5C12C216E005} - (no file)
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
AddRemove-Free Audio CD to MP3 Converter_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-IMLock - c:\windows\System32\tnblf.exe
AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
AddRemove-PriceGong - c:\program files (x86)\PriceGong\uninst.exe
AddRemove-{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 - c:\program files (x86)\Uniblue\SpeedUpMyPC\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.0.0.128\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va009]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va009"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va010]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va010"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va014]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va014"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va015]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va015"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\services\X6va016]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va016"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-01 01:19:31
ComboFix-quarantined-files.txt 2014-05-31 23:19
.
Vor Suchlauf: 18 Verzeichnis(se), 515.986.145.280 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 528.170.180.608 Bytes frei
.
- - End Of File - - C3728E84C537515BF5213A78AF73160C
|
|
01.06.2014, 11:06
| #6 | |
| /// TB-Ausbilder | WINDOWS 7 kommen ständig PopUps usw... Gut gemacht. Hier noch kurz ein wichtiger Hinweis zu deinen AV-Programmen: Mehrere Anti-Virus-Programme Code:
ATTFilter Norton
Avira
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast. Zitat:
Und so geht es weiter: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 4 Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann. Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
Schritt 5
Bitte poste mit deiner nächsten Antwort
|
|
02.06.2014, 01:25
| #7 |
| | WINDOWS 7 kommen ständig PopUps usw... Hi, habe mich für AntiVir entschieden und Norton deinstalliert. Kann die Logs nicht senden, da sie zu gross sind, leider JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by on 01.06.2014 at 21:57:23,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wnlt
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dealplylive
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_USERS\.DEFAULT\Software\bProtector
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASDLG
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2233C3F4-E3B3-4C3F-BFEE-D89A63D6FEE4}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{27433C8B-14CF-4B32-8783-43F982AF9813}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8BA3C05B-6624-4F7B-8CEC-7B1D1EBA0142}
~~~ Files
Successfully deleted: [File] "C:\Users\\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage"
Successfully deleted: [File] "C:\Users\\appdata\local\google\chrome\user data\default\local storage\http_start.iminent.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] "C:\Users\\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speedupmypc.lnk"
Successfully deleted: [File] C:\Windows\syswow64\sho1884.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho1E37.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2158.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho272.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho2764.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho28E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho3307.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho37D5.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4BFC.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho4F22.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho5E4E.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6040.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6164.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho635D.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6CD9.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho6F42.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho70E7.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho75BE.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho8A22.tmp
Successfully deleted: [File] C:\Windows\syswow64\sho93F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA355.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA3B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoA7B8.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoB455.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBA6F.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoBB49.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC046.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoC863.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCA96.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoCDAC.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD12E.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoD851.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDBE2.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE10C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE14A.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE226.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoE43C.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEC1B.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEE41.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoEFA7.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoF15F.tmp
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files (x86)\wiseconvert"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\\AppData\Roaming\mozilla\firefox\profiles\3elvxd57.default\minidumps [161 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.06.2014 at 22:07:59,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 01.06.2014 Suchlauf-Zeit: 22:37:16 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.03.04.09 Rootkit Datenbank: v2014.05.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 326634 Verstrichene Zeit: 17 Min, 19 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by on 01.06.2014 at 22:59:26,92.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
01.06.2014 23:02:05 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F34C9277-6577-4DFF-B2D7-7D58092F272F} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511151178} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{1631550F-191D-4826-B069-D9439253D926} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{09152F0B-739C-4DEC-A245-1AA8A37594F1} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000\Software\Mozilla\Firefox\Extensions\{95818252-7aac-4b4b-b6db-2fedbc9902a4} deleted successfully
HKEY_USERS\S-1-5-21-2465613748-4109621216-2680054910-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Mozilla\Firefox\Extensions\{95818252-7aac-4b4b-b6db-2fedbc9902a4} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\prefs.js:
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\prefs.js:
Deleted from C:\Users\JRGEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\prefs.js:
Added to C:\Users\JRGEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.selectedEngine", "Google");
Added to C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default
user.js not found
---- Lines iminent modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.extensionFirstRun", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.lastExtensionVersion", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-15");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_name", "Web Assistant");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_version", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_temp_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-1
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_toolbarID", "61d26e2cc2bf43fcadaa8f9913cd3125");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_gtQueryParam", "UA-25323614-11");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam1", "MB149");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam2", "MB150");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_status", "active");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_upn2", "6R8BbEiZzb");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.413", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.478", false);
---- Lines {F34C9277-6577-4DFF-B2D7-7D58092F272F} modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----
prefs__2322_.backup
ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs__2322_.backup
ProfilePath: C:\Users\JRGEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default
user.js not found
---- Lines iminent modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.extensionFirstRun", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.lastExtensionVersion", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-15");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_name", "Web Assistant");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_version", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_temp_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-1
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_toolbarID", "61d26e2cc2bf43fcadaa8f9913cd3125");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_dailyPing", "true|||1349294965735");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_debugMode", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_gtQueryParam", "UA-25323614-11");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_installedPing", "true|||8641349208565735");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_lastUpdate", "1349208564739|||8641349208564740");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam1", "MB149");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam2", "MB150");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_status", "active");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_toolbar_query", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_upn2", "6R8BbEiZzb");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.413", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.478", false);
---- Lines {F34C9277-6577-4DFF-B2D7-7D58092F272F} modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----
prefs__2322_.backup
ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default
user.js not found
---- Lines iminent modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.extensionFirstRun", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.lastExtensionVersion", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-15");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_name", "Web Assistant");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_product_version", "2.0.0.478");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_temp_installer_name", "sg_6R8BbEiZzb_active_MB149_MB150_UA-25323614-11_2012-08-05-21-47-1
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_toolbarID", "61d26e2cc2bf43fcadaa8f9913cd3125");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_dailyPing", "true|||1356805844575");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_debugMode", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_dialogVersion", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_gtQueryParam", "UA-25323614-11");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_inactive_by_user", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_installedPing", "true|||8641344928652541");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_lastUpdate", "1356719444546|||8641356719444546");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam1", "MB149");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_redirectQueryParam2", "MB150");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_showDialog", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_showtoaster", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_status", "active");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_toasterID", "8|||8641356743139572");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_toolbar_query", "not set");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_upn2", "6R8BbEiZzb");
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdefaultsearch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.413", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.setdnscatch_2.0.0.478", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.458", false);
user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.sethomepage_2.0.0.478", false);
---- Lines {F34C9277-6577-4DFF-B2D7-7D58092F272F} modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----
prefs__2322_.backup
==== Deleting Files \ Folders ======================
C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\extensions\webbooster@iminent.com.xpi not found
C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} not found
C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\extensions\specialsavings@superfish.com not found
C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\extensions\bbrs_002@blabbers.com not found
C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\webbooster@iminent.com.xpi not found
C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} not found
C:\Users\\.android deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\autoconfig.js deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_342 deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_343 deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_383 deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_514 deleted
C:\PROGRA~2\Uninstall Information\ib_uninst_569 deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\found.000 deleted
C:\Users\\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted
C:\PROGRA~3\winiml.dat deleted
C:\Users\Elvira\AppData\Local\avgchrome deleted
C:\Users\\AppData\Local\CRE deleted
C:\Users\\AppData\Local\avgchrome deleted
C:\Users\\AppData\Local\cache deleted
C:\Users\Martina\AppData\Local\avgchrome deleted
C:\Users\JRGEN~1\AppData\Local\avgchrome deleted
C:\windows\SysNative\Tasks\PC Performer Manager deleted
C:\Windows\Installer\{118D6CE9-5F18-42F9-958A-14676A629FDE} deleted
C:\Users\\Downloads\iLividSetup (1).exe deleted
C:\Users\\Downloads\iLividSetup.exe deleted
C:\Users\\Downloads\FreeYouTubeToMP3Converter.exe deleted
C:\Users\Elvira\AppData\LocalLow\iNTERNET_TURBO deleted
C:\Users\Martina\AppData\LocalLow\iNTERNET_TURBO deleted
C:\Users\JRGEN~1\AppData\LocalLow\iNTERNET_TURBO deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\JRGEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\foxydeal.sqlite deleted
"C:\Windows\Installer\2b47922.msi" deleted
"C:\Users\\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default
- Undetermined - C:\Program Files\Web Assistant\Firefox
- DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default
- Search Assistant - %ProfilePath%\extensions\{B3834E60-12A8-11E0-A289-939FDFD72085}
- ep - %ProfilePath%\extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi
ProfilePath: C:\Users\JRGEN~1\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default
- Undetermined - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
- Undetermined - C:\Program Files\Web Assistant\Firefox
- DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
- Undetermined - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}
- Undetermined - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com
- Undetermined - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com
- ProxTube - Gesperrte YouTube Videos entsperren - %ProfilePath%\extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Chrome Look ======================
Search Assistant - \AppData\Local\Google\Chrome\User Data\Default\Extensions\jfelndikbdcohbdimnhdhhokfljdidgn
MapsGalaxy - JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmpoonbkphmkpjmcbgpeoondejnaaic
==== Chrome Fix ======================
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bday.conduitapps.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bday.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hp.search.conduit.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hp.search.conduit.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youtube.conduitapps.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youtube.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youtubetop.conduitapps.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_youtubetop.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bday.conduitapps.com_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bday.conduitapps.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_client.conduit-storage.com_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_client.conduit-storage.com_0.localstorage-journal deleted successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage deleted successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_mystart.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.incredibar.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dvdvideosofttbde.ourtoolbar.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dvdvideosofttbde.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_internetturbo.ourtoolbar.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_internetturbo.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dvdvideosofttbde.ourtoolbar.com_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dvdvideosofttbde.ourtoolbar.com_0.localstorage-journal deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.iminent.com_0.localstorage deleted successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.iminent.com_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.pricepeep.net_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.pricepeep.net_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_minecraft-server.softonic.de_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_minecraft-server.softonic.de_0.localstorage-journal deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_minecraft.softonic.de_0.localstorage deleted successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_minecraft.softonic.de_0.localstorage-journal deleted successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bodddioamolcibagionmmobehnbhiakf_0.localstorage deleted successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bodddioamolcibagionmmobehnbhiakf_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\y]
@="hxxp://yandex.ru/yandsearch?win=29&clid=1855511&text=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} ?????? Url="hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}"
==== Reset Google Chrome ======================
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\\AppData\Local\Bromium\User Data\Default\Preferences was reset successfully
C:\Users\\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\\AppData\Local\Comodo\Dragon\User Data\Default\Preferences was reset successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\\AppData\Local\Nichrome\User Data\Default\Preferences was reset successfully
C:\Users\\AppData\Local\Xpom\User Data\Default\Preferences was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\\AppData\Local\Nichrome\User Data\Default\Web Data was reset successfully
C:\Users\\AppData\Local\Xpom\User Data\Default\Web Data was reset successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EC6D81181F59F2459A84176A626F9ED deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\f4dc7792-3f3d-43d0-ad79-cb3520fae36c deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Elvira\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Martina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\JRGEN~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JRGEN~1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Users\Elvira\AppData\Local\Mozilla\Firefox\Profiles\2aglban5.default\Cache emptied successfully
C:\Users\\AppData\Local\Mozilla\Firefox\Profiles\3elvxd57.default\Cache emptied successfully
C:\Users\Martina\AppData\Local\Mozilla\Firefox\Profiles\mzwqgr73.default\Cache emptied successfully
C:\Users\JRGEN~1\AppData\Local\Mozilla\Firefox\Profiles\kkmo767h.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\JRGEN~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=679 folders=139 86254201 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Elvira\AppData\Local\temp emptied successfully
C:\Users\\AppData\Local\Temp will be emptied at reboot
C:\Users\Martina\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\JRGEN~1\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
==== EOF on 01.06.2014 at 23:37:45,80 ======================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-06-2014 01
Ran by (administrator) on -PC on 02-06-2014 00:02:02
Running from C:\Users\\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxbkcoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2011-03-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [LightShot] => C:\Users\\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-08-29] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
Startup: C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKCU - yandex.ru-230807 URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} URL = hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\%Protector Process Name%.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\yandex.ru-230807.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-01]
CHR Extension: (Google Drive) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-01]
CHR Extension: (YouTube) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-21]
CHR Extension: (Google-Suche) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-21]
CHR Extension: (Google Wallet) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-21]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-04-05] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2011-03-30] (4G Systems GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-10-05] (Mobile Connector)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-01] (Malwarebytes Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2011-10-31] (Realtek Semiconductor Corporation )
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-02 00:02 - 2014-06-02 00:02 - 00017636 _____ () C:\Users\\Downloads\FRST.txt
2014-06-01 23:59 - 2014-06-02 00:01 - 02067456 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-06-01 23:55 - 2014-05-31 20:36 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-06-01 23:39 - 2014-06-01 23:39 - 00065175 _____ () C:\Users\\Desktop\zoek-results.txt
2014-06-01 23:35 - 2014-06-02 00:02 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Martina\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Elvira\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 22:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-01 23:01 - 2014-06-01 23:37 - 00065553 _____ () C:\zoek-results.log
2014-06-01 22:58 - 2014-06-01 23:30 - 00000000 ____D () C:\zoek_backup
2014-06-01 22:55 - 2014-06-01 22:56 - 00001154 _____ () C:\Users\\Desktop\mbam.txt
2014-06-01 22:10 - 2014-06-01 22:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 22:10 - 2014-06-01 22:10 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-01 22:10 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-01 22:10 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-01 22:10 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-01 22:08 - 2014-06-01 22:08 - 00005727 _____ () C:\Users\\Desktop\JRT.txt
2014-06-01 21:57 - 2014-06-01 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-06-01 21:53 - 2014-06-01 21:53 - 00124182 _____ () C:\Users\\Desktop\AdwCleaner[S0].txt
2014-06-01 21:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-01 21:33 - 2014-06-01 21:41 - 00000000 ____D () C:\AdwCleaner
2014-06-01 21:32 - 2014-06-01 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 21:31 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Desktop\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Desktop\JRT.exe
2014-06-01 21:30 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Desktop\adwcleaner_3.211.exe
2014-06-01 21:29 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Downloads\zoek.exe
2014-06-01 21:28 - 2014-06-01 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Downloads\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Downloads\JRT.exe
2014-06-01 01:19 - 2014-06-01 01:19 - 00051290 _____ () C:\ComboFix.txt
2014-05-31 21:17 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-31 21:17 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-31 21:17 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-31 21:15 - 2014-06-01 01:19 - 00000000 ____D () C:\Qoobox
2014-05-31 21:14 - 2014-06-01 01:16 - 00000000 ____D () C:\Windows\erdnt
2014-05-31 21:12 - 2014-05-31 21:08 - 05203398 ____R (Swearware) C:\Users\\Desktop\ComboFix.exe
2014-05-31 21:07 - 2014-05-31 21:08 - 05203398 _____ (Swearware) C:\Users\\Downloads\ComboFix.exe
2014-05-31 20:38 - 2014-05-31 21:02 - 00044395 _____ () C:\Users\\Desktop\Addition.txt
2014-05-31 20:37 - 2014-06-02 00:02 - 00000000 ____D () C:\FRST
2014-05-31 20:37 - 2014-05-31 20:56 - 00062979 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:10 - 2014-05-31 20:11 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-14 22:03 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:03 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:03 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:03 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 14:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 14:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 14:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 14:00 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 14:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 14:00 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 14:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 14:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 14:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 14:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 14:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-11 17:57 - 2014-05-11 17:58 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:18 - 2014-05-10 19:19 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
==================== One Month Modified Files and Folders =======
2014-06-02 00:03 - 2013-08-29 02:01 - 00000000 ____D () C:\Users\\AppData\Local\PMB Files
2014-06-02 00:02 - 2014-06-02 00:02 - 00017636 _____ () C:\Users\\Downloads\FRST.txt
2014-06-02 00:02 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-06-02 00:02 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST
2014-06-02 00:01 - 2014-06-01 23:59 - 02067456 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-06-01 23:53 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-01 23:53 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-01 23:51 - 2012-09-12 01:43 - 00000000 ____D () C:\ProgramData\Origin
2014-06-01 23:49 - 2012-07-21 10:07 - 01192933 _____ () C:\Windows\WindowsUpdate.log
2014-06-01 23:46 - 2012-09-12 01:43 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-01 23:44 - 2013-12-10 00:50 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-01 23:43 - 2009-07-14 06:51 - 00178433 _____ () C:\Windows\setupact.log
2014-06-01 23:39 - 2014-06-01 23:39 - 00065175 _____ () C:\Users\\Desktop\zoek-results.txt
2014-06-01 23:37 - 2014-06-01 23:01 - 00065553 _____ () C:\zoek-results.log
2014-06-01 23:36 - 2010-10-01 09:36 - 00602110 _____ () C:\Windows\PFRO.log
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Martina\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Elvira\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-01 23:30 - 2014-06-01 22:58 - 00000000 ____D () C:\zoek_backup
2014-06-01 23:24 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\
2014-06-01 22:59 - 2014-06-01 23:35 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-01 22:56 - 2014-06-01 22:55 - 00001154 _____ () C:\Users\\Desktop\mbam.txt
2014-06-01 22:35 - 2014-06-01 22:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 22:10 - 2014-06-01 22:10 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-01 22:08 - 2014-06-01 22:08 - 00005727 _____ () C:\Users\\Desktop\JRT.txt
2014-06-01 21:57 - 2014-06-01 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-06-01 21:53 - 2014-06-01 21:53 - 00124182 _____ () C:\Users\\Desktop\AdwCleaner[S0].txt
2014-06-01 21:41 - 2014-06-01 21:33 - 00000000 ____D () C:\AdwCleaner
2014-06-01 21:40 - 2012-07-21 15:21 - 00000000 ____D () C:\Users\Martina
2014-06-01 21:40 - 2012-07-21 15:12 - 00000000 ____D () C:\Users\Elvira
2014-06-01 21:40 - 2012-07-21 14:35 - 00000000 ____D () C:\Users\Jürgen
2014-06-01 21:40 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-01 21:31 - 2014-06-01 21:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 21:31 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Desktop\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:29 - 01285120 _____ () C:\Users\\Downloads\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-01 21:28 - 2014-06-01 21:31 - 01016261 _____ (Thisisu) C:\Users\\Desktop\JRT.exe
2014-06-01 21:28 - 2014-06-01 21:30 - 01327971 _____ () C:\Users\\Desktop\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Downloads\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Downloads\JRT.exe
2014-06-01 21:19 - 2010-10-01 08:53 - 00000000 ____D () C:\ProgramData\Norton
2014-06-01 08:29 - 2009-07-14 19:58 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-06-01 08:29 - 2009-07-14 19:58 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-06-01 08:29 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-01 08:25 - 2014-03-06 18:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-01 02:21 - 2013-12-04 02:02 - 02240860 _____ () C:\Windows\IE11_main.log
2014-06-01 01:19 - 2014-06-01 01:19 - 00051290 _____ () C:\ComboFix.txt
2014-06-01 01:19 - 2014-05-31 21:15 - 00000000 ____D () C:\Qoobox
2014-06-01 01:19 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-01 01:16 - 2014-05-31 21:14 - 00000000 ____D () C:\Windows\erdnt
2014-06-01 01:15 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-31 21:08 - 2014-05-31 21:12 - 05203398 ____R (Swearware) C:\Users\\Desktop\ComboFix.exe
2014-05-31 21:08 - 2014-05-31 21:07 - 05203398 _____ (Swearware) C:\Users\\Downloads\ComboFix.exe
2014-05-31 21:02 - 2014-05-31 20:38 - 00044395 _____ () C:\Users\\Desktop\Addition.txt
2014-05-31 20:56 - 2014-05-31 20:37 - 00062979 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:36 - 2014-06-01 23:55 - 02066944 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-05-31 20:11 - 2014-05-31 20:10 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 19:54 - 2014-01-21 14:44 - 00000000 ____D () C:\Users\Jürgen\Documents\FIFA 14
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-30 08:22 - 2012-07-21 15:20 - 00002375 _____ () C:\Users\Elvira\Desktop\Google Chrome.lnk
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-29 15:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-29 15:41 - 2010-10-01 08:19 - 00116460 _____ () C:\Windows\DirectX.log
2014-05-29 15:38 - 2012-09-12 01:55 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-29 15:05 - 2012-09-12 01:55 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Origin
2014-05-28 15:35 - 2012-08-14 02:38 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\.minecraft
2014-05-28 08:14 - 2012-07-21 10:38 - 00002380 _____ () C:\Users\\Desktop\Google Chrome.lnk
2014-05-26 15:56 - 2014-01-08 17:58 - 00000000 ____D () C:\Users\Jürgen\Tracing
2014-05-23 19:34 - 2012-07-21 14:48 - 00002375 _____ () C:\Users\Jürgen\Desktop\Google Chrome.lnk
2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:01 - 2014-04-30 17:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:00 - 2013-07-13 07:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:00 - 2010-10-01 10:17 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-12 07:26 - 2014-06-01 22:10 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-01 22:10 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-01 22:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 17:58 - 2014-05-11 17:57 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:19 - 2014-05-10 19:18 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
2014-05-09 08:14 - 2014-05-14 14:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 14:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 20:44 - 2012-07-21 15:29 - 00002380 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk
2014-05-06 02:46 - 2014-05-14 22:03 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 22:03 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 22:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:46 - 2012-08-24 17:14 - 00528384 ____H () C:\Users\Jürgen\Downloads\photothumb.db
2014-05-04 13:45 - 2013-10-17 18:56 - 00000000 ____D () C:\Users\Jürgen\Downloads\Karikatur2
Some content of TEMP:
====================
C:\Users\\AppData\Local\Temp\avgnt.exe
C:\Users\\AppData\Local\Temp\rtdrvmon.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 11:24
==================== End Of Log ============================
--- --- --- |
|
02.06.2014, 01:26
| #8 |
| | WINDOWS 7 kommen ständig PopUps usw... Additition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by at 2014-05-31 20:38:47
Running from C:\Users\\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
==================== Installed Programs ======================
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version: - City Interactive)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apowersoft kostenloser Bildschirmrekorder V1.2.4 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.2.4 - Apowersoft)
appbario8 Toolbar (HKLM-x32\...\appbario8 Toolbar) (Version: 6.9.0.16 - appbario8)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version: - Bohemia Interactive)
ATI Catalyst Install Manager (HKLM\...\{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BrowserCompanion (HKLM-x32\...\BrowserCompanion) (Version: - ) <==== ATTENTION
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help English (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help French (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help German (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0930.2237.38732 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0930.2237.38732 - ATI) Hidden
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version: - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1181 - SG INTERACTIVE)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dealply (HKCU\...\Dealply) (Version: - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.3 - DealPly Technologies Ltd.) <==== ATTENTION
Delta Chrome Toolbar (HKLM-x32\...\{177586E7-E42E-4F38-83D1-D15B4AF5B714}) (Version: 1.0.0.0 - DeltaInstaller) <==== ATTENTION
Delta toolbar (HKLM-x32\...\delta) (Version: 1.8.10.0 - Delta) <==== ATTENTION
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Feven Pro 1.2 (HKLM-x32\...\Feven Pro 1.2) (Version: 1.34.2.13 - Feven) <==== ATTENTION
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.2.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.14.1022 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.14.1022 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - )
HQ-Video-Profession-1.3 (HKLM-x32\...\HQ-Video-Profession-1.3) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
IB Updater Service (HKLM-x32\...\WNLT) (Version: 5.0.8.6 - ) <==== ATTENTION
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 4.0.0.2208 - Bandoo Media Inc) <==== ATTENTION
IM Lock (HKLM-x32\...\IMLock) (Version: - Comvigo, Inc.)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.4.56.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.4.56.0 - Iminent) Hidden <==== ATTENTION
Incredibar Toolbar on IE (HKLM-x32\...\incredibar) (Version: - ) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
ISY N150 Micro WLAN USB-Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - ISY)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version: - Lexmark International, Inc.)
lightshot-4.4.2.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 4.4.2.0 - Skillbrains)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.993 - Electronic Arts)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.0.0.128 - Symantec Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PriceGong 2.6.4 (HKLM-x32\...\PriceGong) (Version: 2.6.4 - PriceGong) <==== ATTENTION
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Re-markit (HKLM-x32\...\f4dc7792-3f3d-43d0-ad79-cb3520fae36c) (Version: - Re-markit Software) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper - Art of Victory (HKLM-x32\...\sniper_de_is1) (Version: - City Interactive)
SpecialSavings (HKLM-x32\...\SpecialSavings) (Version: - ) <==== ATTENTION
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 5.3.4.4 - Uniblue Systems Ltd) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.8.1 - TeamSpeak Systems GmbH)
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.4 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
Video Downloader (HKLM-x32\...\Video Downloader) (Version: 1.14 - hxxp://www.vgrabber.com)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Wajam (HKLM-x32\...\Wajam) (Version: 2.11 - Wajam) <==== ATTENTION
Web Assistant 2.0.0.573 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.573 - IncrediBar) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.29 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
WiseConvert (HKLM-x32\...\WiseConvert) (Version: 1.0 - WiseConvert)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
XSManager (HKLM-x32\...\XSManager) (Version: 3.2 - XSManager)
==================== Restore Points =========================
23-05-2014 17:38:13 Windows Update
23-05-2014 23:00:11 Windows Update
24-05-2014 16:20:14 Windows Update
24-05-2014 18:08:19 Windows Update
25-05-2014 00:48:34 Windows Update
25-05-2014 19:14:34 Windows Update
26-05-2014 19:21:38 Windows Update
27-05-2014 19:56:06 Windows Update
28-05-2014 10:10:08 Windows Update
29-05-2014 00:56:57 Windows Update
29-05-2014 13:36:46 DirectX wurde installiert
29-05-2014 23:00:34 Windows Update
30-05-2014 06:27:09 Windows Update
31-05-2014 01:00:50 Windows Update
31-05-2014 05:58:19 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00CDF369-5C82-4B09-A8B8-22E0110976DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {162D19D2-88E6-425F-ACF9-085709C10976} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {180C32E6-A575-49A3-AA4D-7E9EDC44A1AA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-09-19] (TuneUp Software)
Task: {1FD7E7FA-4C1B-46AA-B808-A6B47969B523} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {25715EC7-88B9-4811-B0FD-540AC855053B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {2D13B59E-4C34-49F2-81B8-8A7F2D96CC2F} - System32\Tasks\PC Performer Manager => Sc.exe start PC Performer Manager
Task: {620FBD68-8B3D-47C5-BEE1-EA19B1705EC4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2465613748-4109621216-2680054910-1001
Task: {62745FA6-88B4-4F26-B2F4-09469D925348} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {635AC757-77D2-41EE-A578-F6A8974BF31D} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {6875CA21-089D-4DC0-A439-FE49B1E33DB4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {6E350C8D-3672-4719-8CF1-5A8B8CA44909} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {77E350C2-2250-4BEE-B575-EF12CA6A03F8} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {820F5D76-F745-4811-BE70-3E99A14E89D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {9C4EF4AE-24AC-494E-BB1E-389E59772369} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-11] (Adobe Systems Incorporated)
Task: {A66165D0-A739-46B9-AA91-33C0AE65F710} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {ABD96266-25AF-494C-B2F5-17C5D8F015E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {B3ACA1F2-AC10-4A74-A012-61E186CB35DD} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-02-23] ()
Task: {BEE6EDB5-D13A-4C37-B3C9-40075E803219} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D1301EC2-67C9-4E08-9A87-56DB18075640} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-enabler.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-updater.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core1cf6b76210b5906.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA.job => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job => C:\Program Files (x86)\HQ-Video-Profession-1.3\HQ-Video-Profession-1.3-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers1st.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCHelpers_period.job => C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit-soft\ReMar.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit-soft\Re-markit_wd.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe <==== ATTENTION
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) =============
2012-09-03 21:48 - 2014-04-07 16:57 - 02276144 _____ () C:\Windows\system32\dmwu.exe
2014-02-28 16:37 - 2014-02-28 16:37 - 00194560 _____ () C:\Program Files (x86)\Re-markit-soft\Re-markit155.exe
2012-08-05 21:47 - 2013-01-29 15:28 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
2012-10-05 10:38 - 2012-04-05 17:35 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01100592 _____ () C:\Windows\SysWOW64\jmdp\stij.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01303856 _____ () C:\Windows\System32\ljkb\stij.exe
2014-04-07 16:57 - 2014-04-07 16:57 - 01571120 _____ () C:\Windows\System32\ljkb\lmrn.dll
2013-08-29 01:39 - 2013-08-29 01:40 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2013-11-27 21:58 - 2014-02-28 15:16 - 00775872 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2012-07-02 11:16 - 2012-07-02 11:16 - 00695448 _____ () C:\Users\\AppData\Roaming\BrowserCompanion\tbhcn.exe
2010-08-04 15:58 - 2010-08-04 15:58 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-30 22:36 - 2010-09-30 22:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-02-27 08:04 - 2014-02-27 08:04 - 00612496 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2014-02-14 11:30 - 2014-02-14 11:30 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-10-01 09:40 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-07 16:57 - 2014-04-07 16:57 - 01266992 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2014-02-28 15:17 - 2014-02-28 15:16 - 00061440 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-02-28 15:17 - 2014-02-28 15:16 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00716616 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00126280 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 04217672 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 00414536 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 01732424 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-28 08:14 - 2014-05-14 01:40 - 13695816 _____ () C:\Users\\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\\Downloads\Bestaetigung_Rechnung_zu_Ihrer_byebye_Reise_21200789.eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0xf28
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: )
Description: Unexpected exception.
System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
bei System.Delegate.DynamicInvokeImpl(Object[] args)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x8a4
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: bdc
Startzeit: 01cf7b2654df9e89
Endzeit: 142
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: c652360f-e766-11e3-b952-1c6f6549ce08
Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x894
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x81c
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x864
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Re-markit155.exe, Version: 1.155.0.0, Zeitstempel: 0x530db243
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x83c
Startzeit der fehlerhaften Anwendung: 0xRe-markit155.exe0
Pfad der fehlerhaften Anwendung: Re-markit155.exe1
Pfad des fehlerhaften Moduls: Re-markit155.exe2
Berichtskennung: Re-markit155.exe3
System errors:
=============
Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/31/2014 06:55:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (05/31/2014 01:37:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F48FC5B2-094A-44C7-B48C-289738C9582D}
Error: (05/31/2014 08:01:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Re-markit" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/31/2014 08:01:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme
Error: (05/31/2014 07:27:08 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{2A1A7AD7-DF00-40FC-9333-1E858D256B18} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (05/31/2014 03:03:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme
Error: (05/31/2014 03:00:29 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (05/30/2014 00:52:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F48FC5B2-094A-44C7-B48C-289738C9582D}
Error: (05/30/2014 00:38:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Internet Security" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (05/31/2014 08:01:20 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.CleanupHelperProcess(Process proc, String name)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (05/31/2014 08:01:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42df2801cf7bf37a4253e5C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dllf6f536a7-e888-11e3-9d00-1c6f6549ce08
Error: (05/30/2014 00:39:14 PM) (Source: Iminent) (EventID: 0) (User: )
Description: Unexpected exception.
System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei Iminent.Mediator.Server.ApplicationService.<>c__DisplayClassa.<WarmUp>b__9(Composite composite)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
bei System.Delegate.DynamicInvokeImpl(Object[] args)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Int32 numArgs)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(Object source, Delegate method, Object args, Int32 numArgs, Delegate catchHandler)
Error: (05/30/2014 01:04:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d8a401cf7b2651844dc6C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll8db42bc3-e785-11e3-b952-1c6f6549ce08
Error: (05/29/2014 09:24:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567bdc01cf7b2654df9e89142C:\Windows\Explorer.EXEc652360f-e766-11e3-b952-1c6f6549ce08
Error: (05/29/2014 03:00:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d89401cf7a63585a967bC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dlla4e53e31-e6cc-11e3-b8fd-1c6f6549ce08
Error: (05/27/2014 09:59:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d81c01cf799b0a1f0c71C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll661f4893-e5d9-11e3-b36f-1c6f6549ce08
Error: (05/26/2014 09:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d86401cf78e6a8b756c4C:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll7f5aa995-e50b-11e3-a4d9-1c6f6549ce08
Error: (05/25/2014 09:17:55 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (05/25/2014 09:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Re-markit155.exe1.155.0.0530db243KERNELBASE.dll6.1.7601.1840953159a86e06d73630000c42d83c01cf77e7a66b93feC:\Program Files (x86)\Re-markit-soft\Re-markit155.exeC:\Windows\syswow64\KERNELBASE.dll41f967c5-e441-11e3-9d94-1c6f6549ce08
==================== Memory info ===========================
Percentage of memory in use: 74%
Total physical RAM: 3959.48 MB
Available physical RAM: 995.35 MB
Total Pagefile: 7917.15 MB
Available Pagefile: 3216.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:727.71 GB) (Free:467.25 GB) NTFS
Drive d: (Volume) (Fixed) (Total:195.31 GB) (Free:195.22 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:8 GB) (Free:2.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B6D843)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=728 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
02.06.2014, 14:40
| #9 |
| /// TB-Ausbilder | WINDOWS 7 kommen ständig PopUps usw... Logdatei von AdwCleaner fehlt noch, bitte nachreichen. |
|
02.06.2014, 22:23
| #10 |
| | WINDOWS 7 kommen ständig PopUps usw... [CODE]# AdwCleaner v3.211 - Bericht erstellt am 01/06/2014 um 21:36:52 # Aktualisiert 26/05/2014 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : - -PC # Gestartet von : C:\Users\\Desktop\adwcleaner_3.211.exe # Option : Löschen ***** [ Dienste ] ***** [#] Dienst Gelöscht : dealplylive [#] Dienst Gelöscht : dealplylivem [#] Dienst Gelöscht : IBUpdaterService Dienst Gelöscht : IePluginService Dienst Gelöscht : Re-markit Dienst Gelöscht : SProtection Dienst Gelöscht : WajamUpdaterV3 Dienst Gelöscht : Web Assistant Dienst Gelöscht : winzipersvc Dienst Gelöscht : Wpm ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\Ask Ordner Gelöscht : C:\ProgramData\Babylon [!] Ordner Gelöscht : C:\ProgramData\DealPlyLive Ordner Gelöscht : C:\ProgramData\IBUpdaterService Ordner Gelöscht : C:\ProgramData\IePluginService Ordner Gelöscht : C:\ProgramData\Iminent Ordner Gelöscht : C:\ProgramData\Tarma Installer Ordner Gelöscht : C:\ProgramData\WPM Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper Ordner Gelöscht : C:\Program Files (x86)\appbario8 Ordner Gelöscht : C:\Program Files (x86)\Conduit [!] Ordner Gelöscht : C:\Program Files (x86)\DealPlyLive Ordner Gelöscht : C:\Program Files (x86)\Delta Ordner Gelöscht : C:\Program Files (x86)\Feven Pro 1.2 Ordner Gelöscht : C:\Program Files (x86)\Iminent Ordner Gelöscht : C:\Program Files (x86)\Mobogenie Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro Ordner Gelöscht : C:\Program Files (x86)\Perion Ordner Gelöscht : C:\Program Files (x86)\Re-markit-soft Ordner Gelöscht : C:\Program Files (x86)\Search Results Toolbar Ordner Gelöscht : C:\Program Files (x86)\Skillbrains Ordner Gelöscht : C:\Program Files (x86)\SpecialSavings Ordner Gelöscht : C:\Program Files (x86)\SupTab Ordner Gelöscht : C:\Program Files (x86)\Uniblue Ordner Gelöscht : C:\Program Files (x86)\vGrabber-software Ordner Gelöscht : C:\Program Files (x86)\Wajam Ordner Gelöscht : C:\Program Files (x86)\WinZipper Ordner Gelöscht : C:\Program Files (x86)\HQ-Video-Profession-1.3 Ordner Gelöscht : C:\Program Files (x86)\DVDVideoSoftTB_DE Ordner Gelöscht : C:\Program Files (x86)\Common Files\Plasmoo Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella Ordner Gelöscht : C:\Windows\SysWOW64\ARFC Ordner Gelöscht : C:\Windows\SysWOW64\jmdp Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect Ordner Gelöscht : C:\Windows\SysWOW64\WNLT Ordner Gelöscht : C:\Program Files\Web Assistant Ordner Gelöscht : C:\Windows\System32\ARFC Ordner Gelöscht : C:\Windows\System32\ljkb Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\appbario8 Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\bbrs_002.tb Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\Conduit Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\incredibar.com Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\PriceGong Ordner Gelöscht : C:\Users\Elvira\AppData\LocalLow\DVDVideoSoftTB_DE Ordner Gelöscht : C:\Users\Elvira\AppData\Roaming\Iminent Ordner Gelöscht : C:\Users\\AppData\Local\Conduit Ordner Gelöscht : C:\Users\\AppData\Local\DealPlyLive Ordner Gelöscht : C:\Users\\AppData\Local\genienext Ordner Gelöscht : C:\Users\\AppData\Local\iLivid Ordner Gelöscht : C:\Users\\AppData\Local\Mobogenie Ordner Gelöscht : C:\Users\\AppData\Local\Skillbrains Ordner Gelöscht : C:\Users\\AppData\Local\Wajam Ordner Gelöscht : C:\Users\\AppData\Local\Yandex Ordner Gelöscht : C:\Users\\AppData\LocalLow\appbario8 Ordner Gelöscht : C:\Users\\AppData\LocalLow\bbrs_002.tb Ordner Gelöscht : C:\Users\\AppData\LocalLow\Conduit Ordner Gelöscht : C:\Users\\AppData\LocalLow\DataMngr Ordner Gelöscht : C:\Users\\AppData\LocalLow\Delta Ordner Gelöscht : C:\Users\\AppData\LocalLow\incredibar.com Ordner Gelöscht : C:\Users\\AppData\LocalLow\PriceGong Ordner Gelöscht : C:\Users\\AppData\LocalLow\DVDVideoSoftTB_DE Ordner Gelöscht : C:\Users\\AppData\Roaming\awesomehp Ordner Gelöscht : C:\Users\\AppData\Roaming\Babylon Ordner Gelöscht : C:\Users\\AppData\Roaming\BrowserCompanion Ordner Gelöscht : C:\Users\\AppData\Roaming\DealPly Ordner Gelöscht : C:\Users\\AppData\Roaming\Delta Ordner Gelöscht : C:\Users\\AppData\Roaming\dvdvideosoftiehelpers Ordner Gelöscht : C:\Users\\AppData\Roaming\Iminent Ordner Gelöscht : C:\Users\\AppData\Roaming\newnext.me Ordner Gelöscht : C:\Users\\AppData\Roaming\OpenCandy Ordner Gelöscht : C:\Users\\AppData\Roaming\SupTab Ordner Gelöscht : C:\Users\\AppData\Roaming\Uniblue Ordner Gelöscht : C:\Users\\AppData\Roaming\VOPackage Ordner Gelöscht : C:\Users\\AppData\Roaming\WinZipper Ordner Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly Ordner Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie Ordner Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings Ordner Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video downloader Ordner Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Ordner Gelöscht : C:\Users\\Documents\Mobogenie Ordner Gelöscht : C:\Users\\Documents\Optimizer Pro Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Skillbrains Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\appbario8 Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\bbrs_002.tb Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\Conduit Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\Delta Ordner Gelöscht : C:\Users\Jürgen\AppData\LocalLow\DVDVideoSoftTB_DE Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Iminent Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\appbario8 Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\bbrs_002.tb Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\Conduit Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\incredibar.com Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\PriceGong Ordner Gelöscht : C:\Users\Martina\AppData\LocalLow\DVDVideoSoftTB_DE Ordner Gelöscht : C:\Users\Martina\AppData\Roaming\Iminent Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\ConduitCommon Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Smartbar Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\ValueApps Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\CT2625848 Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\CT3197087 Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\CT3227982 Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829} Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979} Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\bbrs_002@blabbers.com Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\engine@plasmoo.com Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@delta.com Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\ffxtlbr@incredibar.com Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\specialsavings@superfish.com Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\Extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com Ordner Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\Extensions\13c471d9-6cbb-4c08-9dd1-8dc16c66bb1f@cf5065af-ca24-464a-a637-af7582a82514.com Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{09152f0b-739c-4dec-a245-1aa8a37594f1} Ordner Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{0cc09160-108c-4759-bab1-5c12c216e005} Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm Ordner Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok Ordner Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcpfhaghaadpjpgocojgnlhjcieeooel Ordner Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnmnhkgiphcaeefbaooconkceehicfi Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl Ordner Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Ordner Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [!] Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [!] Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [!] Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [!] Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [!] Ordner Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\caloheeledhajihipjihanmihhegodlc [!] Ordner Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [!] Ordner Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} Datei Gelöscht : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\Extensions\webbooster@iminent.com.xpi Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\Extensions\webbooster@iminent.com.xpi Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\Extensions\webbooster@iminent.com.xpi Datei Gelöscht : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk Datei Gelöscht : C:\Users\Public\Desktop\speedupmypc.lnk Datei Gelöscht : C:\Windows\System32\dmwu.exe Datei Gelöscht : C:\Windows\System32\ImhxxpComm.dll Datei Gelöscht : C:\Users\Elvira\daemonprocess.txt Datei Gelöscht : C:\Users\Elvira\AppData\LocalLow\SkwConfig.bin Datei Gelöscht : C:\Users\\daemonprocess.txt Datei Gelöscht : C:\Users\\AppData\LocalLow\SkwConfig.bin Datei Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk Datei Gelöscht : C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk Datei Gelöscht : C:\Users\\Desktop\Configure VO Package.lnk Datei Gelöscht : C:\Users\\Desktop\iLivid.lnk Datei Gelöscht : C:\Users\\Desktop\Mobogenie.lnk Datei Gelöscht : C:\Users\\Desktop\Play Free Games.lnk Datei Gelöscht : C:\Users\Jürgen\daemonprocess.txt Datei Gelöscht : C:\Users\Jürgen\AppData\LocalLow\SkwConfig.bin Datei Gelöscht : C:\Users\Martina\daemonprocess.txt Datei Gelöscht : C:\Users\Martina\AppData\LocalLow\SkwConfig.bin Datei Gelöscht : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\bprotector_extensions.sqlite Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\bprotector_extensions.sqlite Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\bprotector_extensions.sqlite Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\bprotector_extensions.sqlite Datei Gelöscht : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\bprotector_prefs.js Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\bprotector_prefs.js Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\bprotector_prefs.js Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\bprotector_prefs.js Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\invalidprefs.js Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Babylon.xml Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\bProtect.xml Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Conduit.xml Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\conduit-search.xml Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\searchplugins\conduit-search.xml Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\delta.xml Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\delta-homes.xml Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\dvdvideosofttb-de-customized-web-search.xml Datei Gelöscht : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\searchplugins\MyStart Search.xml Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\MyStart Search.xml Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\searchplugins\MyStart Search.xml Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\searchplugins\MyStart Search.xml Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Plusnetwork.xml Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Search_Results.xml Datei Gelöscht : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\searchplugins\Web Search.xml Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\Web Search.xml Datei Gelöscht : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\searchplugins\Web Search.xml Datei Gelöscht : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\searchplugins\Web Search.xml Datei Gelöscht : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\user.js Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\ep.crx Datei Gelöscht : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage Datei Gelöscht : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fbtemplate.conduitapps.com_0.localstorage Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fbtemplate.conduitapps.com_0.localstorage-journal Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage-journal Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sb.scorecardresearch.com_0.localstorage Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_sb.scorecardresearch.com_0.localstorage-journal Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.iminent.com_0.localstorage Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.iminent.com_0.localstorage-journal Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.delta-search.com_0.localstorage-journal Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage Datei Gelöscht : C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_sb.scorecardresearch.com_0.localstorage Datei Gelöscht : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_sb.scorecardresearch.com_0.localstorage-journal Datei Gelöscht : C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job Datei Gelöscht : C:\Windows\Tasks\Re-markit Update.job Datei Gelöscht : C:\Windows\Tasks\Re-markit_wd.job Datei Gelöscht : C:\Windows\Tasks\update-sys.job Datei Gelöscht : C:\Windows\System32\Tasks\update-sys Datei Gelöscht : C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Profession-1.3-chromeinstaller.job Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Profession-1.3-codedownloader.job Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Profession-1.3-enabler.job Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Profession-1.3-firefoxinstaller.job Datei Gelöscht : C:\Windows\Tasks\HQ-Video-Profession-1.3-updater.job ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}] Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [lightningnewtab@gmail.com] Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [specialsavings@superfish.com] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com] Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fgfdfcbeamjnjdejakdidpniblllnbpg Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bblnhhgpgomleanhbppdnkpofhjijgdp Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\caloheeledhajihipjihanmihhegodlc Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\caloheeledhajihipjihanmihhegodlc Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\dealplylive.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.coreclass Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.ondemandcomclasssvc.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\dealplyliveupdate.update3websvc.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\I Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SupTab_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wpm_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater Schlüssel Gelöscht : HKCU\Software\53eded1b068ef42 Schlüssel Gelöscht : HKLM\SOFTWARE\53eded1b068ef42 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2625848 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3197087 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3227982 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (1)_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft (1)_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F34C9277-6577-4DFF-B2D7-7D58092F272F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC09160-108C-4759-BAB1-5C12C216E005} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{457EF9F0-0A7C-4302-B47B-C207A8DE8598} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511151178} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522152278} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522162282} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555155578} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555165582} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566156678} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566166682} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E1EF512D-604D-4776-AF11-410704DA1911} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544164482} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CF699CA-2174-4ED8-BEC1-BA82095EDCE0} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F34C9277-6577-4DFF-B2D7-7D58092F272F} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0CC09160-108C-4759-BAB1-5C12C216E005} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511151178} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0CC09160-108C-4759-BAB1-5C12C216E005} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0CC09160-108C-4759-BAB1-5C12C216E005} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c8365884-4204-4353-af57-6d42134dc0a9} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca292ec2-fcf4-4d84-ba84-62a8e6663eae} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{004d3b8b-3cdb-4f66-a71c-f6fc1e9cb498} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6a4a589b-1a81-4d4e-af10-72ab28606e40} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D51B446-DDA0-4DBA-86FD-64B36677FAAE} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E31104E1-42D1-442C-AF67-A3E5F95EA5A8} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6972986-7080-469E-8680-ED434E967859} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1BE7E5A9-8C24-4827-A523-08A6FFCB559E} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F34C9277-6577-4DFF-B2D7-7D58092F272F}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0CC09160-108C-4759-BAB1-5C12C216E005}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0CC09160-108C-4759-BAB1-5C12C216E005}] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0CC09160-108C-4759-BAB1-5C12C216E005}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522152278} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522162282} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511161182} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555155578} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555165582} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566156678} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566166682} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511161182} Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c8365884-4204-4353-af57-6d42134dc0a9} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca292ec2-fcf4-4d84-ba84-62a8e6663eae} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{004d3b8b-3cdb-4f66-a71c-f6fc1e9cb498} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6a4a589b-1a81-4d4e-af10-72ab28606e40} Schlüssel Gelöscht : HKCU\Software\Blabbers Schlüssel Gelöscht : HKCU\Software\Blabbers Schlüssel Gelöscht : HKCU\Software\Conduit [#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar Schlüssel Gelöscht : HKCU\Software\DealPly Schlüssel Gelöscht : HKCU\Software\DealPlyLive Schlüssel Gelöscht : HKCU\Software\Delta Schlüssel Gelöscht : HKCU\Software\filescout Schlüssel Gelöscht : HKCU\Software\ilivid Schlüssel Gelöscht : HKCU\Software\IM Schlüssel Gelöscht : HKCU\Software\Iminent Schlüssel Gelöscht : HKCU\Software\ImInstaller Schlüssel Gelöscht : HKCU\Software\incredibar.com Schlüssel Gelöscht : HKCU\Software\SkillBrains Schlüssel Gelöscht : HKCU\Software\Softonic Schlüssel Gelöscht : HKCU\Software\Wajam Schlüssel Gelöscht : HKCU\Software\WNLT Schlüssel Gelöscht : HKCU\Software\DVDVideoSoftTB_DE Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Schlüssel Gelöscht : HKLM\Software\awesomehpSoftware Schlüssel Gelöscht : HKLM\Software\Babylon Schlüssel Gelöscht : HKLM\Software\BrowserCompanion Schlüssel Gelöscht : HKLM\Software\Conduit Schlüssel Gelöscht : HKLM\Software\DataMngr Schlüssel Gelöscht : HKLM\Software\DealPly Schlüssel Gelöscht : HKLM\Software\DealPlyLive Schlüssel Gelöscht : HKLM\Software\Delta Schlüssel Gelöscht : HKLM\Software\hdcode Schlüssel Gelöscht : HKLM\Software\IePlugin Schlüssel Gelöscht : HKLM\Software\iLividSRTB Schlüssel Gelöscht : HKLM\Software\Iminent Schlüssel Gelöscht : HKLM\Software\incredibar.com Schlüssel Gelöscht : HKLM\Software\SkillBrains Schlüssel Gelöscht : HKLM\Software\SupTab Schlüssel Gelöscht : HKLM\Software\supWPM Schlüssel Gelöscht : HKLM\Software\Umbrella Schlüssel Gelöscht : HKLM\Software\Uniblue Schlüssel Gelöscht : HKLM\Software\V9 Schlüssel Gelöscht : HKLM\Software\Wajam Schlüssel Gelöscht : HKLM\Software\Web Assistant Schlüssel Gelöscht : HKLM\Software\winzipersvc Schlüssel Gelöscht : HKLM\Software\Wpm Schlüssel Gelöscht : HKLM\Software\Feven Pro 1.2 Schlüssel Gelöscht : HKLM\Software\HQ-Video-Profession-1.3 Schlüssel Gelöscht : HKLM\Software\appbario8 Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB_DE Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{118D6CE9-5F18-42F9-958A-14676A629FDE} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{177586E7-E42E-4F38-83D1-D15B4AF5B714} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SpecialSavings Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SupTab Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video downloader Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Feven Pro 1.2 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HQ-Video-Profession-1.3 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\appbario8 Toolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB_DE Toolbar Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Iminent Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Web Assistant Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WNLT Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EC6D81181F59F2459A84176A626F9ED Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EC6D81181F59F2459A84176A626F9ED ***** [ Browser ] ***** -\\ Internet Explorer v9.0.8112.16545 Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] -\\ Mozilla Firefox v28.0 (de) [ Datei : C:\Users\Elvira\AppData\Roaming\Mozilla\Firefox\Profiles\2aglban5.default\prefs.js ] Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=88084d330000000000001c6f6549ce08"); Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search"); Zeile gelöscht : user_pref("extensions.crossrider.bic", "13a60586a8e18ea3b6ca6b22dfcc4382"); Zeile gelöscht : user_pref("extensions.enabledAddons", "%7Bf34c9277-6577-4dff-b2d7-7d58092f272f%7D:1.0.0.12,%7BFE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052%7D:2.0.0.573,webbooster%40iminent.com:6.25.4.2,%7BACAA314B-EEBA-48e4-[...] Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...] Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_temp_referer", "hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavista&itag=ody&q=hxxp://us.yhs4.search.yahoo.com/yhs/search?fr=altavi[...] Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...] Zeile gelöscht : user_pref("iminent.searchindex", "0"); Zeile gelöscht : user_pref("iminent.newtabredirect", "true"); [ Datei : C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\prefs.js ] Zeile gelöscht : user_pref("CT2625848.1000082.isPlayDisplay", "true"); Zeile gelöscht : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Radio 8\",\"description\":\"Radio 8\",\"url\":\"hxxp://stream.radio8.de:8000/live.m3u\"}"); Zeile gelöscht : user_pref("CT2625848.1000234.TWC_TMP_city", "SULZBACH"); Zeile gelöscht : user_pref("CT2625848.1000234.TWC_TMP_country", "DE"); Zeile gelöscht : user_pref("CT2625848.1000234.TWC_country", "GERMANY"); Zeile gelöscht : user_pref("CT2625848.1000234.TWC_locId", "GMTH1656"); Zeile gelöscht : user_pref("CT2625848.1000234.TWC_location", "Sulzbach, Germany"); Zeile gelöscht : user_pref("CT2625848.1000234.TWC_region", "DE"); Zeile gelöscht : user_pref("CT2625848.1000234.TWC_temp_dis", "c"); Zeile gelöscht : user_pref("CT2625848.1000234.TWC_wind_dis", "kmh"); Zeile gelöscht : user_pref("CT2625848.1000234.weatherData", "{\"icon\":\"32.png\",\"temperature\":\"14°C\",\"temperatureClear\":\"14°C\",\"highTemperature\":\"22°C\",\"lowTemperature\":\"11°C\",\"feelsLike\ ":\"14Â[...] Zeile gelöscht : user_pref("CT2625848.2625848a129894023611240511000000paramsGK1.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzY4NTk2ODg3MDMzLCJ1cGRhdGVSZXNwVGltZSI6MTM2ODU5Njg4Nzg2MCwiZGF0YSI6eyJzZXR0aW5ncyI6eyJpY29uIjoiaHR0cDovL3[...] Zeile gelöscht : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Zeile gelöscht : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); Zeile gelöscht : user_pref("CT2625848.FirstTime", "true"); Zeile gelöscht : user_pref("CT2625848.FirstTimeFF3", "true"); Zeile gelöscht : user_pref("CT2625848.PG_ENABLE", "ZmFsc2U="); Zeile gelöscht : user_pref("CT2625848.PG_ENABLE.enc", "ZmFsc2U="); Zeile gelöscht : user_pref("CT2625848.RestartDialogFirstTime", "false"); Zeile gelöscht : user_pref("CT2625848.RestartDialogShouldDisplay", "false"); Zeile gelöscht : user_pref("CT2625848.SF_JUST_INSTALLED.enc", "RkFMU0U="); Zeile gelöscht : user_pref("CT2625848.SF_STATUS.enc", "RU5BQkxFRA=="); Zeile gelöscht : user_pref("CT2625848.SF_USER_ID.enc", "Y2lkXzE1NTIwMTM3NDg1NDUxNTE1NDg="); Zeile gelöscht : user_pref("CT2625848.UserID", "UN02686192033944701"); Zeile gelöscht : user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true"); Zeile gelöscht : user_pref("CT2625848.countryCode", "DE"); Zeile gelöscht : user_pref("CT2625848.enableAlerts", "never"); Zeile gelöscht : user_pref("CT2625848.enableFix404ByUser", "TRUE"); Zeile gelöscht : user_pref("CT2625848.firstTimeDialogOpened", "true"); Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorByUser", "TRUE"); Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true"); Zeile gelöscht : user_pref("CT2625848.fixUrls", true); Zeile gelöscht : user_pref("CT2625848.fullUserID", "UN02686192033944701.UP.20130626010622"); Zeile gelöscht : user_pref("CT2625848.installType", "Unknown"); Zeile gelöscht : user_pref("CT2625848.isCheckedStartAsHidden", true); Zeile gelöscht : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Zeile gelöscht : user_pref("CT2625848.isFirstTimeToolbarLoading", "false"); Zeile gelöscht : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Zeile gelöscht : user_pref("CT2625848.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Zeile gelöscht : user_pref("CT2625848.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT2625848&octid=CT2625848&ISID=ISID_ID&SearchSource=15&CUI=UN02686192033944701&Lay=1[...] Zeile gelöscht : user_pref("CT2625848.lastVersion", "10.29.0.520"); Zeile gelöscht : user_pref("CT2625848.mam_gk_appStateReportTime.enc", "MTM2ODU5Njg5NDQ0Ng=="); Zeile gelöscht : user_pref("CT2625848.mam_gk_appState_CouponBuddy.enc", "b24="); Zeile gelöscht : user_pref("CT2625848.mam_gk_appState_Easytobook.enc", "b24="); Zeile gelöscht : user_pref("CT2625848.mam_gk_appState_Easytobook_targeted.enc", "b24="); Zeile gelöscht : user_pref("CT2625848.mam_gk_appState_PriceGong.enc", "b24="); Zeile gelöscht : user_pref("CT2625848.mam_gk_appState_WindowShopper.enc", "b24="); Zeile gelöscht : user_pref("CT2625848.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzc GxheU5h[...] Zeile gelöscht : user_pref("CT2625848.mam_gk_appsDefaultEnabled.enc", "bnVsbA=="); Zeile gelöscht : user_pref("CT2625848.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIxM2RhYWE2YS02NzYwLTQ0NDAtOTJhMy1hYmEwNzliNzI4ZjAiL CJ[...] Zeile gelöscht : user_pref("CT2625848.mam_gk_currentVersion.enc", "MS40LjQuNg=="); Zeile gelöscht : user_pref("CT2625848.mam_gk_eventsCache.enc", "eyJiMjBmMTFlMS00NWU0LTQ5OWItODE4Yi0zYzQxZjdiNDk1NzgiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pc XVlS[...] Zeile gelöscht : user_pref("CT2625848.mam_gk_first_time.enc", "MQ=="); Zeile gelöscht : user_pref("CT2625848.mam_gk_gadgetOpen.enc", "MA=="); Zeile gelöscht : user_pref("CT2625848.mam_gk_installer_preapproved.enc", "RkFMU0U="); Zeile gelöscht : user_pref("CT2625848.mam_gk_lastLoginTime.enc", "MTM2ODU5Njg5MDQxNw=="); Zeile gelöscht : user_pref("CT2625848.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50LVJpY2h0bGluaWUifSwiZ2FkZ2V0RGVzY3JpcHRpb25QcmltYXJ5Ijp7IlRleHQiOiJWYWx1ZSBBcHBzIGJlcmVpY2hlcnQgS Why[...] Zeile gelöscht : user_pref("CT2625848.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ=="); Zeile gelöscht : user_pref("CT2625848.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTEiLCJpc1Rlc3QiOmZhbHNlLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmY XVsd[...] Zeile gelöscht : user_pref("CT2625848.mam_gk_showCloseButton.enc", "dHJ1ZQ=="); Zeile gelöscht : user_pref("CT2625848.mam_gk_showWelcomeGadget.enc", "ZmFsc2U="); Zeile gelöscht : user_pref("CT2625848.mam_gk_userId.enc", "MWVkNmRmMTUtMDZjNi00MTYyLWJmY2ItYTJiNmYyNDM3YjE1"); Zeile gelöscht : user_pref("CT2625848.migrateAppsAndComponents", true); Zeile gelöscht : user_pref("CT2625848.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.xvideos.com%2Fvideo6676%2Fmature_milf_gets_her_ass_and_cunt_fucked\",\"EB_MAIN_FRAM E_TIT[...] Zeile gelöscht : user_pref("CT2625848.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Zeile gelöscht : user_pref("CT2625848.performedDomainChangesMigration", "true"); Zeile gelöscht : user_pref("CT2625848.revertSettingsEnabled", "false"); Zeile gelöscht : user_pref("CT2625848.search.searchAppId", "129181467799155027"); Zeile gelöscht : user_pref("CT2625848.search.searchCount", "0"); Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledByUser", "false"); Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledInHidden", "true"); Zeile gelöscht : user_pref("CT2625848.searchSuggestEnabledByUser", "false"); Zeile gelöscht : user_pref("CT2625848.searchUserMode", "1"); Zeile gelöscht : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2625848\"}"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DVDVideoSoftTBDE.OurToolbar.com//xpi\"}"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DVDVideoSoftTB DE \"}"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_Configuration_lastUpdate", "1397547032802"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1368597502372"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1368597386469"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1368597500420"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_location_lastUpdate", "1372030631554"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.15.2.523_lastUpdate", "1368612152673"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.16.2.509_lastUpdate", "1372062429813"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374642766214"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377827620733"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.19.2.505_lastUpdate", "1378794993089"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.20.0.513_lastUpdate", "1379017439258"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.20.1.508_lastUpdate", "1380953341118"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.21.1.507_lastUpdate", "1384424711649"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.22.3.518_lastUpdate", "1385061098037"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.22.5.510_lastUpdate", "1386921011745"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.23.0.822_lastUpdate", "1396509172731"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.29.0.520_lastUpdate", "1397547030728"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1368597500457"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1397547031844"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_serviceMap_lastUpdate", "1397547031567"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1368597500370"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1397547031585"); Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_translation_lastUpdate", "1397547031493"); Zeile gelöscht : user_pref("CT2625848.settingsINI", true); Zeile gelöscht : user_pref("CT2625848.showToolbarPermission", "false"); Zeile gelöscht : user_pref("CT2625848.smartbar.CTID", "CT2625848"); Zeile gelöscht : user_pref("CT2625848.smartbar.Uninstall", "0"); Zeile gelöscht : user_pref("CT2625848.smartbar.isHidden", true); Zeile gelöscht : user_pref("CT2625848.smartbar.toolbarName", "DVDVideoSoftTB DE "); Zeile gelöscht : user_pref("CT2625848.toolbarBornServerTime", "15-5-2013"); Zeile gelöscht : user_pref("CT2625848.toolbarCurrentServerTime", "15-4-2014"); Zeile gelöscht : user_pref("CT2625848.toolbarLoginClientTime", "Wed May 15 2013 07:48:00 GMT+0200"); Zeile gelöscht : user_pref("CT2625848.url_history0001.enc", "aHR0cDovL3d3dy5peHh4LmNvbS9zZWFyY2gvP3E9RGV1dHNjaCZycz0yJmxpZD0yJnA9Nzo6OmNsaWNraGFuZGxlcjo6OjEzNjg1OTc2NDY5Nzk="); Zeile gelöscht : user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1397547008640,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"); Zeile gelöscht : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3227982&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3227982&SearchSource=13,hxxp://search.conduit.com/?ctid=[...] Zeile gelöscht : user_pref("CommunityToolbar.ConduitSearchList", "appbario8 Customized Web Search,appbario8 Customized Web Search,appbario8 Customized Web Search,appbario8 Customized Web Search"); Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "appbario8 Customized Web Search"); Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227982&SearchSource=3&q={searchTerms}"); Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search"); Zeile gelöscht : user_pref("extensions.delta.admin", false); Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst"); Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false"); Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en"); Zeile gelöscht : user_pref("extensions.delta.excTlbr", false); Zeile gelöscht : user_pref("extensions.delta.id", "88084d330000000000001c6f6549ce08"); Zeile gelöscht : user_pref("extensions.delta.instlDay", "15748"); Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst"); Zeile gelöscht : user_pref("extensions.delta.newTab", false); Zeile gelöscht : user_pref("extensions.delta.prdct", "delta"); Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta"); Zeile gelöscht : user_pref("extensions.delta.rvrt", "false"); Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none"); Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base"); Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", ""); Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.10.0"); Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.10.020:37:09"); Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.10.0"); Zeile gelöscht : user_pref("extensions.incredibar_i.aflt", "orgnl"); Zeile gelöscht : user_pref("extensions.incredibar_i.dfltLng", ""); Zeile gelöscht : user_pref("extensions.incredibar_i.did", "10657"); Zeile gelöscht : user_pref("extensions.incredibar_i.excTlbr", false); Zeile gelöscht : user_pref("extensions.incredibar_i.id", "88084d330000000000001c6f6549ce08"); Zeile gelöscht : user_pref("extensions.incredibar_i.installerproductid", "26"); Zeile gelöscht : user_pref("extensions.incredibar_i.instlDay", "15557"); Zeile gelöscht : user_pref("extensions.incredibar_i.instlRef", ""); Zeile gelöscht : user_pref("extensions.incredibar_i.ms_url_id", ""); Zeile gelöscht : user_pref("extensions.incredibar_i.newTab", false); Zeile gelöscht : user_pref("extensions.incredibar_i.ppd", ""); Zeile gelöscht : user_pref("extensions.incredibar_i.prdct", "incredibar"); Zeile gelöscht : user_pref("extensions.incredibar_i.productid", "26"); Zeile gelöscht : user_pref("extensions.incredibar_i.prtnrId", "Incredibar"); Zeile gelöscht : user_pref("extensions.incredibar_i.smplGrp", "none"); Zeile gelöscht : user_pref("extensions.incredibar_i.tlbrId", "base"); Zeile gelöscht : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8BbEiZzb&loc=IB_TB&i=26&search="); Zeile gelöscht : user_pref("extensions.incredibar_i.upn2", "6R8BbEiZzb"); Zeile gelöscht : user_pref("extensions.incredibar_i.upn2n", "92824830072188233"); Zeile gelöscht : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14"); Zeile gelöscht : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1421:47:35"); Zeile gelöscht : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14"); Zeile gelöscht : user_pref("iminent.newtabredirect", "true"); Zeile gelöscht : user_pref("iminent.searchindex", "0"); Zeile gelöscht : user_pref("plugin.state.npconduitfirefoxplugin", 2); Zeile gelöscht : user_pref("smartbar.machineId", "C+ZTWTECIII4SVZFZN0PU2TMXX6OHC+J7FCARASOYYI4PXDIU1GIM78SRHEYZMFCW9BUNJYASKX592FWY0FH0Q"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E+x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E,x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E-x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E.:2z527.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E.x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E/x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E06CG5EL8:", "6E6D686B6E706E727171"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E06CG5EL8:.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E71747674787777242F4B49474F42357D5D5C3D"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E06CG5EL;8I:K.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E0x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E1x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E2x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E3x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E4x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E5x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E6x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E7x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E8x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E9x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E:x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E;x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E<x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E=x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E>x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E?x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7E@x305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7EAx305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7EBE3G=;D9N9=D.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7EBx305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7ECx305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7EDx305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B+7Etx305.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3G>D", "6B676D706A706F407A7673727920484A4B7B25235025242A52542A2B25252D2C2E285E2F"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3G>D.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3G@6:5;", ""); Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3G@6:5;.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3GFA7EF", "2B2E2C3D"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B-0?3GFA7EF.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B466068576C5E6857705A6C60606B6668563F73796F697861"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B-3=3ECCJA=F>.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B/>01=9A6K6<IM;KRIE@PDAWM", "6A696B7273747576"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B3=>@44I48?.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B5BA==9CJAG", "6E6C716B403E726F7A6F76757B7847784E7878237E"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B5BA==9CJAG.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B6B11G4C56B>F;P;ANR@P", "6E6D686B6E706E767278797A72"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B6B11G4C56B>F;P;ANR@P.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B9643G3/9E", "6A"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B9643G3/9E.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B;45>:BI9I7IE", "2B2E2C3D"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B;45>:BI9I7IE.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B<:222H64<", "393F352F3E"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B<:222H64<.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B<:222H64<L8DAJ", "6D70706E7674717977702A787A727A7C757D7B"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B<:222H64<L8DAJ.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B=+03EH8H8J?:", "4443"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B=+03EH8H8J?:.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B?+E2A52D8.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9B?B0D:8AJ62<H", "6D"); Zeile gelöscht : user_pref("valueApps.CT2625848./9B?B0D:8AJ62<H.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848./9BA@0<0BI6A7GN:6@L?", "6C"); Zeile gelöscht : user_pref("valueApps.CT2625848./9BA@0<0BI6A7GN:6@L?.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.PG_ENABLE", "74727565"); Zeile gelöscht : user_pref("valueApps.CT2625848.PG_ENABLE.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.SF_JUST_INSTALLED", "46414C5345"); Zeile gelöscht : user_pref("valueApps.CT2625848.SF_JUST_INSTALLED.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.SF_STATUS", "454E41424C4544"); Zeile gelöscht : user_pref("valueApps.CT2625848.SF_STATUS.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.SF_USER_ID", "6369645F383432303134323332363231333233313832"); Zeile gelöscht : user_pref("valueApps.CT2625848.SF_USER_ID.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.cbfirsttime", "5475652041707220303820323031342032333A32363A323120474D542B30323030"); Zeile gelöscht : user_pref("valueApps.CT2625848.cbfirsttime.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appStateReportTime", "31333937353437303431343430"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appStateReportTime.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_CouponBuddy", "6F6E"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_CouponBuddy.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_Easytobook", "6F6E"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_Easytobook.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_Easytobook_targeted", "6F6E"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_Easytobook_targeted.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_PriceGong", "6F6E"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_PriceGong.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_WindowShopper", "6F6E"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appState_WindowShopper.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appsConfig.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appsDefaultEnabled", "6E756C6C"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_appsDefaultEnabled.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_calledSetupService", "31"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_calledSetupService.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_currentVersion", "312E31332E302E3137"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_currentVersion.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_eventsCache", "7B2262316133643961382D313164642D346633302D386636382D306539393031343165323530223A7B22746F706963223A2273656E645573616765222C2264617461223A7B2263617 46[...] Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_eventsCache.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_existingUsersRecoveryDone", "31"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_existingUsersRecoveryDone.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_first_time", "31"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_first_time.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_gadgetOpen", "30"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_gadgetOpen.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_globalKeysMigratedToLocalStorage", "31"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_globalKeysMigratedToLocalStorage.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_lastLoginTime", "31333937353437303434313735"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_lastLoginTime.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_localization.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_mamEnabled", "66616C7365"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_mamEnabled.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_migrated_from_ls", "31"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_migrated_from_ls.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_new_welcome_experience", "31"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_new_welcome_experience.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_settings1.13.0.17.storedInFile", true); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_showWelcomeGadget", "66616C7365"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_showWelcomeGadget.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_stamp", "313130325F30"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_stamp.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_userBornDate", "4E2F41"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_userBornDate.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_userId", "30356434313931322D333761312D346531342D626531632D323538663664336663663665"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_userId.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_user_approval_interacted", "31"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_user_approval_interacted.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_welcomeDialogMode", "31"); Zeile gelöscht : user_pref("valueApps.CT2625848.mam_gk_welcomeDialogMode.storedInFile", false); Zeile gelöscht : user_pref("valueApps.CT2625848.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3A3A3A636C69636B68616E646C65723A3A3A313339373136363530393237362C2C2C68747470733A2F2F7777772E676F6F676C652 E[...] Zeile gelöscht : user_pref("valueApps.CT2625848.url_history0001.storedInFile", true); [ Datei : C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\kkmo767h.default\prefs.js ] Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B"); Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search"); Zeile gelöscht : user_pref("browser.search.selectedEngine", "Conduit Search"); Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&SSPV="); Zeile gelöscht : user_pref("extensions.crossrider.bic", "13943500d5b398bc238ba7ec5357c64c"); Zeile gelöscht : user_pref("extensions.enabledAddons", "%7Bf34c9277-6577-4dff-b2d7-7d58092f272f%7D:1.0.0.12,%7BFE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052%7D:2.0.0.573,%7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.3.3.15,%7B2[...] Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1"); Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1"); Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1374779550282"); Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar"); Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01"); Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000"); Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000"); Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11"); Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02"); Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0"); Zeile gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...] Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...] Zeile gelöscht : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...] Zeile gelöscht : user_pref("iminent.searchindex", "0"); Zeile gelöscht : user_pref("iminent.newtabredirect", "true"); [ Datei : C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\mzwqgr73.default\prefs.js ] Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?affID=119556&babsrc=HP_ss&mntrId=88084d330000000000001c6f6549ce08"); Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search"); Zeile gelöscht : user_pref("extensions.crossrider.bic", "13923fe9aac488a9f505c896b99a5b88"); Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&installDate=21/04/2013&q="); Zeile gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://search.conduit.com/?ctid=CT3227980&SearchSource=13/|||8641350045933780"); Zeile gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://search.conduit.com/?ctid=CT3227980&SearchSource=13/|#|old_value|||8641356743139572"); Zeile gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...] Zeile gelöscht : user_pref("iminent.searchindex", "0"); Zeile gelöscht : user_pref("iminent.newtabredirect", "true"); -\\ Google Chrome v [ Datei : C:\Users\Elvira\AppData\Local\Google\Chrome\User Data\Default\preferences ] Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms} Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=18887124-D7CB-4033-904E-4E76245108C3&ref=toolbox&q={searchTerms} Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3197087 Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/mb203?a=6R8E8GD68p&search={searchTerms} Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013 Gelöscht [Search Provider] : hxxp://search.snap.do/?q={searchTerms}&category=Web&publisher=opencandyde&country=us&feedid=infospace&dpid=global&lan=de&start=1 Gelöscht [Search Provider] : hxxp://log.incredibar-search.com/?q={searchTerms}&pr=&spr=2&o=APN10092&gct=sb&u=92824997758840969&a=6R8E8GD68p&i=26&lang=german&cid=1&source=365503619&gc=de Gelöscht [Startup_urls] : hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=hp&installDate=21/04/2013 Gelöscht [Homepage] : hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=hp&installDate=21/04/2013 Gelöscht [Extension] : bkomkajifikmkfnjgphkjcfeepbnojok Gelöscht [Extension] : bodddioamolcibagionmmobehnbhiakf Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl Gelöscht [Extension] : dlnembnfbcpjnepmfjmngjenhhajpdfd Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb Gelöscht [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg Gelöscht [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj |
|
02.06.2014, 22:24
| #11 |
| | WINDOWS 7 kommen ständig PopUps usw...Code:
ATTFilter [ Datei : C:\Users\\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT3227982
Gelöscht [Search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&babsrc=NT_ss&s=web&rlz=0&as=3&ac=0%2C188
Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
Gelöscht [Search Provider] : hxxp://search.snapdo.com/?q={searchTerms}&category=Web&dpid=us&lan=de&start=1&searchtype=ds&publisher=snapdoopencandy&country=us&feedid=infospace
Gelöscht [Startup_urls] : hxxp://search.conduit.com/?ctid=CT3318857&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP266CEBB9-47FA-46C0-833E-798853BA4B3B&SSPV=
Gelöscht [Extension] : aidbbndgjnlaclnmhkdimcdjiebjpdel
Gelöscht [Extension] : bblnhhgpgomleanhbppdnkpofhjijgdp
Gelöscht [Extension] : bfcpnihmbfoaeoakalclfalkdepgiaje
Gelöscht [Extension] : bhphemoobgnikcoofkgackkaimpfmenm
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : caloheeledhajihipjihanmihhegodlc
Gelöscht [Extension] : cfcbmgbfdbijmjgjihagbomfbjfjmgon
Gelöscht [Extension] : dcpfhaghaadpjpgocojgnlhjcieeooel
Gelöscht [Extension] : dlnembnfbcpjnepmfjmngjenhhajpdfd
Gelöscht [Extension] : ejnmnhkgiphcaeefbaooconkceehicfi
Gelöscht [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : hgojaaaiddhmiiakpejiklijbalpckih
Gelöscht [Extension] : igdhbblpcellaljokkpfhcjlagemhgjl
Gelöscht [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Gelöscht [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Gelöscht [Extension] : mocblcnaofikinigmceddfghppkkjbog
Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp
Gelöscht [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
Gelöscht [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
[ Datei : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=0303b1af-65fc-46f7-982c-da10521eeb0f&searchtype=ds&q={searchTerms}&installDate=21/04/2013
Gelöscht [Extension] : bblnhhgpgomleanhbppdnkpofhjijgdp
Gelöscht [Extension] : bhphemoobgnikcoofkgackkaimpfmenm
Gelöscht [Extension] : bkomkajifikmkfnjgphkjcfeepbnojok
Gelöscht [Extension] : bodddioamolcibagionmmobehnbhiakf
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : caloheeledhajihipjihanmihhegodlc
Gelöscht [Extension] : dlnembnfbcpjnepmfjmngjenhhajpdfd
Gelöscht [Extension] : eooncjejnppfjjklapaamhcdmjbilmde
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Gelöscht [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Gelöscht [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
Gelöscht [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
*************************
AdwCleaner[R0].txt - [133039 octets] - [01/06/2014 21:35:34]
AdwCleaner[S0].txt - [124447 octets] - [01/06/2014 21:36:52]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [124509 octets] ##########
|
|
03.06.2014, 18:17
| #12 |
| /// TB-Ausbilder | WINDOWS 7 kommen ständig PopUps usw... Geiles Log...  Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKCU - yandex.ru-230807 URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} URL = hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Reboot:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2
Bitte poste mit deiner nächsten Antwort
|
|
03.06.2014, 20:57
| #13 |
| | WINDOWS 7 kommen ständig PopUps usw...Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014
Ran by at 2014-06-03 21:30:34 Run:1
Running from C:\Users\\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - Plasmoo URL = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
SearchScopes: HKCU - yandex.ru-230807 URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} URL = hxxp://yandex.ru/yandsearch?win=29&clid=1855508&text={searchTerms}
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\Windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va014; \??\C:\Windows\SysWOW64\Drivers\X6va014 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Reboot:
end
*****************
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\Plasmoo => Key deleted successfully.
HKCR\CLSID\Plasmoo => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\yandex.ru-230807 => Key deleted successfully.
HKCR\CLSID\yandex.ru-230807 => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} => Key deleted successfully.
HKCR\CLSID\{CE8D1C5D-05D9-4A78-BF26-DDBB1E0B1560} => Key not found.
C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} not found.
C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi not found.
X6va009 => Service deleted successfully.
X6va010 => Service deleted successfully.
X6va011 => Service deleted successfully.
X6va014 => Service deleted successfully.
X6va015 => Service deleted successfully.
X6va016 => Service deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\\SystemComponent => Value deleted successfully.
The system needed a reboot.
==== End of Fixlog ====
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by (administrator) on -PC on 03-06-2014 21:43:20
Running from C:\Users\\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
( ) C:\Windows\System32\lxbkcoms.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exe
(Lexmark International, Inc.) C:\Program Files (x86)\Lexmark X1100 Series\LXBKbmon.exe
(Skillbrains) C:\Users\\AppData\Local\Skillbrains\lightshot\3.4.0.0\Lightshot.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\qimlsrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Comvigo, Inc.) C:\Windows\SysWOW64\dsrviml.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11464296 2010-09-03] (Realtek Semiconductor)
HKLM\...\Run: [lxbkbmgr.exe] => C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe [74408 2008-02-28] (Lexmark International, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [starter4g] => C:\Windows\starter4g.exe [160424 2011-03-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928 2013-06-19] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [LightShot] => C:\Users\\AppData\Local\Skillbrains\lightshot\LightShot.exe [226152 2013-02-21] ()
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-2465613748-4109621216-2680054910-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-08-29] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML.lnk
ShortcutTarget: IML.lnk -> C:\Windows\System32\iml.vbs ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\IML64.lnk
ShortcutTarget: IML64.lnk -> C:\Windows\SysWOW64\iml.vbs ()
Startup: C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} - C:\Users\\AppData\LocalLow\systems ie bho\bho.dll ()
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\%Protector Process Name%.xml
FF SearchPlugin: C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\searchplugins\yandex.ru-230807.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\staged [2014-06-03]
FF Extension: Search Assistant - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\{B3834E60-12A8-11E0-A289-939FDFD72085} [2012-09-18]
FF Extension: ep - C:\Users\\AppData\Roaming\Mozilla\Firefox\Profiles\3elvxd57.default\Extensions\jid1-0xtMKhXFEs4jIg@jetpack.xpi [2014-02-24]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-01]
CHR Extension: (Google Drive) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-01]
CHR Extension: (YouTube) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-21]
CHR Extension: (Google-Suche) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-21]
CHR Extension: (Google Wallet) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-21]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-06-19] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-06-19] (BlueStack Systems, Inc.)
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [327392 2012-04-05] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2011-03-30] (4G Systems GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-06-19] (BlueStack Systems)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2012-10-05] (Mobile Connector)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-01] (Malwarebytes Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\rtl8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2011-10-31] (Realtek Semiconductor Corporation )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-03 21:43 - 2014-06-03 21:42 - 02068992 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-06-03 21:40 - 2014-06-03 21:42 - 02068992 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-06-03 16:27 - 2014-06-03 16:27 - 00000392 _____ () C:\Windows\Tasks\update-sys.job
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Users\\AppData\Roaming\Security Systems
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Users\\AppData\Local\Skillbrains
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-06-03 16:26 - 2014-06-03 16:26 - 02620112 _____ (Skillbrains ) C:\Users\\Desktop\setup-lightshot3-2-0-0.exe
2014-06-03 16:24 - 2014-06-03 16:24 - 00357712 _____ (Softonic) C:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe
2014-06-03 16:23 - 2014-06-03 16:24 - 00357712 _____ (Softonic) C:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot.exe
2014-06-03 00:21 - 2014-06-03 00:21 - 00832944 _____ () C:\Windows\Minidump\060314-22698-01.dmp
2014-06-02 23:17 - 2014-06-01 21:53 - 00124182 _____ () C:\Users\\Documents\AdwCleaner[S0].txt
2014-06-02 22:59 - 2014-06-02 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-02 22:59 - 2014-06-02 22:59 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-06-02 22:58 - 2014-06-02 22:59 - 01110476 _____ () C:\Users\\Downloads\7z920.exe
2014-06-02 16:53 - 2014-06-02 16:53 - 00000000 _____ () C:\Windows\SysWOW64\sho1DE3.tmp
2014-06-02 00:03 - 2014-06-02 00:05 - 00033347 _____ () C:\Users\\Downloads\Addition.txt
2014-06-02 00:02 - 2014-06-02 00:04 - 00041741 _____ () C:\Users\\Downloads\FRST.txt
2014-06-01 23:39 - 2014-06-01 23:39 - 00065175 _____ () C:\Users\\Desktop\zoek-results.txt
2014-06-01 23:35 - 2014-06-03 21:44 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-06-01 23:35 - 2014-06-03 20:55 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\temp
2014-06-01 23:35 - 2014-06-02 19:36 - 00000000 ____D () C:\Users\Martina\AppData\Local\temp
2014-06-01 23:35 - 2014-06-02 16:42 - 00000000 ____D () C:\Users\Elvira\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 22:59 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-01 23:01 - 2014-06-01 23:37 - 00065553 _____ () C:\zoek-results.log
2014-06-01 22:58 - 2014-06-01 23:30 - 00000000 ____D () C:\zoek_backup
2014-06-01 22:55 - 2014-06-01 22:56 - 00001154 _____ () C:\Users\\Desktop\mbam.txt
2014-06-01 22:10 - 2014-06-01 22:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 22:10 - 2014-06-01 22:10 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-01 22:10 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-01 22:10 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-01 22:10 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-01 22:08 - 2014-06-01 22:08 - 00005727 _____ () C:\Users\\Desktop\JRT.txt
2014-06-01 21:57 - 2014-06-01 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-06-01 21:53 - 2014-06-01 21:53 - 00124182 _____ () C:\Users\\Desktop\AdwCleaner[S0].txt
2014-06-01 21:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-01 21:33 - 2014-06-01 21:41 - 00000000 ____D () C:\AdwCleaner
2014-06-01 21:32 - 2014-06-01 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 21:31 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Desktop\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Desktop\JRT.exe
2014-06-01 21:30 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Desktop\adwcleaner_3.211.exe
2014-06-01 21:29 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Downloads\zoek.exe
2014-06-01 21:28 - 2014-06-01 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Downloads\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Downloads\JRT.exe
2014-06-01 01:19 - 2014-06-01 01:19 - 00051290 _____ () C:\ComboFix.txt
2014-05-31 21:17 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-31 21:17 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-31 21:17 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-31 21:17 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-31 21:15 - 2014-06-01 01:19 - 00000000 ____D () C:\Qoobox
2014-05-31 21:14 - 2014-06-01 01:16 - 00000000 ____D () C:\Windows\erdnt
2014-05-31 21:12 - 2014-05-31 21:08 - 05203398 ____R (Swearware) C:\Users\\Desktop\ComboFix.exe
2014-05-31 21:07 - 2014-05-31 21:08 - 05203398 _____ (Swearware) C:\Users\\Downloads\ComboFix.exe
2014-05-31 20:38 - 2014-05-31 21:02 - 00044395 _____ () C:\Users\\Desktop\Addition.txt
2014-05-31 20:37 - 2014-06-03 21:44 - 00015875 _____ () C:\Users\\Desktop\FRST.txt
2014-05-31 20:37 - 2014-06-03 21:43 - 00000000 ____D () C:\FRST
2014-05-31 20:10 - 2014-05-31 20:11 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-14 22:03 - 2014-05-06 02:46 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 22:03 - 2014-05-06 02:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 02:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 22:03 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 22:03 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 22:03 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 14:00 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 14:00 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 14:00 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 14:00 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 14:00 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 14:00 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 14:00 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 14:00 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 14:00 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 14:00 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 14:00 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 14:00 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 14:00 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 14:00 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 14:00 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 14:00 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-11 17:57 - 2014-05-11 17:58 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:18 - 2014-05-10 19:19 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
==================== One Month Modified Files and Folders =======
2014-06-03 21:44 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\\AppData\Local\Temp
2014-06-03 21:44 - 2014-05-31 20:37 - 00015875 _____ () C:\Users\\Desktop\FRST.txt
2014-06-03 21:44 - 2013-08-29 02:01 - 00000000 ____D () C:\Users\\AppData\Local\PMB Files
2014-06-03 21:43 - 2014-05-31 20:37 - 00000000 ____D () C:\FRST
2014-06-03 21:42 - 2014-06-03 21:43 - 02068992 _____ (Farbar) C:\Users\\Desktop\FRST64.exe
2014-06-03 21:42 - 2014-06-03 21:40 - 02068992 _____ (Farbar) C:\Users\\Downloads\FRST64.exe
2014-06-03 21:41 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-03 21:41 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-03 21:38 - 2012-07-21 10:07 - 01366437 _____ () C:\Windows\WindowsUpdate.log
2014-06-03 21:35 - 2012-09-12 01:43 - 00000000 ____D () C:\ProgramData\Origin
2014-06-03 21:34 - 2013-12-10 00:50 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-06-03 21:33 - 2012-09-12 01:43 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-03 21:32 - 2014-02-28 16:37 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-06-03 21:32 - 2009-07-14 06:51 - 00178881 _____ () C:\Windows\setupact.log
2014-06-03 21:30 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-03 20:55 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\temp
2014-06-03 16:27 - 2014-06-03 16:27 - 00000392 _____ () C:\Windows\Tasks\update-sys.job
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Users\\AppData\Roaming\Security Systems
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Users\\AppData\Local\Skillbrains
2014-06-03 16:27 - 2014-06-03 16:27 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-06-03 16:27 - 2012-07-22 23:07 - 00000779 _____ () C:\Users\\AppData\Local\UserProducts.xml
2014-06-03 16:27 - 2012-07-22 23:07 - 00000392 _____ () C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job
2014-06-03 16:27 - 2012-07-22 23:07 - 00000000 ____D () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2014-06-03 16:26 - 2014-06-03 16:26 - 02620112 _____ (Skillbrains ) C:\Users\\Desktop\setup-lightshot3-2-0-0.exe
2014-06-03 16:24 - 2014-06-03 16:24 - 00357712 _____ (Softonic) C:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe
2014-06-03 16:24 - 2014-06-03 16:23 - 00357712 _____ (Softonic) C:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot.exe
2014-06-03 13:56 - 2014-03-06 18:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-03 03:09 - 2013-12-04 02:02 - 02271049 _____ () C:\Windows\IE11_main.log
2014-06-03 00:21 - 2014-06-03 00:21 - 00832944 _____ () C:\Windows\Minidump\060314-22698-01.dmp
2014-06-03 00:21 - 2012-11-25 09:51 - 600737197 _____ () C:\Windows\MEMORY.DMP
2014-06-03 00:21 - 2012-11-25 09:51 - 00000000 ____D () C:\Windows\Minidump
2014-06-02 22:59 - 2014-06-02 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-06-02 22:59 - 2014-06-02 22:59 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-06-02 22:59 - 2014-06-02 22:58 - 01110476 _____ () C:\Users\\Downloads\7z920.exe
2014-06-02 19:36 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Martina\AppData\Local\temp
2014-06-02 19:33 - 2012-07-21 15:29 - 00002380 _____ () C:\Users\Martina\Desktop\Google Chrome.lnk
2014-06-02 16:53 - 2014-06-02 16:53 - 00000000 _____ () C:\Windows\SysWOW64\sho1DE3.tmp
2014-06-02 16:42 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Elvira\AppData\Local\temp
2014-06-02 15:17 - 2012-07-21 21:59 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Mozilla
2014-06-02 00:05 - 2014-06-02 00:03 - 00033347 _____ () C:\Users\\Downloads\Addition.txt
2014-06-02 00:04 - 2014-06-02 00:02 - 00041741 _____ () C:\Users\\Downloads\FRST.txt
2014-06-01 23:39 - 2014-06-01 23:39 - 00065175 _____ () C:\Users\\Desktop\zoek-results.txt
2014-06-01 23:37 - 2014-06-01 23:01 - 00065553 _____ () C:\zoek-results.log
2014-06-01 23:36 - 2010-10-01 09:36 - 00602110 _____ () C:\Windows\PFRO.log
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-01 23:35 - 2014-06-01 23:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-01 23:30 - 2014-06-01 22:58 - 00000000 ____D () C:\zoek_backup
2014-06-01 23:24 - 2012-07-21 10:25 - 00000000 ____D () C:\Users\
2014-06-01 22:59 - 2014-06-01 23:35 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-01 22:56 - 2014-06-01 22:55 - 00001154 _____ () C:\Users\\Desktop\mbam.txt
2014-06-01 22:35 - 2014-06-01 22:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 22:10 - 2014-06-01 22:10 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:10 - 2014-06-01 22:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-01 22:08 - 2014-06-01 22:08 - 00005727 _____ () C:\Users\\Desktop\JRT.txt
2014-06-01 21:57 - 2014-06-01 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-06-01 21:53 - 2014-06-02 23:17 - 00124182 _____ () C:\Users\\Documents\AdwCleaner[S0].txt
2014-06-01 21:53 - 2014-06-01 21:53 - 00124182 _____ () C:\Users\\Desktop\AdwCleaner[S0].txt
2014-06-01 21:41 - 2014-06-01 21:33 - 00000000 ____D () C:\AdwCleaner
2014-06-01 21:40 - 2012-07-21 15:21 - 00000000 ____D () C:\Users\Martina
2014-06-01 21:40 - 2012-07-21 15:12 - 00000000 ____D () C:\Users\Elvira
2014-06-01 21:40 - 2012-07-21 14:35 - 00000000 ____D () C:\Users\Jürgen
2014-06-01 21:40 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-01 21:31 - 2014-06-01 21:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 21:31 - 2014-06-01 21:31 - 01285120 _____ () C:\Users\\Desktop\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:29 - 01285120 _____ () C:\Users\\Downloads\zoek.exe
2014-06-01 21:31 - 2014-06-01 21:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-01 21:28 - 2014-06-01 21:31 - 01016261 _____ (Thisisu) C:\Users\\Desktop\JRT.exe
2014-06-01 21:28 - 2014-06-01 21:30 - 01327971 _____ () C:\Users\\Desktop\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01327971 _____ () C:\Users\\Downloads\adwcleaner_3.211.exe
2014-06-01 21:28 - 2014-06-01 21:28 - 01016261 _____ (Thisisu) C:\Users\\Downloads\JRT.exe
2014-06-01 21:19 - 2010-10-01 08:53 - 00000000 ____D () C:\ProgramData\Norton
2014-06-01 08:29 - 2009-07-14 19:58 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-06-01 08:29 - 2009-07-14 19:58 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-06-01 08:29 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-01 01:19 - 2014-06-01 01:19 - 00051290 _____ () C:\ComboFix.txt
2014-06-01 01:19 - 2014-05-31 21:15 - 00000000 ____D () C:\Qoobox
2014-06-01 01:19 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-01 01:16 - 2014-05-31 21:14 - 00000000 ____D () C:\Windows\erdnt
2014-06-01 01:15 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-31 21:08 - 2014-05-31 21:12 - 05203398 ____R (Swearware) C:\Users\\Desktop\ComboFix.exe
2014-05-31 21:08 - 2014-05-31 21:07 - 05203398 _____ (Swearware) C:\Users\\Downloads\ComboFix.exe
2014-05-31 21:02 - 2014-05-31 20:38 - 00044395 _____ () C:\Users\\Desktop\Addition.txt
2014-05-31 20:11 - 2014-05-31 20:10 - 00250250 _____ () C:\Users\\Downloads\140520063508.jpeg
2014-05-31 19:54 - 2014-01-21 14:44 - 00000000 ____D () C:\Users\Jürgen\Documents\FIFA 14
2014-05-31 16:02 - 2014-05-31 16:02 - 00052891 _____ () C:\Users\Jürgen\Downloads\7B1.tmp
2014-05-30 08:22 - 2012-07-21 15:20 - 00002375 _____ () C:\Users\Elvira\Desktop\Google Chrome.lnk
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-05-29 15:46 - 2014-05-29 15:46 - 00000000 ____D () C:\ProgramData\EA Core
2014-05-29 15:43 - 2014-05-29 15:43 - 00001286 _____ () C:\Users\Public\Desktop\Pflanzen gegen Zombies.lnk
2014-05-29 15:43 - 2014-05-29 15:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pflanzen gegen Zombies
2014-05-29 15:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-29 15:41 - 2010-10-01 08:19 - 00116460 _____ () C:\Windows\DirectX.log
2014-05-29 15:38 - 2012-09-12 01:55 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-29 15:05 - 2012-09-12 01:55 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\Origin
2014-05-28 15:35 - 2012-08-14 02:38 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\.minecraft
2014-05-28 08:14 - 2012-07-21 10:38 - 00002380 _____ () C:\Users\\Desktop\Google Chrome.lnk
2014-05-26 15:56 - 2014-01-08 17:58 - 00000000 ____D () C:\Users\Jürgen\Tracing
2014-05-23 19:34 - 2012-07-21 14:48 - 00002375 _____ () C:\Users\Jürgen\Desktop\Google Chrome.lnk
2014-05-21 10:29 - 2012-07-21 10:25 - 00000000 ___RD () C:\Users\\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-17 19:31 - 2012-07-21 15:21 - 00000000 ___RD () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-17 10:44 - 2014-05-17 10:44 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:07 - 2012-07-21 15:12 - 00000000 ___RD () C:\Users\Elvira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-15 16:05 - 2012-07-21 14:35 - 00000000 ___RD () C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 16:01 - 2014-04-30 17:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 22:00 - 2013-07-13 07:57 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 22:00 - 2010-10-01 10:17 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-12 19:41 - 2014-05-12 19:41 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (17).exe
2014-05-12 07:26 - 2014-06-01 22:10 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-06-01 22:10 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-01 22:10 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 17:58 - 2014-05-11 17:57 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (16).exe
2014-05-11 10:47 - 2014-05-11 10:47 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job
2014-05-11 07:51 - 2014-05-11 07:51 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job
2014-05-10 19:19 - 2014-05-10 19:18 - 00994160 _____ () C:\Users\Jürgen\Downloads\setup (15).exe
2014-05-09 08:14 - 2014-05-14 14:00 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 14:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 02:46 - 2014-05-14 22:03 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 02:21 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 02:21 - 2014-05-14 22:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 01:32 - 2014-05-14 22:03 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 01:14 - 2014-05-14 22:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 01:14 - 2014-05-14 22:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 13:46 - 2012-08-24 17:14 - 00528384 ____H () C:\Users\Jürgen\Downloads\photothumb.db
2014-05-04 13:45 - 2013-10-17 18:56 - 00000000 ____D () C:\Users\Jürgen\Downloads\Karikatur2
Some content of TEMP:
====================
C:\Users\Elvira\AppData\Local\Temp\avgnt.exe
C:\Users\Elvira\AppData\Local\Temp\GURE1EC.exe
C:\Users\Elvira\AppData\Local\Temp\rtdrvmon.exe
C:\Users\\AppData\Local\Temp\avgnt.exe
C:\Users\\AppData\Local\Temp\FoxySecuritySetup.exe
C:\Users\\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Jürgen\AppData\Local\Temp\avgnt.exe
C:\Users\Jürgen\AppData\Local\Temp\rtdrvmon.exe
C:\Users\Martina\AppData\Local\Temp\avgnt.exe
C:\Users\Martina\AppData\Local\Temp\rtdrvmon.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-01 11:24
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by at 2014-06-03 21:44:55
Running from C:\Users\\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Alcatraz (HKLM-x32\...\Alcatraz/DE-German_is1) (Version: - City Interactive)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Apowersoft kostenloser Bildschirmrekorder V1.2.4 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.2.4 - Apowersoft)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version: - Bohemia Interactive)
ATI Catalyst Install Manager (HKLM\...\{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{9D84E30F-6757-4A56-BCB5-51ADE3AE8631}) (Version: 0.7.14.901 - BlueStack Systems, Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help English (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help French (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help German (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0930.2237.38732 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0930.2237.38732 - ATI) Hidden
Cross Fire En (HKLM-x32\...\Cross Fire_is1) (Version: - Z8Games.com)
Crossfire Europe (HKLM-x32\...\Crossfire Europe) (Version: 1181 - SG INTERACTIVE)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.2.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Foxy Security (HKLM-x32\...\Foxy Security) (Version: - )
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.14.1022 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.14.1022 - DVDVideoSoft Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.23.0 - DealPly Technologies Ltd) <==== ATTENTION
Hama Black Force Pad (HKLM-x32\...\{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.01.01 - )
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
IM Lock (HKLM-x32\...\IMLock) (Version: - Comvigo, Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
ISY N150 Micro WLAN USB-Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4cd8-8306-DA03872311B1}) (Version: 1.00.0155 - ISY)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version: - Lexmark International, Inc.)
lightshot-3.4.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 3.4.0.0 - Skillbrains)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.993 - Electronic Arts)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.2.2065 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6121 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper - Art of Victory (HKLM-x32\...\sniper_de_is1) (Version: - City Interactive)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.8.1 - TeamSpeak Systems GmbH)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WiseConvert (HKLM-x32\...\WiseConvert) (Version: 1.0 - WiseConvert)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
XSManager (HKLM-x32\...\XSManager) (Version: 3.2 - XSManager)
==================== Restore Points =========================
29-05-2014 23:00:34 Windows Update
30-05-2014 06:27:09 Windows Update
31-05-2014 01:00:50 Windows Update
31-05-2014 05:58:19 Windows Update
01-06-2014 00:18:30 Windows Update
01-06-2014 21:01:41 zoek.exe restore point
01-06-2014 23:46:03 TuneUp Utilities 2013 wird entfernt
01-06-2014 23:47:18 TuneUp Utilities Language Pack (de-DE) wird entfernt
02-06-2014 00:53:25 Windows Update
02-06-2014 14:42:32 Windows Update
02-06-2014 17:36:37 Windows Update
02-06-2014 22:16:17 Windows Update
03-06-2014 01:00:18 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-06-01 01:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {00CDF369-5C82-4B09-A8B8-22E0110976DE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {162D19D2-88E6-425F-ACF9-085709C10976} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003Core => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {180C32E6-A575-49A3-AA4D-7E9EDC44A1AA} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: {1FD7E7FA-4C1B-46AA-B808-A6B47969B523} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {25715EC7-88B9-4811-B0FD-540AC855053B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {2D13B59E-4C34-49F2-81B8-8A7F2D96CC2F} - \PC Performer Manager No Task File <==== ATTENTION
Task: {620FBD68-8B3D-47C5-BEE1-EA19B1705EC4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2465613748-4109621216-2680054910-1001
Task: {62745FA6-88B4-4F26-B2F4-09469D925348} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {635AC757-77D2-41EE-A578-F6A8974BF31D} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {6875CA21-089D-4DC0-A439-FE49B1E33DB4} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {6E350C8D-3672-4719-8CF1-5A8B8CA44909} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-01-16] ()
Task: {77E350C2-2250-4BEE-B575-EF12CA6A03F8} - \update-sys No Task File <==== ATTENTION
Task: {820F5D76-F745-4811-BE70-3E99A14E89D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {9C4EF4AE-24AC-494E-BB1E-389E59772369} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-11] (Adobe Systems Incorporated)
Task: {A66165D0-A739-46B9-AA91-33C0AE65F710} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1003UA => C:\Users\Jürgen\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {ABD96266-25AF-494C-B2F5-17C5D8F015E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: {B3ACA1F2-AC10-4A74-A012-61E186CB35DD} - System32\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-01-16] ()
Task: {BEE6EDB5-D13A-4C37-B3C9-40075E803219} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D1301EC2-67C9-4E08-9A87-56DB18075640} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000Core1cf6cdd52a1ae5.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1000UA.job => C:\Users\\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001Core1cf71ac260e523e.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1001UA.job => C:\Users\Elvira\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002Core1cf6cf59b1b4d7c.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2465613748-4109621216-2680054910-1002UA.job => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2465613748-4109621216-2680054910-1003.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Loaded Modules (whitelisted) =============
2005-09-13 16:27 - 2005-09-13 16:27 - 00054784 _____ () C:\Windows\system32\lxbkcnv4.dll
2012-10-05 10:38 - 2012-04-05 17:35 - 00327392 ____N () C:\Program Files (x86)\XSManager\WTGService.exe
2013-08-29 01:39 - 2013-08-29 01:40 - 04287536 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2010-08-04 15:58 - 2010-08-04 15:58 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-30 22:36 - 2010-09-30 22:36 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-02-14 11:30 - 2014-02-14 11:30 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-10-01 09:40 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\\Downloads\Bestaetigung_Rechnung_zu_Ihrer_byebye_Reise_21200789.eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\\Downloads\nachricht.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/03/2014 09:39:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 1.6.2014.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 100c
Startzeit: 01cf7f6385094897
Endzeit: 0
Anwendungspfad: C:\Users\\Desktop\FRST64.exe
Berichts-ID: cbecc728-eb56-11e3-8157-1c6f6549ce08
Error: (06/03/2014 09:31:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (06/03/2014 09:29:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 1.6.2014.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1604
Startzeit: 01cf7f6206b8e485
Endzeit: 5
Anwendungspfad: C:\Users\\Downloads\FRST64.exe
Berichts-ID: 4e779dbf-eb55-11e3-a84b-1c6f6549ce08
Error: (06/03/2014 09:28:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 30.5.2014.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 378
Startzeit: 01cf7f61ef976bca
Endzeit: 16
Anwendungspfad: C:\Users\\Desktop\FRST64.exe
Berichts-ID: 33eeb150-eb55-11e3-a84b-1c6f6549ce08
Error: (06/03/2014 04:24:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/03/2014 04:24:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/03/2014 04:24:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (06/03/2014 01:44:07 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/03/2014 00:23:08 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/02/2014 11:25:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
System errors:
=============
Error: (06/03/2014 01:44:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/03/2014 03:09:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme
Error: (06/03/2014 00:23:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/03/2014 00:21:54 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0xfffffa8009e0f010, 0xfffff88003c14f94, 0x0000000000000000, 0x0000000000000002)C:\Windows\MEMORY.DMP060314-22698-01
Error: (06/03/2014 00:21:45 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 03.06.2014 um 00:19:46 unerwartet heruntergefahren.
Error: (06/02/2014 11:26:02 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (06/02/2014 11:25:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064
Error: (06/02/2014 11:23:54 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 02.06.2014 um 23:22:30 unerwartet heruntergefahren.
Error: (06/02/2014 07:46:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme
Error: (06/02/2014 04:52:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme
Microsoft Office Sessions:
=========================
Error: (06/03/2014 09:39:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe1.6.2014.1100c01cf7f63850948970C:\Users\\Desktop\FRST64.execbecc728-eb56-11e3-8157-1c6f6549ce08
Error: (06/03/2014 09:31:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst konnte nicht heruntergefahren werden. Aufgetretener Fehler: System.InvalidOperationException: UpdatePendingStatus kann nur während der Verarbeitung von Befehlen zum Starten, Beenden, Anhalten und Fortsetzen aufgerufen werden.
bei System.ServiceProcess.ServiceBase.RequestAdditionalTime(Int32 milliseconds)
bei BlueStacks.hyperDroid.Service.Service.OnStop()
bei BlueStacks.hyperDroid.Service.Service.OnShutdown()
bei System.ServiceProcess.ServiceBase.DeferredShutdown()
Error: (06/03/2014 09:29:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe1.6.2014.1160401cf7f6206b8e4855C:\Users\\Downloads\FRST64.exe4e779dbf-eb55-11e3-a84b-1c6f6549ce08
Error: (06/03/2014 09:28:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe30.5.2014.037801cf7f61ef976bca16C:\Users\\Desktop\FRST64.exe33eeb150-eb55-11e3-a84b-1c6f6549ce08
Error: (06/03/2014 04:24:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe
Error: (06/03/2014 04:24:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe
Error: (06/03/2014 04:24:31 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Jürgen\Downloads\SoftonicDownloader_fuer_lightshot (1).exe
Error: (06/03/2014 01:44:07 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/03/2014 00:23:08 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (06/02/2014 11:25:11 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
CodeIntegrity Errors:
===================================
Date: 2014-06-01 01:13:13.041
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-01 01:13:12.901
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 55%
Total physical RAM: 3959.48 MB
Available physical RAM: 1744.3 MB
Total Pagefile: 7917.15 MB
Available Pagefile: 5364.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:727.71 GB) (Free:494.35 GB) NTFS
Drive d: (Volume) (Fixed) (Total:195.31 GB) (Free:195.22 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:8 GB) (Free:2.57 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B6D843)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=728 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
04.06.2014, 16:51
| #14 | |
| /// TB-Ausbilder | WINDOWS 7 kommen ständig PopUps usw... "Herzlichen Glückwunsch"... du hast dich soeben wieder selbst mit Adware infiziert...  bedanken kannst du dich bei dir selber!  Zitat:
2. In meinem 1. Post erwähnte ich, dass du keine Software installieren oder deinstallieren sollst, bis wir hier fertig sind.... aber was machst du? Du machst natürlich genau das, was du nicht machen sollst... Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann. Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
04.06.2014, 17:24
| #15 |
| | WINDOWS 7 kommen ständig PopUps usw... Sorry, das war mein Sohn, obwohl ich es ihm verboten hatte, leider :-(( |
|
Linear-Darstellung
