Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Plagegeister aller Art und deren Bekämpfung: Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 13.09.2014, 14:59   #1
marlen101
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Hallo,

seit einiger Zeit ist mein Computer extrem langsam bei allen Vorgängen, besonders das Rauffahren dauert Minuten. In den letzten Tagen ist er auch mehrmals abgestürzt, ließ sich dann aber wieder (nach langer langer Wartezeit) einschalten.

Seit heute funktioniert auch das CD Laufwerk nicht mehr, obwohl laut Gerätemanager und nach einer Treiber Aktualisierung das Gerät einwandfrei laufen sollte.

Keine Ahnung ob das irgendwie zusammenhängt, ich bin aber für jeden Hinweis, Tipp oder Lösungsvorschlag sehr sehr dankbar!!
Vielen Dank schon mal im Voraus,
lg marlen101
Geändert von marlen101 (13.09.2014 um 15:23 Uhr)

Alt 13.09.2014, 15:08   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 13.09.2014, 15:35   #3
marlen101
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Danke für die schnelle Antwort! Logfiles, siehe oben
__________________
Alt 14.09.2014, 06:58   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.09.2014, 20:55   #5
marlen101
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Zitat:
Zitat von marlen101 Beitrag anzeigen
Hallo,

seit einiger Zeit ist mein Computer extrem langsam bei allen Vorgängen, besonders das Rauffahren dauert Minuten. In den letzten Tagen ist er auch mehrmals abgestürzt, ließ sich dann aber wieder (nach langer langer Wartezeit) einschalten.

Seit heute funktioniert auch das CD Laufwerk nicht mehr, obwohl laut Gerätemanager und nach einer Treiber Aktualisierung das Gerät einwandfrei laufen sollte.

Keine Ahnung ob das irgendwie zusammenhängt, ich bin aber für jeden Hinweis, Tipp oder Lösungsvorschlag sehr sehr dankbar!!
Vielen Dank schon mal im Voraus,
lg marlen101
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Dorina Heller (administrator) on MARLEN-NOTEBOOK on 13-09-2014 16:13:29
Running from C:\Users\Dorina Heller\Documents\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
(Creative Island Media, LLC) C:\ProgramData\Websteroids\up\2.6.80\WebsteroidsService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft) C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Creative Island Media, LLC) C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe
(Creative Island Media, LLC) C:\ProgramData\Websteroids\up\2.6.80\Websteroids64.exe
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Just Develop It) C:\Program Files (x86)\JustCloud\BackupStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Yontoo LLC) C:\Users\Dorina Heller\AppData\Roaming\Yontoo\YontooDesktop.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
() C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Smartbar) C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\QuickShare.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(JustCloud.com) C:\Program Files (x86)\JustCloud\JustCloud.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Logitech, Inc.) C:\Users\Dorina Heller\AppData\Local\Logitech® Webcam-Software\Logishrd\LU2.0\LULnchr.exe
(Logitech, Inc.) C:\Users\Dorina Heller\AppData\Local\Logitech® Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\tobedeleted\moz5C41.tmp
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
() C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Lrcnta.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [561152 2011-04-20] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544104 2011-04-07] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2011-04-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2011-03-30] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-05-25] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1535112 2012-09-12] (McAfee, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252792 2010-06-04] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [714104 2011-03-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1561768 2012-05-04] (Ask)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\.DEFAULT\...\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] => C:\windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\.DEFAULT\...\RunOnce: [{90140000-0018-0407-0000-0000000FF1CE}] => C:\windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [306688 2012-03-26] (FileHippo.com)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [Yontoo Desktop] => C:\Users\Dorina Heller\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-23] (Yontoo LLC)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [Browser Infrastructure Helper] => C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\QuickShare.exe [26904 2014-03-09] (Smartbar)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135160 2014-01-28] (PC Utilities Software Limited)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [BackgroundContainerV2] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Dorina Heller\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\MountPoints2: {f7019ca8-fa93-11e1-b924-806e6f6e6963} - E:\index.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [224728 2014-09-02] (Client Connect LTD)
AppInit_DLLs:  c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
AppInit_DLLs:  c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [226920 2011-05-11] (NVIDIA Corporation)
AppInit_DLLs:  C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [2681648 2014-03-18] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [181720 2014-09-02] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk
ShortcutTarget: JustCloud.lnk -> C:\Program Files (x86)\JustCloud\JustCloud.exe (JustCloud.com)
Startup: C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
ShellIconOverlayIdentifiers: 1AMPCBOK -> {04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} => C:\windows\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1AMPCBSyncing -> {4d87b7a7-23f1-470c-aa45-96b25b9bd138} =>  No File
ShellIconOverlayIdentifiers-x32: 1AMPCBOK -> {04cd1f3e-81d5-4904-a3ab-e0f99a7d769d} => C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: 1AMPCBSyncing -> {4d87b7a7-23f1-470c-aa45-96b25b9bd138} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:61807;https=127.0.0.1:61807
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvSzskxzK-t_laIfxmmQQJE6HcPMfUbtU1Pea_RvYvMbFVRc-XaA445ql7pq-2MMM,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss_Btisdt7&mntrId=66DE3E659DB18485&affID=121136&tsp=5007
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}
URLSearchHook: HKLM-x32 - entrusted Toolbar - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - C:\Users\Dorina Heller\AppData\LocalLow\entrusted\prxtbent0.dll (ClientConnect Ltd.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {BCF6A707-0D01-49AD-B6F4-DC341F125C3E} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.max-start.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=66DE3E659DB18485&affID=121136&tsp=5007
SearchScopes: HKCU - {1D303A1D-70FD-45BE-85A4-202D8A512A15} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN30337172355168272&UM=2
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = 
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120911193311.dll (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: SaveSense -> {0f21b1e5-5afc-43c9-9c66-515046e92ec2} -> C:\Program Files (x86)\SaveSense\SaveSenseIE.dll (SaveSense)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\bh\BabylonToolbar.dll (Babylon BHO)
BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: mixidj Helper Object -> {4D6A9BBF-402C-4301-B1EF-28D04F71D761} -> C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll (MixiDJ)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120911193312.dll (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DealPly Shopping -> {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} -> C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: entrusted Toolbar -> {e44a1809-4d10-4ab8-b343-3326b64c7cdd} -> C:\Users\Dorina Heller\AppData\LocalLow\entrusted\prxtbent0.dll (ClientConnect Ltd.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll No File
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - entrusted Toolbar - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - C:\Users\Dorina Heller\AppData\LocalLow\entrusted\prxtbent0.dll (ClientConnect Ltd.)
Toolbar: HKLM-x32 - MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll (MixiDJ)
Toolbar: HKCU - No Name - {E44A1809-4D10-4AB8-B343-3326B64C7CDD} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default
FF NewTab: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvTcAB5AJeHBURnFF6uAFa6bQzwdrpmJfww8cvQmsKemc8OTNEvvXemzbZmQyc0qQ,
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF Homepage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvSzskxzK-t_laIfxmmQQJE6HcPMfUbtU1Pea_RvYvMbFVRc-XaA445ql7pq-2MMM,
FF Keyword.URL: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=3 -> C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.dpliveupdate.com/DealPlyLive Update;version=9 -> C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 -> C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 -> C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll (SaveSense)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Delta Toolbar - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\ffxtlbr@delta.com [2013-05-10]
FF Extension: MixiDJ Toolbar - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\ffxtlbr@mixidj.com [2013-09-17]
FF Extension: Ask Toolbar - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\toolbar@ask.com [2012-09-10]
FF Extension: Wajam - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} [2013-09-17]
FF Extension: SaveSense - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36} [2013-12-27]
FF Extension: DealPly  Shopping - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{906000a4-88d9-4d52-b209-7a772970d91f} [2013-09-17]
FF Extension: WOT - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: QuickShare Widget - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{b5a625b8-017c-4e0c-a7b1-1b991e439265} [2014-03-10]
FF Extension: NoScript - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-03]
FF Extension: Adblock Plus - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF Extension: No Name - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-06-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2011-05-25]
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP08C621C6-6C4F-4FA4-A536-CEA88C711E8A&SSPV="
CHR DefaultSearchKeyword: Default -> enhanced-search.com
CHR DefaultSearchProvider: Default -> Search the web
CHR DefaultSearchURL: Default -> hxxp://www.enhanced-search.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=66DE3E659DB18485&affID=121136&tsp=5007
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll ()
CHR Profile: C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (QuickShare Widget) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2013-10-09]
CHR Extension: (Google Docs) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-21]
CHR Extension: (Google Drive) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-21]
CHR Extension: (MixiDJ Toolbar) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp [2013-09-17]
CHR Extension: (McAfee Security Scan+) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-24]
CHR Extension: (Google-Suche) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-21]
CHR Extension: (Delta Toolbar) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-05-10]
CHR Extension: (SiteAdvisor) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-01-21]
CHR Extension: (SaveSense) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk [2013-12-27]
CHR Extension: (DealPly Germany) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf [2013-09-17]
CHR Extension: (Yontoo) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc [2014-06-02]
CHR Extension: (DVDVideoSoft) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-06-29]
CHR Extension: (Google Wallet) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Google Mail) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-21]
CHR Extension: (Extutil) - C:\Users\DORINA~1\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-01-16]
CHR Extension: (Managera) - C:\Users\DORINA~1\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-01-02]
CHR HKCU\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Dorina Heller\AppData\Local\Smartbar/Application\1Extension.crx []
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-06-07]
CHR HKLM-x32\...\Chrome\Extension: [boipimhfjpakfgckhbljjengakjhkcbp] - C:\Users\Dorina Heller\AppData\Roaming\BabSolution\CR\mixiDj.crx [2013-09-17]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Dorina Heller\AppData\Roaming\BabSolution\CR\delta2.crx [2013-05-10]
CHR HKLM-x32\...\Chrome\Extension: [kpepfkjapeclaafmhoelccknpfedainn] - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx [2013-04-19]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2014-05-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 70e6ca8c; c:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll [186496 2014-03-18] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 BackupStack; C:\Program Files (x86)\JustCloud\BackupStack.exe [38440 2013-09-20] (Just Develop It)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-09-02] (Client Connect LTD)
S2 dealplylive; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-17] (DealPly Technologies Ltd)
S3 dealplylivem; C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [148000 2013-09-17] (DealPly Technologies Ltd)
R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [225216 2011-01-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-09-10] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-07-17] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-07-17] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-07-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-12-27] (SaveSense)
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [146920 2013-12-27] (SaveSense)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 Thpsrv; C:\windows\system32\ThpSrv.exe [526848 2010-12-24] (TOSHIBA Corporation) [File not signed]
R2 TosCoSrv; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [480256 2011-04-20] (TOSHIBA Corporation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)
R2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [303616 2014-07-29] (Wajam Internet Technologies Inc.) [File not signed]
R2 Websteroids; C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe [42872 2014-05-03] (Creative Island Media, LLC)
R2 Yontoo Desktop Updater; C:\Users\Dorina Heller\AppData\Roaming\Yontoo\YontooDesktop.exe [42784 2013-03-23] (Yontoo LLC)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-07-17] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-07-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-07-17] (McAfee, Inc.)
U3 mfeavfk01; No ImagePath
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-07-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-07-17] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-07-17] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-07-17] (McAfee, Inc.)
S3 sxtap; C:\Windows\System32\sxtap.sys [29696 2012-02-05] (iiNES GmbH)
S3 Tosrfcom; No ImagePath
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 SPPD; \??\C:\windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-13 16:13 - 2014-09-13 16:13 - 00000000 ____D () C:\FRST
2014-09-13 15:30 - 2014-09-13 15:30 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-11 20:38 - 2014-09-11 20:38 - 00266288 _____ () C:\windows\Minidump\091114-51074-01.dmp
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\0fa2b777dcf5c166eeabf07571bbfc44
2014-09-09 20:02 - 2014-09-12 05:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-08 10:59 - 2014-09-08 10:59 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\onlysearch
2014-08-28 18:16 - 2014-09-12 05:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-08-28 12:27 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-28 12:27 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-28 12:27 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-27 14:25 - 2014-08-27 14:25 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{F68BB0CC-8E97-411E-ADC9-B76F2851EBC6}
2014-08-25 15:28 - 2014-08-25 15:28 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{EA2B0657-401B-4D0C-B581-5AD576911003}
2014-08-20 18:08 - 2014-08-20 18:09 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Anki
2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 ____D () C:\ProgramData\Browser
2014-08-19 21:05 - 2014-08-19 21:18 - 247843736 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\OfficeLangPack2013_ChnTrad_x86.exe
2014-08-17 11:06 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-17 11:06 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-08-17 11:06 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-17 11:06 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-17 11:06 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-17 11:06 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-17 11:06 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-08-17 11:06 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-08-16 16:22 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-16 16:22 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-08-16 16:21 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-16 16:21 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-16 16:21 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-16 16:21 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-16 16:21 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-16 16:21 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-16 16:21 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-16 16:21 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-16 16:21 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-16 16:21 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-16 16:21 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-08-16 16:21 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-16 16:21 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-16 16:21 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-16 16:21 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-16 16:21 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-16 16:21 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-16 16:21 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-16 16:21 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-16 16:21 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-16 16:21 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-16 16:21 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-16 16:21 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-16 16:21 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-08-16 16:21 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-16 16:21 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-16 16:21 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-16 16:21 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-16 16:21 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-16 16:21 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-16 16:21 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-16 16:21 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-16 16:21 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-16 16:21 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-16 16:21 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-16 16:21 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-16 16:21 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-16 16:21 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-16 16:21 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-16 16:21 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-16 16:21 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-16 16:21 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-16 16:21 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-16 16:21 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-16 16:21 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-16 16:21 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-16 16:21 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-16 16:21 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-16 16:21 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-16 16:21 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-16 16:21 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-16 16:21 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-16 16:21 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-16 16:21 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-16 16:21 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-16 16:21 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-16 16:21 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-16 16:21 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-16 16:21 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-16 16:21 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-16 16:21 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-16 16:21 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-16 16:21 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-16 16:21 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-16 16:21 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-16 16:21 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-16 16:16 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-16 16:16 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-16 16:16 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-16 16:16 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-13 16:13 - 2014-09-13 16:13 - 00000000 ____D () C:\FRST
2014-09-13 16:12 - 2012-09-09 17:32 - 01247166 _____ () C:\windows\WindowsUpdate.log
2014-09-13 15:56 - 2013-12-27 10:51 - 00000946 _____ () C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-09-13 15:51 - 2013-12-27 10:50 - 00000314 _____ () C:\windows\Tasks\SaveSense.job
2014-09-13 15:43 - 2013-01-21 18:37 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-13 15:41 - 2012-09-09 23:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 15:40 - 2014-06-18 17:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 15:33 - 2009-07-14 06:45 - 00025120 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-13 15:33 - 2009-07-14 06:45 - 00025120 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-13 15:31 - 2014-03-24 12:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-13 15:30 - 2014-09-13 15:30 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-13 15:30 - 2014-03-24 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-13 15:29 - 2013-10-24 12:14 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-13 15:27 - 2013-09-17 00:22 - 00000920 _____ () C:\windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2014-09-13 15:22 - 2013-09-17 00:22 - 00000312 _____ () C:\windows\Tasks\Dealply.job
2014-09-13 15:22 - 2013-04-02 19:58 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Yontoo
2014-09-13 15:15 - 2013-12-27 10:51 - 00000942 _____ () C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-09-13 15:14 - 2013-09-17 00:22 - 00000916 _____ () C:\windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2014-09-13 15:14 - 2013-01-21 18:37 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-13 15:12 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-13 15:12 - 2009-07-14 06:51 - 00085381 _____ () C:\windows\setupact.log
2014-09-13 14:04 - 2012-09-09 20:10 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Gedanken
2014-09-13 14:04 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Bewerbungen
2014-09-13 13:57 - 2014-02-22 12:26 - 00031232 ___SH () C:\Users\Dorina Heller\Documents\Thumbs.db
2014-09-13 13:28 - 2013-12-21 20:22 - 00000223 _____ () C:\Users\Dorina Heller\AppData\Roaming\WB.CFG
2014-09-13 09:52 - 2013-12-22 16:33 - 00003990 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{174F0087-2257-44CC-8E99-A8AAB004518F}
2014-09-12 20:49 - 2013-01-21 19:03 - 00002186 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 13:01 - 2014-03-18 18:15 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\Websteroids
2014-09-12 10:16 - 2012-09-09 20:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 10:15 - 2014-02-26 03:38 - 01594964 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-12 10:15 - 2011-02-11 10:21 - 00699682 _____ () C:\windows\system32\perfh007.dat
2014-09-12 10:15 - 2011-02-11 10:21 - 00149790 _____ () C:\windows\system32\perfc007.dat
2014-09-12 10:14 - 2009-07-14 07:13 - 01594964 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-12 10:13 - 2013-08-16 00:11 - 00000000 ____D () C:\windows\system32\MRT
2014-09-12 09:55 - 2012-09-09 20:04 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-12 05:41 - 2014-05-07 02:07 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-12 05:41 - 2011-05-25 21:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-09-12 05:41 - 2011-05-25 20:58 - 00000000 ____D () C:\Program Files (x86)\Toshiba TEMPRO
2014-09-12 05:41 - 2011-05-25 20:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-09-12 05:41 - 2011-05-25 20:49 - 00000000 ____D () C:\Program Files\PlayReady
2014-09-12 05:41 - 2011-02-11 10:20 - 00000000 ____D () C:\windows\SysWOW64\de
2014-09-12 05:41 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-12 05:41 - 2010-11-21 09:06 - 00000000 ____D () C:\windows\SysWOW64\sysprep
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\uk-UA
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\th-TH
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sr-Latn-CS
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sppui
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sl-SI
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sk-SK
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Setup
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ro-RO
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Recovery
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ras
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\oobe
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\migwiz
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\manifeststore
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\lv-LV
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\lt-LT
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\InstallShield
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\icsxml
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\hr-HR
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\he-IL
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\et-EE
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\com
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\bg-BG
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ar-SA
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\AdvancedInstallers
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\migwiz
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\servicing
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\L2Schemas
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-12 05:38 - 2012-09-09 18:05 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-09-12 05:38 - 2012-09-09 17:55 - 00000000 ____D () C:\windows\SysWOW64\SDA
2014-09-12 05:38 - 2012-09-09 17:47 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-09-12 05:38 - 2012-09-09 17:43 - 00000000 ____D () C:\windows\SysWOW64\Microsoft.VC80.MFC
2014-09-12 05:38 - 2012-09-09 17:42 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-09-12 05:37 - 2012-09-11 20:07 - 00000000 ____D () C:\windows\system32\Macromed
2014-09-12 05:37 - 2012-09-10 22:03 - 00000000 ____D () C:\windows\System32\Tasks\Apple
2014-09-12 05:37 - 2012-09-09 20:33 - 00000000 ____D () C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-12 05:37 - 2011-02-11 10:20 - 00000000 ____D () C:\windows\system32\de
2014-09-12 05:37 - 2009-07-14 07:32 - 00000000 ____D () C:\windows\system32\restore
2014-09-12 05:37 - 2009-07-14 07:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-09-12 05:37 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-12 05:36 - 2010-11-21 09:16 - 00000000 ____D () C:\windows\ShellNew
2014-09-12 05:35 - 2014-09-09 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2014-09-12 05:35 - 2014-08-28 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-09-12 05:35 - 2014-06-07 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-09-12 05:35 - 2014-03-18 18:15 - 00000000 ____D () C:\ProgramData\Websteroids
2014-09-12 05:35 - 2014-03-18 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2014-09-12 05:35 - 2014-03-18 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter
2014-09-12 05:35 - 2014-03-16 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-12 05:35 - 2014-01-02 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-09-12 05:35 - 2013-12-27 10:50 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-09-12 05:35 - 2013-11-22 02:28 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2014-09-12 05:35 - 2013-11-19 23:43 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JustCloud
2014-09-12 05:35 - 2013-11-13 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-12 05:35 - 2013-09-17 00:22 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2014-09-12 05:35 - 2013-09-17 00:22 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2014-09-12 05:35 - 2013-05-19 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-12 05:35 - 2013-03-16 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 05:35 - 2013-01-21 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-12 05:35 - 2012-11-15 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-09-12 05:35 - 2012-10-01 18:54 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\GameCenter
2014-09-12 05:35 - 2012-09-09 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-12 05:35 - 2012-09-09 20:10 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Coeurier
2014-09-12 05:35 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Artikel_Reports_Letters_Family
2014-09-12 05:35 - 2012-09-09 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-09-12 05:35 - 2012-09-09 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
2014-09-12 05:35 - 2012-09-09 18:20 - 00000000 ___RD () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:35 - 2012-09-09 18:20 - 00000000 ___RD () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:35 - 2012-09-09 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA VIDEO PLAYER
2014-09-12 05:35 - 2012-09-09 17:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:35 - 2012-09-09 17:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:35 - 2011-05-25 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Service
2014-09-12 05:34 - 2014-06-07 15:27 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-09-12 05:34 - 2014-01-02 17:08 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-09-12 05:34 - 2013-09-17 00:22 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-09-12 05:34 - 2013-06-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-12 05:34 - 2013-05-19 20:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-12 05:34 - 2013-05-19 20:12 - 00000000 ____D () C:\Program Files\iTunes
2014-09-12 05:34 - 2013-04-02 19:58 - 00000000 ____D () C:\Program Files (x86)\Yontoo
2014-09-12 05:34 - 2013-03-16 18:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 05:34 - 2012-10-01 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\GoforFiles
2014-09-12 05:34 - 2012-10-01 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\GameCenter
2014-09-12 05:34 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-12 05:34 - 2012-09-10 21:06 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-09-12 05:34 - 2012-09-09 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2014-09-12 05:34 - 2012-09-09 18:27 - 00000000 ____D () C:\Program Files\Amazon
2014-09-12 05:34 - 2012-09-09 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2014-09-12 05:33 - 2014-03-18 18:15 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro
2014-09-12 05:33 - 2013-12-27 10:50 - 00000000 ____D () C:\Program Files (x86)\SaveSense
2014-09-12 05:33 - 2013-03-16 18:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 05:33 - 2012-09-09 19:09 - 00000000 ____D () C:\Program Files (x86)\Panda USB Vaccine
2014-09-12 05:33 - 2011-05-25 21:18 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Games
2014-09-12 05:33 - 2011-05-25 20:57 - 00000000 ____D () C:\Program Files (x86)\Photo-Service
2014-09-12 05:32 - 2014-05-11 22:46 - 00000000 ____D () C:\Program Files (x86)\Anki
2014-09-12 05:32 - 2014-03-18 18:14 - 00000000 ____D () C:\Program Files (x86)\InstallConverter
2014-09-12 05:32 - 2013-11-19 23:43 - 00000000 ____D () C:\Program Files (x86)\JustCloud
2014-09-12 05:32 - 2013-09-17 00:22 - 00000000 ____D () C:\Program Files (x86)\DealPly
2014-09-12 05:32 - 2013-06-07 14:25 - 00000000 ____D () C:\Program Files (x86)\entrusted
2014-09-12 05:32 - 2013-06-07 14:23 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-12 05:32 - 2013-05-19 20:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-12 05:32 - 2012-10-01 18:53 - 00000000 ____D () C:\Program Files (x86)\GoforFiles
2014-09-12 05:32 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-12 05:32 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-12 05:32 - 2012-09-10 21:20 - 00000000 ____D () C:\Program Files (x86)\Ask.com
2014-09-12 05:32 - 2012-09-09 19:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-09-12 05:32 - 2012-09-09 19:08 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-09-12 05:32 - 2012-09-09 18:26 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-09-12 05:20 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\registration
2014-09-12 04:59 - 2011-05-25 21:33 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-12 04:57 - 2014-03-24 12:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-11 22:30 - 2013-10-24 12:14 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 22:30 - 2012-09-11 20:07 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 22:30 - 2012-09-11 20:07 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-11 20:39 - 2012-09-09 18:20 - 00000000 ____D () C:\Users\Dorina Heller
2014-09-11 20:38 - 2014-09-11 20:38 - 00266288 _____ () C:\windows\Minidump\091114-51074-01.dmp
2014-09-11 20:38 - 2014-04-13 20:30 - 00000000 ____D () C:\windows\Minidump
2014-09-11 20:37 - 2014-04-13 20:29 - 878928776 _____ () C:\windows\MEMORY.DMP
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\0fa2b777dcf5c166eeabf07571bbfc44
2014-09-09 20:02 - 2011-05-25 21:36 - 00001839 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2014-09-08 10:59 - 2014-09-08 10:59 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\onlysearch
2014-09-05 15:05 - 2010-11-21 05:47 - 00377788 _____ () C:\windows\PFRO.log
2014-09-05 14:52 - 2014-05-17 00:50 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\Windows Live
2014-09-03 16:46 - 2014-03-18 18:15 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-30 19:21 - 2013-09-30 21:01 - 00000000 ____D () C:\Users\Dorina Heller\Documents\1_SOAS
2014-08-29 10:42 - 2009-07-14 06:45 - 00341344 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-28 00:23 - 2013-10-12 12:34 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Skype
2014-08-27 14:25 - 2014-08-27 14:25 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{F68BB0CC-8E97-411E-ADC9-B76F2851EBC6}
2014-08-27 14:23 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Bilder
2014-08-25 15:28 - 2014-08-25 15:28 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{EA2B0657-401B-4D0C-B581-5AD576911003}
2014-08-25 15:23 - 2011-05-25 21:21 - 00000925 _____ () C:\windows\DirectX.log
2014-08-23 04:07 - 2014-08-28 12:27 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 12:27 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 12:27 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-20 18:09 - 2014-08-20 18:08 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Anki
2014-08-20 12:45 - 2014-08-20 12:45 - 00000000 ____D () C:\ProgramData\Browser
2014-08-19 21:18 - 2014-08-19 21:05 - 247843736 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\OfficeLangPack2013_ChnTrad_x86.exe
2014-08-17 12:42 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-08-17 11:50 - 2009-07-14 07:08 - 00032632 _____ () C:\windows\Tasks\SCHEDLGU.TXT

Some content of TEMP:
====================
C:\Users\Dorina Heller\AppData\Local\Temp\APNStub.exe
C:\Users\Dorina Heller\AppData\Local\Temp\avgnt.exe
C:\Users\Dorina Heller\AppData\Local\Temp\BackupSetup.exe
C:\Users\Dorina Heller\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Dorina Heller\AppData\Local\Temp\htmlayout.dll
C:\Users\Dorina Heller\AppData\Local\Temp\Launcher_i215689629.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsb6C66.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsb72CE.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsh5991.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsl3973.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsq3462.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsr2C19.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsr6F83.exe
C:\Users\Dorina Heller\AppData\Local\Temp\nsw36A5.exe
C:\Users\Dorina Heller\AppData\Local\Temp\setup.exe
C:\Users\Dorina Heller\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Dorina Heller\AppData\Local\Temp\setup__3862.exe
C:\Users\Dorina Heller\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Dorina Heller\AppData\Local\Temp\tbv5dzl1.dll
C:\Users\Dorina Heller\AppData\Local\Temp\toolbar32794732.exe
C:\Users\Dorina Heller\AppData\Local\Temp\toolbar401920.exe
C:\Users\Dorina Heller\AppData\Local\Temp\toolbar426959.exe
C:\Users\Dorina Heller\AppData\Local\Temp\toolbar448206.exe
C:\Users\Dorina Heller\AppData\Local\Temp\toolbar609854.exe
C:\Users\Dorina Heller\AppData\Local\Temp\ToolbarHelper.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update167498.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update190633.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update216903.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update223159.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update250568.exe
C:\Users\Dorina Heller\AppData\Local\Temp\update411062.exe
C:\Users\Dorina Heller\AppData\Local\Temp\uti91F8.tmp.exe
C:\Users\Dorina Heller\AppData\Local\Temp\wajam_install.exe
C:\Users\Dorina Heller\AppData\Local\Temp\~convert3729718752265838003.exe
C:\Users\Dorina Heller\AppData\Local\Temp\~convert4803162099771479836.exe
C:\Users\Dorina Heller\AppData\Local\Temp\~convert4910208191893167553.exe
C:\Users\Dorina Heller\AppData\Local\Temp\~convert5454748389629447788.exe
C:\Users\Dorina Heller\AppData\Local\Temp\~convert5902075233786785821.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-09 20:00

==================== End Of Log ============================
--- --- ---
Alt 15.09.2014, 20:56   #6
marlen101
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Und da nicht alles auf einmal in den Thread ging, hier noch die Addition:

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Dorina Heller at 2014-09-13 16:15:07
Running from C:\Users\Dorina Heller\Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee  Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee  Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee  Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4Videosoft PDF to Image Converter 3.1.6 (HKLM-x32\...\{6080B4A6-35A8-4a85-A18F-07A249E8FEF7}_is1) (Version:  - )
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon.de (HKLM-x32\...\{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}) (Version:  - Amazon EU S.a.r.L.)
Anki (HKLM-x32\...\Anki) (Version:  - )
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.2.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.1.23037 - Ask.com) <==== ATTENTION
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Babylon toolbar on IE (HKLM-x32\...\BabylonToolbar) (Version:  - BabylonToolbar) <==== ATTENTION
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.06(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
Chicken Invaders 3 - Revenge of the Yolk (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chinese Simplified Fonts Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.859 - Corel Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dealply (HKCU\...\Dealply) (Version:  - ) <==== ATTENTION
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.7.2 - DealPly Technologies Ltd.) <==== ATTENTION
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version:  - Microsoft)
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Delta) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.16.16 - Delta) <==== ATTENTION
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
eBay (HKLM-x32\...\{FDE58148-57E7-43BF-879A-29CCE818C078}) (Version: 1.1.9 - eBay Inc.)
ENE CIR Receiver Driver (HKLM\...\2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042) (Version: 2.7.4.1 - ENE)
entrusted Toolbar (HKLM-x32\...\entrusted Toolbar) (Version: 6.13.3.1 - entrusted) <==== ATTENTION
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Free YouTube to MP3 Converter version 3.12.20.1230 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.20.1230 - DVDVideoSoft Ltd.)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GoforFiles (HKCU\...\GoforFiles) (Version: 2.0.5 - hxxp://www.goforfiles.com/) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 7.1.13900.47.0 - Nero AG) Hidden
HP Photosmart Plus B209a-m All-in-One Driver 14.0 Rel. 6 (HKLM\...\{B2DAB009-8236-48A0-AD7F-E940F5AB1578}) (Version: 14.0 - HP)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
InstallConverter (x32 Version: 1.0 - InstallConverter) Hidden
InstallConverter bundle uninstaller (HKLM-x32\...\InstallConverter bundle uninstaller) (Version: 2.0.0.5 - InstallConverter)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{7FCDABCC-1A1E-4D61-909D-BA9495172774}) (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216037FF}) (Version: 6.0.370 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.59.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
JustCloud  (HKLM\...\JustCloud) (Version:  - JustCloud)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.31 - Logitech Inc.)
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 11.6.434 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MixiDJ chrome Toolbar (HKLM-x32\...\MixiDJ chrome Toolbar) (Version:  - MixiDJ) <==== ATTENTION
MixiDJ Toolbar  (HKLM-x32\...\mixidj) (Version: 1.8.18.8 - mixidj) <==== ATTENTION
Mozilla Firefox 32.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 en-GB)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 10 Movie ThemePack Basic (x32 Version: 10.2.10000.0.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.6.11500.16.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.5.10600 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10600 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12000.0.0 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10600 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.18700.9.1 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10600 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.5.10600 - Nero AG) Hidden
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.2.13300.36.100 - Nero AG)
Nero MediaHub 10 Help (CHM) (x32 Version: 10.5.10600 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}) (Version: 10.5.14800 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.5.10600 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10600 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10300.25.0 - Nero AG)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller Driver (x32 Version: 267.92 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 268.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 268.51 - NVIDIA Corporation)
NVIDIA Grafiktreiber 268.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.51 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.22 (Version: 1.0.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Systemsteuerung 268.51 (Version: 268.51 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.22 - NVIDIA Corporation) Hidden
Optimizer Pro v3.2 (x32 Version:  - ) Hidden <==== ATTENTION
Panda USB Vaccine 1.0.1.4 (HKLM-x32\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Photo Service - powered by myphotobook (HKLM-x32\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.2.0-545 - myphotobook GmbH)
Photo Service - powered by myphotobook (x32 Version: 1.2.0 - myphotobook GmbH) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PS_AIO_06_B209a-m_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
QuickShare (HKLM-x32\...\{11D4FAA0-A577-4FA8-B24E-D24283D861D1}) (Version: 11.24.60.15709 - Linkury Inc.) <==== ATTENTION
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6323 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
SaveSense (HKCU\...\SaveSense) (Version:  - SaveSense) <==== ATTENTION
SaveSense (remove only) (HKLM-x32\...\SaveSense) (Version: 5.3.0.6 - SaveSense) <==== ATTENTION
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.2.3 - Client Connect LTD) <==== ATTENTION
Secunia PSI (3.0.0.3001) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.3001 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Toolbars (HKLM-x32\...\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}) (Version: 5.0.4126 - Skype Technologies S.A.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
STEIG EIN! 1.2 (HKLM-x32\...\{565975F6-01B9-409E-A5FF-EA656EE0144F}_is1) (Version:  - Hubert Ebner Verlags GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}) (Version: 2.1.10.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 2.1.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM-x32\...\{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A}) (Version: 8.0.38 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.9 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{6FF9A012-0254-41E9-81E2-F538C4B53611}) (Version: 1.3.2.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.9.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.9.64 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.12C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.12C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.1.34C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (x32 Version: 1.63.1.34C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.1.13 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.8 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.00.0008 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.7.64 - TOSHIBA Corporation)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.0.2.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.18.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.18.64 - TOSHIBA Corporation) Hidden
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.7.5 - TOSHIBA CORPORATION)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.52 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (x32 Version: 1.63.51.2C - TOSHIBA CORPORATION) Hidden
TOSHIBA Supervisorkennwort (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.51.2C - TOSHIBA CORPORATION)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.12.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.5.12.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.5.12.64 - TOSHIBA Corporation) Hidden
TOSHIBA VIDEO PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 4.00.7.01-A - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.24 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.0.24 - TOSHIBA Corporation) Hidden
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}) (Version: 1.0.4 - TOSHIBA CORPORATION)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities 2014) (Version: 14.0.1000.89 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.89 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Utility Common Driver (x32 Version: 1.0.52.2C - TOSHIBA) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Wajam (HKLM-x32\...\Wajam) (Version: 2.12 (i2.5) - Wajam) <==== ATTENTION
Websteroids (x32 Version: 2.6.63 - Creative Island Media, LLC) Hidden <==== ATTENTION
Wedding Dash 2 - Rings Around the World (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.5 - WildTangent) Hidden
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yontoo 2.051 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 2.051 - Yontoo LLC) <==== ATTENTION
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-09-2014 18:07:45 Geplanter Prüfpunkt
11-09-2014 12:00:07 Windows Update
12-09-2014 07:53:03 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0FF42732-C4B3-4E01-A7D9-B9271378233F} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {1AF8F2F4-8715-4F09-B3B5-E11D51E18B95} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: {35531A66-07BD-471D-A505-C46357335B59} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {3B6E793D-9648-41B6-A4AC-D0FB5E684F36} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-05-04] () <==== ATTENTION
Task: {406063B5-56E4-4030-A18D-F4EAE6F5F195} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-12-27] (SaveSense) <==== ATTENTION
Task: {4D90E574-744A-4F1A-805F-BCFDF06EDDC2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6871352F-6FAA-4870-9A95-E5BB1398241C} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {6FE9C47B-5492-4BC1-8588-54A4E81ADAB5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-08-30] (TuneUp Software)
Task: {76098A76-213A-45D8-842E-3503B6D1FCC8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-21] (Google Inc.)
Task: {8F26F94A-E804-4C86-9C45-E5FA888ADDBC} - System32\Tasks\DealPlyLiveUpdateTaskMachineCore => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-09-17] (DealPly Technologies Ltd) <==== ATTENTION
Task: {A1207A6E-69B6-4C13-9E25-A546C40860E3} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {AD0773AC-67E3-4B78-9EFD-0B2370C1D57B} - System32\Tasks\EPUpdater => C:\Users\Dorina Heller\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] () <==== ATTENTION
Task: {B80F29DA-C6BE-4A1A-AB74-D28CC1967531} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {C149E011-BA9C-457D-9DF5-2CBB99AA9E0B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {C92CF89D-6ECE-4409-96C7-85652A8BB989} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {CBD08C86-CA66-4C80-9465-B84B5B67E5F5} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe [2013-12-27] (SaveSense) <==== ATTENTION
Task: {D2514D86-685B-4133-8D3B-6D5AEF4D8449} - System32\Tasks\Dealply => C:\Users\Dorina Heller\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe [2013-09-17] () <==== ATTENTION
Task: {D68073E5-C91D-4DC3-88D7-7DB65B8C0CF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-21] (Google Inc.)
Task: {E5483778-473E-4E36-BC5B-48AF0104D599} - System32\Tasks\DealPlyLiveUpdateTaskMachineUA => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-09-17] (DealPly Technologies Ltd) <==== ATTENTION
Task: {E5BD9197-5684-4801-B5DA-043E3294066D} - System32\Tasks\LaunchApp => C:\Program Files (x86)\JustCloud\JustCloud.exe [2013-09-20] (JustCloud.com)
Task: {F0BFAA6D-DEBF-4441-8FC2-D6F561E7407D} - System32\Tasks\SaveSense => C:\Users\DORINA~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {F8126491-FDE5-481A-8421-6CCBB0C55534} - System32\Tasks\{D6D710EB-89D2-4998-B454-467363A67C03} => Firefox.exe 
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Dealply.job => C:\Users\DORINA~1\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SaveSense.job => C:\Users\DORINA~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-03-18 18:15 - 2014-03-18 18:15 - 02681648 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll
2013-08-30 10:51 - 2013-08-30 10:51 - 00757048 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2011-04-07 13:59 - 2011-04-07 13:59 - 00592312 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2013-09-20 00:37 - 2013-09-20 00:37 - 03889152 _____ () C:\Program Files (x86)\JustCloud\MPCBIconOverlays.dll
2013-09-20 00:32 - 2013-09-20 00:32 - 01102336 _____ () C:\Program Files (x86)\JustCloud\x64\System.Data.SQLite.dll
2013-09-20 00:37 - 2013-09-20 00:37 - 00012288 _____ () C:\Program Files (x86)\JustCloud\GetText.dll
2014-04-30 23:18 - 2014-04-30 23:18 - 01356664 _____ () C:\windows\system32\Websteroids.B324755F3F87.2.6.80.dll
2011-04-04 19:18 - 2011-04-04 19:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-18 17:18 - 2010-11-18 17:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2010-11-30 10:37 - 2010-11-30 10:37 - 00048504 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2013-09-20 00:32 - 2013-09-20 00:32 - 00048128 _____ () C:\Program Files (x86)\JustCloud\diffstack.dll
2013-09-20 00:32 - 2013-09-20 00:32 - 00063488 _____ () C:\Program Files (x86)\JustCloud\Crypto64.dll
2010-12-15 15:19 - 2010-12-15 15:19 - 00124320 _____ () C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
2011-03-03 23:21 - 2011-03-03 23:21 - 03420584 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2011-05-25 21:17 - 2011-02-22 10:16 - 00559104 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\de\Humphrey.resources.dll
2011-02-22 19:22 - 2011-02-22 19:22 - 00429432 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2012-08-30 14:46 - 2013-10-03 11:42 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2011-05-25 20:56 - 2011-04-21 10:57 - 00013184 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\de\TosDILangPack.resources.dll
2011-05-25 20:56 - 2011-04-21 10:57 - 00063360 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIInternal.XmlSerializers.dll
2011-11-11 15:07 - 2011-11-11 15:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 13:19 - 2011-08-12 13:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2010-12-08 15:42 - 2010-12-08 15:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2012-10-04 21:06 - 2012-07-17 14:56 - 00024704 _____ () C:\Program Files\Common Files\McAfee\SystemCore\mfeelama.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00021784 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Lrcnta.exe
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-26 15:42 - 2014-09-13 15:22 - 00013600 _____ () C:\Users\Dorina Heller\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00045848 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00067864 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\srau.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00164632 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 02281752 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00065816 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\spbl.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00153880 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00013592 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\siem.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00060184 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\sppsm.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00695576 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00014104 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00077592 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00026392 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00055576 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\srut.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00028440 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\srsbs.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00064280 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00029976 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\srom.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00029976 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\smtu.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00038168 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\smta.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00023320 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\sgml.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00042776 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\srbu.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00060696 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00023832 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\srpdm.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00042264 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-03-09 20:41 - 2014-03-09 20:41 - 00025880 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00034584 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-03-09 20:43 - 2014-03-09 20:43 - 00254232 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\srns.dll
2012-08-30 14:39 - 2013-10-03 11:42 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2013-05-30 09:57 - 2013-05-30 09:57 - 00911128 _____ () C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-11-11 15:08 - 2011-11-11 15:08 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2014-03-24 12:15 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Dorina Heller\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2011-11-11 15:09 - 2011-11-11 15:09 - 00336408 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-06-18 17:27 - 2014-09-13 15:40 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-09-11 22:30 - 2014-09-11 22:30 - 16825520 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
2014-03-09 20:42 - 2014-03-09 20:42 - 00029464 _____ () C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\lrcnt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/13/2014 03:33:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 1.0.22.0, Zeitstempel: 0x4dc40e05
Name des fehlerhaften Moduls: daemonu.exe, Version: 1.0.22.0, Zeitstempel: 0x4dc40e05
Ausnahmecode: 0xc000000d
Fehleroffset: 0x0004ddc6
ID des fehlerhaften Prozesses: 0x1980
Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0
Pfad der fehlerhaften Anwendung: daemonu.exe1
Pfad des fehlerhaften Moduls: daemonu.exe2
Berichtskennung: daemonu.exe3

Error: (09/13/2014 03:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.21.25189, Zeitstempel: 0x53fdd63b
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1ed0
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3

Error: (09/13/2014 03:31:34 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileLoadException
Stack:
   at Avira.OE.Systray.Program.Main(System.String[])

Error: (09/13/2014 03:25:19 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 10564 (0x2944)

Thread address : 0x00000000774A15EA

Thread message : 

 Build VSCORE.15.1.0.461 / 5500.1093
 Object being scanned = \Device\HarddiskVolume2\Users\Dorina Heller\AppData\Local\Temp\dpwdyuhy.0.cs
 by C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\QuickShare.exe
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)
 5003(0)(0)
 5002(0)(1)
 15002(0)(0)
 5000(0)(0)

Error: (09/13/2014 03:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NDSTray.exe, Version: 8.0.0.48, Zeitstempel: 0x4cf8869a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e066
ID des fehlerhaften Prozesses: 0x2254
Startzeit der fehlerhaften Anwendung: 0xNDSTray.exe0
Pfad der fehlerhaften Anwendung: NDSTray.exe1
Pfad des fehlerhaften Moduls: NDSTray.exe2
Berichtskennung: NDSTray.exe3

Error: (09/13/2014 03:13:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2014 03:09:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2014 03:06:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2014 01:33:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999

Error: (09/13/2014 01:33:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999


System errors:
=============
Error: (09/13/2014 03:33:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/13/2014 03:29:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee McShield" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/13/2014 03:27:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (09/13/2014 03:19:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (09/13/2014 03:13:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/13/2014 03:09:58 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b

Error: (09/13/2014 03:09:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/13/2014 03:06:27 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b

Error: (09/13/2014 03:06:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/13/2014 09:36:24 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (09/13/2014 03:33:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: daemonu.exe1.0.22.04dc40e05daemonu.exe1.0.22.04dc40e05c000000d0004ddc6198001cfcf56235067d9C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe943dca44-3b4a-11e4-a01d-1c659db18485

Error: (09/13/2014 03:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.21.2518953fdd63bKERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d1ed001cfcf5707627c92C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\windows\syswow64\KERNELBASE.dll47c15682-3b4a-11e4-a01d-1c659db18485

Error: (09/13/2014 03:31:34 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileLoadException
Stack:
   at Avira.OE.Systray.Program.Main(System.String[])

Error: (09/13/2014 03:25:19 PM) (Source: McLogEvent) (EventID: 5051) (User: NT-AUTORITÄT)
Description: C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe9000010564 (0x2944)0x00000000774A15EA
 Build VSCORE.15.1.0.461 / 5500.1093
 Object being scanned = \Device\HarddiskVolume2\Users\Dorina Heller\AppData\Local\Temp\dpwdyuhy.0.cs
 by C:\Users\Dorina Heller\AppData\Local\Smartbar\Application\QuickShare.exe
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)
 5003(0)(0)
 5002(0)(1)
 15002(0)(0)
 5000(0)(0)

Error: (09/13/2014 03:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NDSTray.exe8.0.0.484cf8869antdll.dll6.1.7601.18247521ea8e7c00000050002e066225401cfcf54be73fba6C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exeC:\windows\SysWOW64\ntdll.dll37b39701-3b48-11e4-a01d-1c659db18485

Error: (09/13/2014 03:13:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2014 03:09:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2014 03:06:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/13/2014 01:33:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999

Error: (09/13/2014 01:33:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999


CodeIntegrity Errors:
===================================
  Date: 2014-08-17 12:10:15.904
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 12:10:15.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-17 12:09:33.971
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-15 19:50:20.744
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-15 19:50:20.744
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-15 19:49:36.593
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 14:42:57.494
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 14:42:57.489
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 14:41:18.123
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-17 12:18:44.889
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz
Percentage of memory in use: 51%
Total physical RAM: 6050.69 MB
Available physical RAM: 2939.8 MB
Total Pagefile: 12099.55 MB
Available Pagefile: 7237.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (TI30780700A) (Fixed) (Total:448.91 GB) (Free:305.78 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Fixed) (Total:465.76 GB) (Free:303.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 79C298DD)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=448.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.4 GB) - (Type=17)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 5D379805)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=OF Extended)

==================== End Of Log ============================
--- --- ---
Alt 16.09.2014, 13:02   #7
schrauber
/// the machine
/// TB-Ausbilder
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.09.2014, 21:01   #8
marlen101
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Ich habe soweit alles deinstalliert nur hab ich manches nicht in Revo gefunden wie zB "Optimizer 3" oder "Yontoo"...ist das ein Problem?
Und ich kann mir Combofix nicht runterladen, weil ich es nicht schaffe meine Antivirensoftware zu deaktivieren :-/

Alt 17.09.2014, 20:08   #9
schrauber
/// the machine
/// TB-Ausbilder
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Versuch die Dinger über WIndows zu deinstallieren. Deinstalliere auch dein AV, wir installieren es später wieder.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.09.2014, 13:02   #10
marlen101
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Okay, soweit hat alles geklappt, logfile siehe unten. Noch eine Frage: Sollte das DVD Laufwerk dann auch wieder funktionieren? Oder ist das ein andres Problem?
LG

Code:
ATTFilter
Combofix Logfile:


	
Code: 

 
ATTFilter


  

	
ComboFix 14-09-18.01 - Dorina Heller 18.09.2014  12:49:27.1.8 - x64
ausgeführt von:: c:\users\Dorina Heller\Documents\Downloads\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPly.xpi
c:\program files (x86)\DealPly\DealPlyIE.dll
c:\program files (x86)\DealPly\DealPlyIE64.dll
c:\program files (x86)\DealPly\DealPlyUpdateVer.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\program files (x86)\SaveSense
c:\program files (x86)\SaveSense\icon.ico
c:\program files (x86)\SaveSense\SaveSense.crx
c:\program files (x86)\SaveSense\SaveSense.xpi
c:\program files (x86)\SaveSense\SaveSenseIE.dll
c:\program files (x86)\SaveSense\SaveSenseIE64.dll
c:\program files (x86)\SaveSense\SaveSenseUpdateVer.exe
c:\program files (x86)\SaveSense\uninst.exe
c:\program files (x86)\SaveSenseLive
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdate.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_am.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ar.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_bg.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_bn.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ca.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_cs.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_da.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_de.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_el.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_en-GB.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_en.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_es-419.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_es.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_et.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fa.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fi.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fil.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_fr.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_gu.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hi.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hr.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_hu.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_id.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_is.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_it.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_iw.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ja.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_kn.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ko.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_lt.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_lv.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ml.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_mr.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ms.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_nl.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_no.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pl.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pt-BR.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_pt-PT.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ro.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ru.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sk.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sl.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sr.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sv.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_sw.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ta.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_te.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_th.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_tr.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_uk.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_ur.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_vi.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_zh-CN.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\goopdateres_zh-TW.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\psuser.dll
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHelper.msi
c:\program files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe
c:\program files (x86)\SaveSenseLive\Update\SaveSenseLive.exe
c:\programdata\SaveSenseLive
c:\programdata\SaveSenseLive\Update\Log\SaveSenseLive.log
c:\users\Dorina Heller\4.0
c:\users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
c:\users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{05A84932-4AA6-4AA3-B5FA-B949C79D445E}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{0B634E3B-70C7-4763-BCF3-299145823DC2}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{2180A2EE-F120-4BFB-A2CC-C7CE2FE5A85E}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{32993785-D51F-413F-8C6E-179D90DC5FC5}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{357C8326-436D-4738-B8D6-A3607DF0D40A}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{52C2E28B-AA47-4F64-81F7-E1728A701210}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{6C4A072A-D843-4ADE-B8C8-14A027EA9F18}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{75C1E8C6-F49E-493E-A912-88829383E262}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7903CB14-2D82-4E49-82FE-2091AB68145E}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{855FD43F-9E39-4643-B804-59FE72E7816A}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{92B40217-DDA5-4CF4-BF1A-A7C67149D945}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{99538C6B-B1F1-4EA0-B461-E83C054ED9FB}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C200087C-9929-4F7E-B787-9BE8166DEFA4}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{C4EBF3C5-0631-47FD-982C-CA2452F78D20}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D6C3EAFA-28F1-437E-A99D-5F4EA15EC707}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D9A12512-B342-4BA3-B70C-7C999BD767A4}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FBD34EF4-C00D-415F-8301-2BE992FBEAA7}.xps
c:\users\Dorina Heller\AppData\Local\Microsoft\Windows\Temporary Internet Files\{FF7FB06F-D464-4DBD-B67E-35E382D231B3}.xps
c:\users\Dorina Heller\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Dorina Heller\AppData\Roaming\SaveSense
c:\users\DORINA~1\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_savesenselive
-------\Service_savesenselivem
-------\Service_savesenselivem
-------\Service_Wajam Internet Enhancer Service
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-08-18 bis 2014-09-18  ))))))))))))))))))))))))))))))
.
.
2014-09-16 20:08 . 2014-09-16 20:09	--------	d-----w-	c:\users\Dorina Heller\.tfo4
2014-09-16 18:38 . 2014-09-16 18:38	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-09-14 08:12 . 2014-06-27 02:08	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2014-09-14 08:12 . 2014-06-27 01:45	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-13 14:13 . 2014-09-13 14:17	--------	d-----w-	C:\FRST
2014-09-13 14:11 . 2014-09-05 02:10	578048	----a-w-	c:\windows\system32\aepdu.dll
2014-09-13 14:11 . 2014-09-05 02:05	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-09-13 13:56 . 2014-06-24 03:29	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2014-09-13 13:56 . 2014-06-24 02:59	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2014-09-13 13:55 . 2014-07-07 02:06	728064	----a-w-	c:\windows\system32\kerberos.dll
2014-09-13 13:55 . 2014-07-07 02:06	1460736	----a-w-	c:\windows\system32\lsasrv.dll
2014-09-13 13:55 . 2014-07-07 01:40	550912	----a-w-	c:\windows\SysWow64\kerberos.dll
2014-09-13 13:55 . 2014-07-07 01:40	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2014-09-13 13:55 . 2014-07-07 01:39	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
2014-09-13 13:40 . 2014-09-13 13:40	3231696	----a-w-	c:\program files (x86)\Mozilla Firefox\d3dcompiler_46.dll
2014-09-11 14:51 . 2014-09-11 14:51	--------	d-----w-	C:\0fa2b777dcf5c166eeabf07571bbfc44
2014-09-10 09:34 . 2014-08-01 11:53	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-09-10 09:34 . 2014-08-01 11:35	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-09-08 08:59 . 2014-09-08 08:59	--------	d-----w-	c:\users\Dorina Heller\AppData\Local\onlysearch
2014-09-04 12:50 . 2014-09-04 12:50	188304	----a-w-	c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-08-28 10:27 . 2014-08-23 02:07	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-28 10:27 . 2014-08-23 00:59	3163648	----a-w-	c:\windows\system32\win32k.sys
2014-08-28 10:27 . 2014-08-23 01:45	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-20 10:45 . 2014-08-20 10:45	--------	d-----w-	c:\programdata\Browser
2014-08-19 20:49 . 2014-08-19 20:49	--------	d-----w-	c:\windows\zh-tw
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-12 07:55 . 2012-09-09 18:04	101694776	----a-w-	c:\windows\system32\MRT.exe
2014-09-11 20:30 . 2012-09-11 18:07	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-11 20:30 . 2012-09-11 18:07	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-29 08:45 . 2010-06-24 09:33	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-07-25 00:35 . 2014-07-25 00:35	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47	869544	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2014-07-16 03:23 . 2014-08-16 14:22	2048	----a-w-	c:\windows\system32\tzres.dll
2014-07-16 02:46 . 2014-08-16 14:22	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-07-14 02:02 . 2014-08-16 14:16	1216000	----a-w-	c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-16 14:16	664064	----a-w-	c:\windows\SysWow64\rpcrt4.dll
2014-06-30 22:24 . 2014-08-17 09:06	8856	----a-w-	c:\windows\system32\icardres.dll
2014-06-30 22:14 . 2014-08-17 09:06	8856	----a-w-	c:\windows\SysWow64\icardres.dll
2014-06-25 02:05 . 2014-08-16 14:21	14175744	----a-w-	c:\windows\system32\shell32.dll
2014-04-13 12:39 . 2014-04-13 12:39	6000640	----a-w-	c:\program files (x86)\GUT56D7.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-12-30 20:27	294456	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-02-18 845176]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-12-20 1476104]
"AmazonMP3DownloaderHelper"="c:\users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-05-22 400704]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-01-07 1406248]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-11-09 532480]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-16 34160]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"TRCMan"="c:\program files (x86)\TOSHIBA\TRCMan\TRCMan.exe" [2011-03-11 714104]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-20 310280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-15 152392]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-05-27 737872]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-08-27 164656]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-02-18 845176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"{90140000-003D-0000-0000-0000000FF1CE}"="del" [X]
"{90140000-0018-0407-0000-0000000FF1CE}"="del" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 70e6ca8c;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dealplylive;DealPly Live-Dienst (dealplylive);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 dealplylivem;DealPly Live-Dienst (dealplylivem);c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe;c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 sxtap;switchX Virtual Network Adapter;c:\windows\system32\sxtap.sys;c:\windows\SYSNATIVE\sxtap.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 BackupStack;Computer Backup (JustCloud);c:\program files (x86)\JustCloud\BackupStack.exe;c:\program files (x86)\JustCloud\BackupStack.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Websteroids;Websteroids;c:\programdata\Websteroids\up\2.6.80\WebsteroidsService.exe;c:\programdata\Websteroids\up\2.6.80\WebsteroidsService.exe [x]
S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys;c:\windows\SYSNATIVE\DRIVERS\CeKbFilter.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhidma.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-12 18:48	1096520	----a-w-	c:\program files (x86)\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-24 20:30]
.
2014-09-18 c:\windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
- c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-09-16 22:22]
.
2014-09-18 c:\windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
- c:\program files (x86)\DealPlyLive\Update\DealPlyLive.exe [2013-09-16 22:22]
.
2014-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-21 16:36]
.
2014-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-21 16:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-12-30 20:27	357432	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-07 167256]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-07 391000]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-07 418136]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-04 11780712]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 710040]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]
"Toshiba Registration"="c:\program files\TOSHIBA\Registration\ToshibaReminder.exe" [2011-05-25 150992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvSzskxzK-t_laIfxmmQQJE6HcPMfUbtU1Pea_RvYvMbFVRc-XaA445ql7pq-2MMM,
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:61807;https=127.0.0.1:61807
uSearchAssistant = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Zu TOSHIBA Bulletin Board hinzufügen - c:\program files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\
FF - ExtSQL: !HIDDEN! 2013-08-12 15:35; {5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}; c:\program files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=66de5d7f000000000000b870f4c8207c&q=
FF - user.js: extensions.BabylonToolbar.id - 66de5d7f000000000000b870f4c8207c
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15614
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.0.7
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.718:54
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 66de5d7f0000000000003e659db18485
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15835
FF - user.js: extensions.delta.vrsn - 1.8.16.16
FF - user.js: extensions.delta.vrsni - 1.8.16.16
FF - user.js: extensions.delta.vrsnTs - 1.8.16.1616:02
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.mixidj.tlbrSrchUrl - 
FF - user.js: extensions.mixidj.id - 66de5d7f0000000000003e659db18485
FF - user.js: extensions.mixidj.appId - {A2773ED4-83BD-488A-A186-73590706C916}
FF - user.js: extensions.mixidj.instlDay - 15964
FF - user.js: extensions.mixidj.vrsn - 1.8.18.8
FF - user.js: extensions.mixidj.vrsni - 1.8.18.8
FF - user.js: extensions.mixidj.vrsnTs - 1.8.18.80:23
FF - user.js: extensions.mixidj.prtnrId - mixidj
FF - user.js: extensions.mixidj.prdct - mixidj
FF - user.js: extensions.mixidj.aflt - babsst
FF - user.js: extensions.mixidj.smplGrp - none
FF - user.js: extensions.mixidj.tlbrId - baseyh
FF - user.js: extensions.mixidj.instlRef - sst
FF - user.js: extensions.mixidj.dfltLng - de
FF - user.js: extensions.mixidj.excTlbr - false
FF - user.js: extensions.mixidj.ffxUnstlRst - false
FF - user.js: extensions.mixidj.admin - false
FF - user.js: extensions.mixidj.autoRvrt - false
FF - user.js: extensions.mixidj.rvrt - false
FF - user.js: extensions.mixidj.newTab - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{0f21b1e5-5afc-43c9-9c66-515046e92ec2} - c:\program files (x86)\SaveSense\SaveSenseIE.dll
BHO-{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - c:\program files (x86)\DealPly\DealPlyIE.dll
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
Wow6432Node-HKLM-Run-DivXMediaServer - c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
AddRemove-WildTangentGameProvider-toshiba-genres - c:\program files (x86)\TOSHIBA Games\Game Explorer Categories - genres\Uninstall.exe
AddRemove-WildTangentGDF-toshiba-crushthecastle2 - c:\program files (x86)\TOSHIBA Games\Web Link - Crush the Castle 2\Uninstall.exe
AddRemove-WildTangentGDF-toshiba-darkorbit - c:\program files (x86)\TOSHIBA Games\Web Link - Dark Orbit\Uninstall.exe
AddRemove-WildTangentGDF-toshiba-farmerama - c:\program files (x86)\TOSHIBA Games\Web Link - Farmerama\Uninstall.exe
AddRemove-WildTangentGDF-toshiba-freerealms - c:\program files (x86)\TOSHIBA Games\Web Link - Free Realms\Uninstall.exe
AddRemove-WildTangentGDF-toshiba-seafight - c:\program files (x86)\TOSHIBA Games\Web Link - Seafight\Uninstall.exe
AddRemove-WildTangentGDF-toshiba-shaiya - c:\program files (x86)\TOSHIBA Games\Web Link - Shaiya\Uninstall.exe
AddRemove-WildTangentGDF-toshiba-worldofwarcraft - c:\program files (x86)\TOSHIBA Games\Web Link - World of Warcraft\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_152_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_152.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Panda USB Vaccine\USBVaccine.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
c:\program files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-09-18  13:59:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-09-18 11:59
.
Vor Suchlauf: 9 Verzeichnis(se), 334.249.521.152 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 341.646.839.808 Bytes frei
.
- - End Of File - - D9EA2375A79B226C06D1D949B40EC6F4
         
 
--- --- ---
5C616939100B85E558DA92B899A0FC36

Alt 18.09.2014, 18:23   #11
schrauber
/// the machine
/// TB-Ausbilder
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.09.2014, 11:23   #12
marlen101
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


So, hoffe das passt jetzt alles. Wegen der Länge auf 2 Antworten aufgeteilt. Das CD Laufwerk lässt sich inzwischen nicht mal mehr öffnen, dafür scheint das Internet schneller geworden zu sein...hab die nächsten Tage leider keinen Internetzugang.
LG

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 19.09.2014 00:23:16, SYSTEM, MARLEN-NOTEBOOK, Protection, Malware Protection, Starting, 
Protection, 19.09.2014 00:23:16, SYSTEM, MARLEN-NOTEBOOK, Protection, Malware Protection, Started, 
Protection, 19.09.2014 00:23:16, SYSTEM, MARLEN-NOTEBOOK, Protection, Malicious Website Protection, Starting, 
Protection, 19.09.2014 00:24:42, SYSTEM, MARLEN-NOTEBOOK, Protection, Malicious Website Protection, Started, 

(end)


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Dorina Heller (administrator) on MARLEN-NOTEBOOK on 19-09-2014 12:01:27
Running from C:\Users\Dorina Heller\Documents\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Panda Security) C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Logitech, Inc.) C:\Users\Dorina Heller\AppData\Local\Logitech® Webcam-Software\Logishrd\LU2.0\LULnchr.exe
(Logitech, Inc.) C:\Users\Dorina Heller\AppData\Local\Logitech® Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Thisisu) C:\Users\Dorina Heller\Documents\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [561152 2011-04-20] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [967544 2011-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-01] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1544104 2011-04-07] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2011-04-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2011-03-30] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-05-25] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712 2010-11-29] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [714104 2011-03-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\.DEFAULT\...\RunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] => C:\windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\.DEFAULT\...\RunOnce: [{90140000-0018-0407-0000-0000000FF1CE}] => C:\windows\system32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [306688 2012-03-26] (FileHippo.com)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104 2012-12-20] (Samsung)
HKU\S-1-5-21-176568798-3075008774-576170976-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
AppInit_DLLs: c:\Windows\System32\nvinitx.dll => c:\Windows\System32\nvinitx.dll [226920 2011-05-11] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:61807;https=127.0.0.1:61807
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120911193311.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120911193312.dll No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Dorina Heller\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: WOT - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: NoScript - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-12-03]
FF Extension: Adblock Plus - C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-09-19]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-06-07]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> enhanced-search.com
CHR DefaultSearchURL: Default -> hxxp://www.enhanced-search.com/?q={searchTerms}&babsrc=SP_ss_mib2&mntrId=66DE3E659DB18485&affID=121136&tsp=5007
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\program files (x86)\google\chrome\application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\program files (x86)\google\chrome\application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\program files (x86)\google\chrome\application\37.0.2062.120\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Profile: C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-21]
CHR Extension: (Google Drive) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-21]
CHR Extension: (No Name) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-02-24]
CHR Extension: (Google-Suche) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-21]
CHR Extension: (SiteAdvisor) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-01-21]
CHR Extension: (Google Wallet) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Google Mail) - C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1326176 2012-07-25] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [681056 2012-07-25] (Secunia)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 Thpsrv; C:\windows\system32\ThpSrv.exe [526848 2010-12-24] (TOSHIBA Corporation) [File not signed]
R2 TosCoSrv; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [480256 2011-04-20] (TOSHIBA Corporation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-08-30] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 sxtap; C:\Windows\System32\sxtap.sys [29696 2012-02-05] (iiNES GmbH)
S3 Tosrfcom; No ImagePath
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 12:01 - 2014-09-19 12:01 - 00001391 _____ () C:\Users\Dorina Heller\Desktop\JRT.txt
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\windows\ERUNT
2014-09-19 11:41 - 2014-09-19 11:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 11:38 - 2014-09-19 12:01 - 00000000 ____D () C:\AdwCleaner
2014-09-19 11:36 - 2014-09-19 11:36 - 00000486 _____ () C:\mbam.txt
2014-09-18 21:36 - 2014-09-19 11:49 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 20:52 - 2014-09-18 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-18 20:52 - 2014-09-18 20:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-18 20:52 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-09-18 20:52 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-09-18 17:01 - 2014-09-18 17:01 - 00000000 ____D () C:\windows\Sun
2014-09-18 17:01 - 2014-09-18 17:01 - 00000000 ____D () C:\Users\Dorina Heller\4.0
2014-09-18 15:40 - 2014-09-18 15:40 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-18 15:40 - 2014-09-18 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-18 15:39 - 2014-09-18 15:40 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-18 15:39 - 2014-09-18 15:40 - 00000000 ____D () C:\Program Files\iTunes
2014-09-18 15:39 - 2014-09-18 15:40 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-18 15:39 - 2014-09-18 15:39 - 00000000 ____D () C:\Program Files\iPod
2014-09-18 13:59 - 2014-09-18 13:59 - 00040843 _____ () C:\ComboFix.txt
2014-09-18 12:47 - 2014-09-18 13:59 - 00000000 ____D () C:\Qoobox
2014-09-18 12:47 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-09-18 12:47 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-09-18 12:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-09-18 12:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-09-18 12:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-09-18 12:47 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-09-18 12:47 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-09-18 12:47 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-09-18 12:45 - 2014-09-18 13:58 - 00000000 ____D () C:\windows\erdnt
2014-09-16 23:31 - 2014-09-16 23:31 - 00347816 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\MicrosoftFixit.dvd.MATSKB.Run (1).exe
2014-09-16 23:05 - 2014-09-16 23:05 - 00347816 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-09-16 23:04 - 2014-09-16 23:04 - 00638243 _____ () C:\Users\Dorina Heller\Downloads\CDDVDWin8.meta.diagcab
2014-09-16 22:08 - 2014-09-16 22:09 - 00000000 ____D () C:\Users\Dorina Heller\.tfo4
2014-09-16 20:38 - 2014-09-16 20:38 - 00001275 _____ () C:\Users\Dorina Heller\Desktop\Revo Uninstaller.lnk
2014-09-16 20:38 - 2014-09-16 20:38 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-14 10:13 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-09-14 10:13 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-09-14 10:13 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-09-14 10:13 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-09-14 10:13 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-09-14 10:13 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-09-14 10:13 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-09-14 10:13 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-09-14 10:13 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-09-14 10:13 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-09-14 10:13 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-09-14 10:13 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-09-14 10:13 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-09-14 10:13 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-09-14 10:13 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-09-14 10:13 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-09-14 10:13 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-09-14 10:13 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-09-14 10:13 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-09-14 10:13 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-09-14 10:13 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-09-14 10:13 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-09-14 10:13 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-09-14 10:13 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 10:13 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-09-14 10:13 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-09-14 10:13 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-09-14 10:13 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-09-14 10:13 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-09-14 10:13 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-09-14 10:13 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-09-14 10:13 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-09-14 10:13 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-09-14 10:13 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-09-14 10:13 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-09-14 10:13 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-09-14 10:13 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-09-14 10:13 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-09-14 10:13 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-09-14 10:13 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-09-14 10:13 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-09-14 10:13 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 10:13 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-09-14 10:13 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-09-14 10:13 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-09-14 10:13 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-09-14 10:13 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-09-14 10:13 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-09-14 10:13 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-09-14 10:13 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-09-14 10:13 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-09-14 10:13 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-09-14 10:13 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-09-14 10:13 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-09-14 10:13 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-09-14 10:13 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-09-14 10:12 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2014-09-14 10:12 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2014-09-13 16:13 - 2014-09-19 12:01 - 00000000 ____D () C:\FRST
2014-09-13 16:11 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-13 16:11 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-09-13 15:56 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-09-13 15:56 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-09-13 15:55 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-09-13 15:55 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-09-13 15:55 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-09-13 15:55 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-09-13 15:55 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-09-13 15:30 - 2014-09-13 15:30 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-11 20:38 - 2014-09-11 20:38 - 00266288 _____ () C:\windows\Minidump\091114-51074-01.dmp
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\0fa2b777dcf5c166eeabf07571bbfc44
2014-09-10 11:34 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2014-09-10 11:34 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2014-08-28 12:27 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-28 12:27 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-28 12:27 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-27 14:25 - 2014-08-27 14:25 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{F68BB0CC-8E97-411E-ADC9-B76F2851EBC6}
2014-08-25 15:28 - 2014-08-25 15:28 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{EA2B0657-401B-4D0C-B581-5AD576911003}
2014-08-20 18:08 - 2014-08-20 18:09 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Anki

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 12:01 - 2014-09-19 12:01 - 00001391 _____ () C:\Users\Dorina Heller\Desktop\JRT.txt
2014-09-19 12:01 - 2014-09-19 11:38 - 00000000 ____D () C:\AdwCleaner
2014-09-19 12:01 - 2014-09-13 16:13 - 00000000 ____D () C:\FRST
2014-09-19 11:57 - 2012-09-09 17:32 - 01523658 _____ () C:\windows\WindowsUpdate.log
2014-09-19 11:56 - 2009-07-14 06:45 - 00025120 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-19 11:56 - 2009-07-14 06:45 - 00025120 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-19 11:54 - 2014-09-19 11:54 - 00000000 ____D () C:\windows\ERUNT
2014-09-19 11:49 - 2014-09-18 21:36 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-19 11:49 - 2012-09-09 23:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 11:46 - 2013-01-21 18:37 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 11:45 - 2010-11-21 05:47 - 00520360 _____ () C:\windows\PFRO.log
2014-09-19 11:45 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-09-19 11:45 - 2009-07-14 06:51 - 00085829 _____ () C:\windows\setupact.log
2014-09-19 11:43 - 2013-01-21 18:37 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 11:41 - 2014-09-19 11:41 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 11:36 - 2014-09-19 11:36 - 00000486 _____ () C:\mbam.txt
2014-09-19 11:30 - 2013-10-24 12:14 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 00:22 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\IME
2014-09-18 21:58 - 2012-10-01 18:54 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\GameCenter
2014-09-18 21:40 - 2011-02-11 10:21 - 00699682 _____ () C:\windows\system32\perfh007.dat
2014-09-18 21:40 - 2011-02-11 10:21 - 00149790 _____ () C:\windows\system32\perfc007.dat
2014-09-18 21:40 - 2009-07-14 07:13 - 01620684 _____ () C:\windows\system32\PerfStringBackup.INI
2014-09-18 20:53 - 2012-09-09 19:31 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Malwarebytes
2014-09-18 20:53 - 2012-09-09 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-18 20:52 - 2014-09-18 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-18 20:52 - 2014-09-18 20:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-18 20:52 - 2012-09-09 19:31 - 00001073 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-18 18:54 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Bewerbungen
2014-09-18 17:01 - 2014-09-18 17:01 - 00000000 ____D () C:\windows\Sun
2014-09-18 17:01 - 2014-09-18 17:01 - 00000000 ____D () C:\Users\Dorina Heller\4.0
2014-09-18 17:01 - 2012-09-09 18:20 - 00000000 ____D () C:\Users\Dorina Heller
2014-09-18 16:09 - 2012-09-09 18:27 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\Toshiba
2014-09-18 15:40 - 2014-09-18 15:40 - 00001754 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-18 15:40 - 2014-09-18 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-18 15:40 - 2014-09-18 15:39 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-18 15:40 - 2014-09-18 15:39 - 00000000 ____D () C:\Program Files\iTunes
2014-09-18 15:40 - 2014-09-18 15:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-18 15:39 - 2014-09-18 15:39 - 00000000 ____D () C:\Program Files\iPod
2014-09-18 15:36 - 2012-09-10 22:03 - 00000000 ____D () C:\ProgramData\Apple
2014-09-18 13:59 - 2014-09-18 13:59 - 00040843 _____ () C:\ComboFix.txt
2014-09-18 13:59 - 2014-09-18 12:47 - 00000000 ____D () C:\Qoobox
2014-09-18 13:59 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-18 13:58 - 2014-09-18 12:45 - 00000000 ____D () C:\windows\erdnt
2014-09-18 13:56 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini
2014-09-18 12:42 - 2013-12-22 16:33 - 00003990 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{174F0087-2257-44CC-8E99-A8AAB004518F}
2014-09-18 12:41 - 2011-05-25 21:33 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-18 12:35 - 2011-05-25 21:33 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-09-18 12:19 - 2013-07-19 09:28 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\HE Verlag
2014-09-18 12:19 - 2013-07-19 09:27 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\Hubert_Ebner_Verlags_GmbH
2014-09-16 23:31 - 2014-09-16 23:31 - 00347816 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\MicrosoftFixit.dvd.MATSKB.Run (1).exe
2014-09-16 23:05 - 2014-09-16 23:05 - 00347816 _____ (Microsoft Corporation) C:\Users\Dorina Heller\Downloads\MicrosoftFixit.dvd.MATSKB.Run.exe
2014-09-16 23:04 - 2014-09-16 23:04 - 00638243 _____ () C:\Users\Dorina Heller\Downloads\CDDVDWin8.meta.diagcab
2014-09-16 22:48 - 2012-09-09 18:29 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Toshiba
2014-09-16 22:09 - 2014-09-16 22:08 - 00000000 ____D () C:\Users\Dorina Heller\.tfo4
2014-09-16 22:05 - 2012-09-09 20:10 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Gedanken
2014-09-16 21:49 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-16 21:46 - 2011-05-25 21:18 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-16 21:12 - 2012-09-09 20:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-16 20:38 - 2014-09-16 20:38 - 00001275 _____ () C:\Users\Dorina Heller\Desktop\Revo Uninstaller.lnk
2014-09-16 20:38 - 2014-09-16 20:38 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-16 14:37 - 2013-12-21 20:22 - 00000217 _____ () C:\Users\Dorina Heller\AppData\Roaming\WB.CFG
2014-09-14 15:50 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-09-14 10:11 - 2014-05-07 02:07 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-09-13 15:31 - 2014-03-24 12:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-13 15:30 - 2014-09-13 15:30 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-13 15:30 - 2014-03-24 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-13 13:57 - 2014-02-22 12:26 - 00031232 ___SH () C:\Users\Dorina Heller\Documents\Thumbs.db
2014-09-12 20:49 - 2013-01-21 19:03 - 00002186 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-12 10:16 - 2012-09-09 20:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 10:15 - 2014-02-26 03:38 - 01594964 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-09-12 10:13 - 2013-08-16 00:11 - 00000000 ____D () C:\windows\system32\MRT
2014-09-12 09:55 - 2012-09-09 20:04 - 101694776 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-09-12 05:41 - 2011-05-25 21:26 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-09-12 05:41 - 2011-05-25 20:58 - 00000000 ____D () C:\Program Files (x86)\Toshiba TEMPRO
2014-09-12 05:41 - 2011-05-25 20:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2014-09-12 05:41 - 2011-05-25 20:49 - 00000000 ____D () C:\Program Files\PlayReady
2014-09-12 05:41 - 2011-02-11 10:20 - 00000000 ____D () C:\windows\SysWOW64\de
2014-09-12 05:41 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-12 05:41 - 2010-11-21 09:06 - 00000000 ____D () C:\windows\SysWOW64\sysprep
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-09-12 05:41 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\uk-UA
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\th-TH
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sr-Latn-CS
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sppui
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sl-SI
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\sk-SK
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Setup
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ro-RO
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Recovery
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ras
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\oobe
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\migwiz
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\manifeststore
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\lv-LV
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\lt-LT
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\InstallShield
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\icsxml
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\hr-HR
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\he-IL
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\et-EE
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\com
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\bg-BG
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\ar-SA
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\AdvancedInstallers
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\migwiz
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\servicing
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\L2Schemas
2014-09-12 05:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-12 05:38 - 2012-09-09 18:05 - 00000000 ____D () C:\windows\SysWOW64\Macromed
2014-09-12 05:38 - 2012-09-09 17:55 - 00000000 ____D () C:\windows\SysWOW64\SDA
2014-09-12 05:38 - 2012-09-09 17:47 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-09-12 05:38 - 2012-09-09 17:43 - 00000000 ____D () C:\windows\SysWOW64\Microsoft.VC80.MFC
2014-09-12 05:38 - 2012-09-09 17:42 - 00000000 ____D () C:\windows\SysWOW64\NV
2014-09-12 05:37 - 2012-09-11 20:07 - 00000000 ____D () C:\windows\system32\Macromed
2014-09-12 05:37 - 2012-09-10 22:03 - 00000000 ____D () C:\windows\System32\Tasks\Apple
2014-09-12 05:37 - 2012-09-09 20:33 - 00000000 ____D () C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-12 05:37 - 2011-02-11 10:20 - 00000000 ____D () C:\windows\system32\de
2014-09-12 05:37 - 2009-07-14 07:32 - 00000000 ____D () C:\windows\system32\restore
2014-09-12 05:37 - 2009-07-14 07:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2014-09-12 05:37 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-09-12 05:36 - 2010-11-21 09:16 - 00000000 ____D () C:\windows\ShellNew
2014-09-12 05:35 - 2014-06-07 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-09-12 05:35 - 2014-03-18 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter
2014-09-12 05:35 - 2014-03-16 12:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-12 05:35 - 2014-01-02 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-09-12 05:35 - 2013-11-13 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-12 05:35 - 2013-03-16 18:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-12 05:35 - 2013-01-21 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-12 05:35 - 2012-11-15 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-09-12 05:35 - 2012-09-09 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-12 05:35 - 2012-09-09 20:10 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Coeurier
2014-09-12 05:35 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Artikel_Reports_Letters_Family
2014-09-12 05:35 - 2012-09-09 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay
2014-09-12 05:35 - 2012-09-09 18:20 - 00000000 ___RD () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:35 - 2012-09-09 18:20 - 00000000 ___RD () C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:35 - 2012-09-09 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA VIDEO PLAYER
2014-09-12 05:35 - 2012-09-09 17:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-12 05:35 - 2012-09-09 17:40 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-12 05:35 - 2011-05-25 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Service
2014-09-12 05:34 - 2014-06-07 15:27 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-09-12 05:34 - 2014-01-02 17:08 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-09-12 05:34 - 2013-06-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-12 05:34 - 2013-03-16 18:49 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-12 05:34 - 2012-10-01 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\GameCenter
2014-09-12 05:34 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files\Bonjour
2014-09-12 05:34 - 2012-09-10 21:06 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-09-12 05:34 - 2012-09-09 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2014-09-12 05:34 - 2012-09-09 18:27 - 00000000 ____D () C:\Program Files\Amazon
2014-09-12 05:34 - 2012-09-09 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel
2014-09-12 05:33 - 2013-03-16 18:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-12 05:33 - 2012-09-09 19:09 - 00000000 ____D () C:\Program Files (x86)\Panda USB Vaccine
2014-09-12 05:33 - 2011-05-25 20:57 - 00000000 ____D () C:\Program Files (x86)\Photo-Service
2014-09-12 05:32 - 2014-05-11 22:46 - 00000000 ____D () C:\Program Files (x86)\Anki
2014-09-12 05:32 - 2014-03-18 18:14 - 00000000 ____D () C:\Program Files (x86)\InstallConverter
2014-09-12 05:32 - 2013-06-07 14:23 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-12 05:32 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-09-12 05:32 - 2012-09-10 22:03 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-09-12 05:32 - 2012-09-09 19:08 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-09-12 05:32 - 2012-09-09 18:26 - 00000000 ____D () C:\Program Files (x86)\eBay
2014-09-12 05:20 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\registration
2014-09-12 04:57 - 2014-03-24 12:05 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-11 22:30 - 2013-10-24 12:14 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-09-11 22:30 - 2012-09-11 20:07 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-09-11 22:30 - 2012-09-11 20:07 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-11 20:38 - 2014-09-11 20:38 - 00266288 _____ () C:\windows\Minidump\091114-51074-01.dmp
2014-09-11 20:38 - 2014-04-13 20:30 - 00000000 ____D () C:\windows\Minidump
2014-09-11 20:37 - 2014-04-13 20:29 - 878928776 _____ () C:\windows\MEMORY.DMP
2014-09-11 16:51 - 2014-09-11 16:51 - 00000000 ____D () C:\0fa2b777dcf5c166eeabf07571bbfc44
2014-09-05 14:52 - 2014-05-17 00:50 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\Windows Live
2014-09-05 04:10 - 2014-09-13 16:11 - 00578048 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-13 16:11 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-30 19:21 - 2013-09-30 21:01 - 00000000 ____D () C:\Users\Dorina Heller\Documents\1_SOAS
2014-08-29 10:42 - 2009-07-14 06:45 - 00341344 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-28 00:23 - 2013-10-12 12:34 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Roaming\Skype
2014-08-27 14:25 - 2014-08-27 14:25 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{F68BB0CC-8E97-411E-ADC9-B76F2851EBC6}
2014-08-27 14:23 - 2012-09-09 20:00 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Bilder
2014-08-25 15:28 - 2014-08-25 15:28 - 00000000 ____D () C:\Users\Dorina Heller\AppData\Local\{EA2B0657-401B-4D0C-B581-5AD576911003}
2014-08-25 15:23 - 2011-05-25 21:21 - 00000925 _____ () C:\windows\DirectX.log
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-08-23 04:07 - 2014-08-28 12:27 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 12:27 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 12:27 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-20 18:09 - 2014-08-20 18:08 - 00000000 ____D () C:\Users\Dorina Heller\Documents\Anki

Some content of TEMP:
====================
C:\Users\Dorina Heller\AppData\Local\Temp\avgnt.exe
C:\Users\Dorina Heller\AppData\Local\Temp\FileSystemView.dll
C:\Users\Dorina Heller\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 18:50

==================== End Of Log ============================
--- --- ---


JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.7 (09.18.2014:2)
OS: Windows 7 Home Premium x64
Ran by Dorina Heller on 19.09.2014 at 11:54:34,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-176568798-3075008774-576170976-1002\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-176568798-3075008774-576170976-1002\Software\wajam
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1D303A1D-70FD-45BE-85A4-202D8A512A15}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Dorina Heller\AppData\Roaming\mozilla\firefox\profiles\pyzl8dpa.default\minidumps [84 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.09.2014 at 12:01:00,38
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---
Alt 19.09.2014, 11:24   #13
marlen101
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Code:
ATTFilter
2014/09/18 21:38:02 +0200 mbam-log-2014-09-18 (21-36-53).xml yes  2.00.2.1012 v2014.09.18.08 v2014.09.18.01 trial enabled enabled disabled  Windows 7 Service Pack 1 x64 Dorina Heller NTFS  threat completed 375846 1082 1 0 182 6 4 91 359 0  enabled enabled enabled enabled disabled disabled enabled warn enabled  C:\ProgramData\Websteroids\up\2.6.80\WebsteroidsService.exePUP.Optional.Websteroids.Adelete-on-reboot2520e0409c532259261017d4e5a89b66e917 HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WebsteroidsPUP.Optional.Websteroids.Asuccesse0409c532259261017d4e5a89b66e917 HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dealplylivePUP.Optional.DealPly.Asuccess8f919659512ab680cda03af3db268878 HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dealplylivemPUP.Optional.DealPly.Asuccess8f919659512ab680cda03af3db268878 HKLM\SOFTWARE\CLASSES\APPID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}PUP.Optional.DealPly.Asuccessd947876893e860d6419419a837cbaa56 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvcPUP.Optional.DealPly.Asuccessd947876893e860d6419419a837cbaa56 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0PUP.Optional.DealPly.Asuccessd947876893e860d6419419a837cbaa56 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvcPUP.Optional.DealPly.Asuccessd947876893e860d6419419a837cbaa56 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0PUP.Optional.DealPly.Asuccessd947876893e860d6419419a837cbaa56 HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}PUP.Optional.DealPly.Asuccessd947876893e860d6419419a837cbaa56 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}PUP.Optional.DealPly.Asuccessd947876893e860d6419419a837cbaa56 HKLM\SOFTWARE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}PUP.Optional.MixiDJToolbar.Asuccessa17fbc33fb80d5613e76c6fbd32f14ec HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2773ED4-83BD-488A-A186-73590706C916}PUP.Optional.MixiDJToolbar.Asuccessa17fbc33fb80d5613e76c6fbd32f14ec HKLM\SOFTWARE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}PUP.Optional.SaveSense.Asuccess35eb69866813b383f55f632a28daa65a HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvcPUP.Optional.SaveSense.Asuccess35eb69866813b383f55f632a28daa65a HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0PUP.Optional.SaveSense.Asuccess35eb69866813b383f55f632a28daa65a HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvcPUP.Optional.SaveSense.Asuccess35eb69866813b383f55f632a28daa65a HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0PUP.Optional.SaveSense.Asuccess35eb69866813b383f55f632a28daa65a HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}PUP.Optional.SaveSense.Asuccess35eb69866813b383f55f632a28daa65a HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}PUP.Optional.SaveSense.Asuccess35eb69866813b383f55f632a28daa65a HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}PUP.Optional.Delta.Asuccess29f7648b94e744f280faa819d0321fe1 HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}PUP.Optional.Delta.Asuccess29f7648b94e744f280faa819d0321fe1 HKLM\SOFTWARE\CLASSES\APPID\{F48FC5B2-094A-44C7-B48C-289738C9582D}PUP.Optional.DealPly.Asuccessd34d8d629cdf56e007cf675ad32fd22e HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3COMClassServicePUP.Optional.DealPly.Asuccessd34d8d629cdf56e007cf675ad32fd22e HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3COMClassService.1.0PUP.Optional.DealPly.Asuccessd34d8d629cdf56e007cf675ad32fd22e HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3COMClassServicePUP.Optional.DealPly.Asuccessd34d8d629cdf56e007cf675ad32fd22e HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3COMClassService.1.0PUP.Optional.DealPly.Asuccessd34d8d629cdf56e007cf675ad32fd22e HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{F48FC5B2-094A-44C7-B48C-289738C9582D}PUP.Optional.DealPly.Asuccessd34d8d629cdf56e007cf675ad32fd22e HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}PUP.Optional.DealPly.Asuccessd34d8d629cdf56e007cf675ad32fd22e HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}PUP.Optional.WebSteroids.Asuccessf62a17d854273bfb8bca92fb778b07f9 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}PUP.Optional.WebSteroids.Asuccessf62a17d854273bfb8bca92fb778b07f9 HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}PUP.Optional.DynConIE.Asuccessbd6344ab7308092d44e07a13837f03fd HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}PUP.Optional.DynConIE.Asuccessbd6344ab7308092d44e07a13837f03fd HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0f21b1e5-5afc-43c9-9c66-515046e92ec2}PUP.Optional.SaveSensesuccess66ba78776516a294e612c3008c76b050 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0F21B1E5-5AFC-43C9-9C66-515046E92EC2}PUP.Optional.SaveSensesuccess66ba78776516a294e612c3008c76b050 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}PUP.Optional.DealPly.Asuccess41df38b753284de96c6bdae76b97f20e HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0PUP.Optional.DealPly.Asuccess41df38b753284de96c6bdae76b97f20e HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallbackPUP.Optional.DealPly.Asuccess41df38b753284de96c6bdae76b97f20e HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallbackPUP.Optional.DealPly.Asuccess41df38b753284de96c6bdae76b97f20e HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0PUP.Optional.DealPly.Asuccess41df38b753284de96c6bdae76b97f20e HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}PUP.Optional.DealPly.Asuccess1d03fdf29ae1de58f5e3ad142ad8a759 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachine.1.0PUP.Optional.DealPly.Asuccess1d03fdf29ae1de58f5e3ad142ad8a759 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachinePUP.Optional.DealPly.Asuccess1d03fdf29ae1de58f5e3ad142ad8a759 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachinePUP.Optional.DealPly.Asuccess1d03fdf29ae1de58f5e3ad142ad8a759 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachine.1.0PUP.Optional.DealPly.Asuccess1d03fdf29ae1de58f5e3ad142ad8a759 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}PUP.Optional.DealPly.Asuccess10109d52146793a37e5b6061a55d22de HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoCreateAsync.1.0PUP.Optional.DealPly.Asuccess10109d52146793a37e5b6061a55d22de HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoCreateAsyncPUP.Optional.DealPly.Asuccess10109d52146793a37e5b6061a55d22de HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoCreateAsyncPUP.Optional.DealPly.Asuccess10109d52146793a37e5b6061a55d22de HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoCreateAsync.1.0PUP.Optional.DealPly.Asuccess10109d52146793a37e5b6061a55d22de HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}PUP.Optional.DealPly.Asuccessda467b7499e2a690409a0bb6a260e21e HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallback.1.0PUP.Optional.DealPly.Asuccessda467b7499e2a690409a0bb6a260e21e HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallbackPUP.Optional.DealPly.Asuccessda467b7499e2a690409a0bb6a260e21e HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallbackPUP.Optional.DealPly.Asuccessda467b7499e2a690409a0bb6a260e21e HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallback.1.0PUP.Optional.DealPly.Asuccessda467b7499e2a690409a0bb6a260e21e HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}PUP.Optional.DealPly.Asuccess7ca4f5facab184b2defd229f649ebf41 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreMachineClass.1PUP.Optional.DealPly.Asuccess7ca4f5facab184b2defd229f649ebf41 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreMachineClassPUP.Optional.DealPly.Asuccess7ca4f5facab184b2defd229f649ebf41 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreMachineClassPUP.Optional.DealPly.Asuccess7ca4f5facab184b2defd229f649ebf41 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreMachineClass.1PUP.Optional.DealPly.Asuccess7ca4f5facab184b2defd229f649ebf41 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}PUP.Optional.DealPly.Asuccess63bd0be4b3c85dd9627a873a2fd3f907 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.ProcessLauncher.1.0PUP.Optional.DealPly.Asuccess63bd0be4b3c85dd9627a873a2fd3f907 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.ProcessLauncherPUP.Optional.DealPly.Asuccess63bd0be4b3c85dd9627a873a2fd3f907 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.ProcessLauncherPUP.Optional.DealPly.Asuccess63bd0be4b3c85dd9627a873a2fd3f907 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.ProcessLauncher.1.0PUP.Optional.DealPly.Asuccess63bd0be4b3c85dd9627a873a2fd3f907 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}PUP.Optional.DealPly.Asuccess24fcac43512a142229b4477a768c40c0 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0PUP.Optional.DealPly.Asuccess24fcac43512a142229b4477a768c40c0 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachinePUP.Optional.DealPly.Asuccess24fcac43512a142229b4477a768c40c0 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachinePUP.Optional.DealPly.Asuccess24fcac43512a142229b4477a768c40c0 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0PUP.Optional.DealPly.Asuccess24fcac43512a142229b4477a768c40c0 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}PUP.Optional.DealPly.Asuccess3be513dc700bda5cd00ea61bc53d0df3 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}PUP.Optional.DealPly.Asuccess3be513dc700bda5cd00ea61bc53d0df3 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}PUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}PUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 HKLM\SOFTWARE\CLASSES\DealPlyLive.OneClickCtrl.9PUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.OneClickCtrl.9PUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}PUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}PUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 HKLM\SOFTWARE\CLASSES\DealPlyLive.Update3WebControl.3PUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.Update3WebControl.3PUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}PUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}PUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}PUP.Optional.DealPly.Asuccess48d808e7f18a251115cbdae78082b24e HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}PUP.Optional.DealPly.Asuccess0d13ec03413a0234e477eea1a85a728e HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}PUP.Optional.DealPly.Asuccess0d13ec03413a0234e477eea1a85a728e HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}PUP.Optional.DealPly.Asuccess1b05955a82f915211cc5556c37cb30d0 HKLM\SOFTWARE\CLASSES\DealPlyLive.OneClickProcessLauncherMachine.1.0PUP.Optional.DealPly.Asuccess1b05955a82f915211cc5556c37cb30d0 HKLM\SOFTWARE\CLASSES\DealPlyLive.OneClickProcessLauncherMachinePUP.Optional.DealPly.Asuccess1b05955a82f915211cc5556c37cb30d0 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.OneClickProcessLauncherMachinePUP.Optional.DealPly.Asuccess1b05955a82f915211cc5556c37cb30d0 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.OneClickProcessLauncherMachine.1.0PUP.Optional.DealPly.Asuccess1b05955a82f915211cc5556c37cb30d0 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C536F080-57B7-46D6-8894-C647553F2889}PUP.Optional.DealPly.Asuccess1b05955a82f915211cc5556c37cb30d0 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}PUP.Optional.DealPly.Asuccess31ef17d8e59625118e54f7ca5aa8b050 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreClass.1PUP.Optional.DealPly.Asuccess31ef17d8e59625118e54f7ca5aa8b050 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreClassPUP.Optional.DealPly.Asuccess31ef17d8e59625118e54f7ca5aa8b050 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreClassPUP.Optional.DealPly.Asuccess31ef17d8e59625118e54f7ca5aa8b050 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreClass.1PUP.Optional.DealPly.Asuccess31ef17d8e59625118e54f7ca5aa8b050 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}PUP.Optional.DealPly.Asuccess110f3eb16f0c1323f7ec3091fa086b95 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebSvc.1.0PUP.Optional.DealPly.Asuccess110f3eb16f0c1323f7ec3091fa086b95 HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebSvcPUP.Optional.DealPly.Asuccess110f3eb16f0c1323f7ec3091fa086b95 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebSvcPUP.Optional.DealPly.Asuccess110f3eb16f0c1323f7ec3091fa086b95 HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebSvc.1.0PUP.Optional.DealPly.Asuccess110f3eb16f0c1323f7ec3091fa086b95 HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}PUP.Optional.DealPly.Asuccess76aa19d6c0bbf244d50fad14d929857b HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachine.1.0PUP.Optional.DealPly.Asuccess76aa19d6c0bbf244d50fad14d929857b HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachinePUP.Optional.DealPly.Asuccess76aa19d6c0bbf244d50fad14d929857b HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachinePUP.Optional.DealPly.Asuccess76aa19d6c0bbf244d50fad14d929857b HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachine.1.0PUP.Optional.DealPly.Asuccess76aa19d6c0bbf244d50fad14d929857b HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}PUP.Optional.Snapdo.Tsuccess7fa122cddd9e7bbb45ae9f25857de31d HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}PUP.Optional.Babylon.Asuccess3ae6a14ec4b70d290b013c4ce61cb050 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}PUP.Optional.Wajam.Asuccess6eb2c22db7c4ba7cd40d771733cf17e9 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}PUP.Optional.Wajam.Asuccess6eb2c22db7c4ba7cd40d771733cf17e9 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WebsteroidsPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickCtrl.9PUP.Optional.SaveSense.Asuccess3be55699611abb7bb0e8095327dd20e0 HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachinePUP.Optional.SaveSense.Asuccess130d9d52d5a6290dd7c176e6c93b4fb1 HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0PUP.Optional.SaveSense.Asuccess3ee213dcd2a9a195ff992f2dc242af51 HKLM\SOFTWARE\CLASSES\SaveSenseLive.Update3WebControl.3PUP.Optional.SaveSense.Asuccess58c805ea9be0b482cbcd70eca55f7e82 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsyncPUP.Optional.SaveSense.Asuccess0917ca25dba085b1ecac1b4120e4916f HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0PUP.Optional.SaveSense.Asuccess50d05a9580fb68ce8711baa2778da759 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClassPUP.Optional.SaveSense.Asuccess2cf442ad6417b284fc9c104c887c2dd3 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass.1PUP.Optional.SaveSense.Asuccess71afd31c1f5c57df99ff78e4e024b749 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClassPUP.Optional.SaveSense.Asuccess77a91dd2d7a41323ddbb5a0227dd41bf HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1PUP.Optional.SaveSense.Asuccess50d0b43b601bef47a2f675e70cf824dc HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachinePUP.Optional.SaveSense.Asuccesscf51925d4d2eb482554362fa6b9939c7 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0PUP.Optional.SaveSense.Asuccess918f797691ea4ee8d5c30f4d749046ba HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachinePUP.Optional.SaveSense.Asuccessa977925dfa81e94d4a4ed389da2a5ea2 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0PUP.Optional.SaveSense.Asuccessba661cd3a1dae84e2474dc807094a957 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallbackPUP.Optional.SaveSense.Asuccesse33dd916c1bab2846a2e362628dcec14 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0PUP.Optional.SaveSense.Asuccess1b053eb187f460d6128633299d67ef11 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncherPUP.Optional.SaveSense.Asuccesse040fef1b0cbf2449cfc81db55af14ec HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0PUP.Optional.SaveSense.Asuccess9987d7187704ae885b3d213ba95b7e82 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassServicePUP.Optional.SaveSense.Asuccess6bb5f1feb8c32f07e7b18dcf6a9aac54 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0PUP.Optional.SaveSense.Asuccesse23eb03fd4a75ed8d0c85903f311fb05 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachinePUP.Optional.SaveSense.Asuccessef31608f2d4e221498007be1659f08f8 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0PUP.Optional.SaveSense.Asuccess7ea27e71b9c25ed80791acb0ce3612ee HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallbackPUP.Optional.SaveSense.Asuccess120e7e71bbc0c96d6f29bd9fe02431cf HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0PUP.Optional.SaveSense.Asuccessbe6216d9c0bb69cd28703527c143f010 HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvcPUP.Optional.SaveSense.Asuccess54ccc629b6c539fdc7d1c498699b13ed HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0PUP.Optional.SaveSense.Asuccess6db35e91b2c974c2eaae64f8788c41bf HKLM\SOFTWARE\CLASSES\APPID\DealPlyLive.exePUP.Optional.DealPly.Asuccessbd63dd122a512115a1934c0306fe5fa1 HKLM\SOFTWARE\CLASSES\APPID\SaveSenseLive.exePUP.Optional.SaveSense.Asuccesscd53648b215af541e8af1b4128dccf31 HKLM\SOFTWARE\WOW6432NODE\DataMngrPUP.Optional.DataMangr.Asuccess0d13e30c7cff90a6d6e7ed2d8e7515eb HKLM\SOFTWARE\WOW6432NODE\DealPlyLivePUP.Optional.DealPly.Asuccessa080a946d1aafa3c54e10748e321e51b HKLM\SOFTWARE\WOW6432NODE\SaveSenseLivePUP.Optional.SaveSense.Asuccess40e0c8277ffc4fe70b92aab264a020e0 HKLM\SOFTWARE\WOW6432NODE\WajamPUP.Optional.Wajam.Asuccess52ce42ad2a5190a60e442345996be818 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickCtrl.9PUP.Optional.SaveSense.Asuccess40e030bffe7dc670c3d55b015fa5a759 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachinePUP.Optional.SaveSense.Asuccesscc5458978eedb2849bfdd8841be9b14f HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0PUP.Optional.SaveSense.Asuccessc060539ce3981224851387d56a9ac040 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.Update3WebControl.3PUP.Optional.SaveSense.Asuccess67b9faf567148aac7c1c2b314eb6c937 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsyncPUP.Optional.SaveSense.Asuccessa779e30c7a0171c5cfc90c5082826898 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0PUP.Optional.SaveSense.Asuccess839d25ca4536fd39ff99114b8480b749 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClassPUP.Optional.SaveSense.Asuccess9e8236b9314acc6a0791e07ced17d030 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass.1PUP.Optional.SaveSense.Asuccessfb2569865b20072f6236500c659f639d HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClassPUP.Optional.SaveSense.Asuccess849c21ceff7c59ddf4a4a3b97b896a96 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1PUP.Optional.SaveSense.Asuccessed33e6097ffcd2640f89de7e679daf51 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachinePUP.Optional.SaveSense.Asuccess8b953cb31863b383b0e81a42d92b21df HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0PUP.Optional.SaveSense.Asuccess021efff083f8e650ceca5507966e18e8 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachinePUP.Optional.SaveSense.Asuccessda4648a7097246f05840ce8e61a3d030 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0PUP.Optional.SaveSense.Asuccessd54b68878fec87afcace94c8e12357a9 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallbackPUP.Optional.SaveSense.Asuccess72aecd228cef43f3a4f4f56715ef38c8 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0PUP.Optional.SaveSense.Asuccessff211ed1b8c377bfadebaab2ae5618e8 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncherPUP.Optional.SaveSense.Asuccess22fe539ce39858de3167d98349bbec14 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0PUP.Optional.SaveSense.Asuccess2bf503ece794e650a7f1b7a55fa5a759 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassServicePUP.Optional.SaveSense.Asuccessa27e8b64ee8dab8b9bfd1646000439c7 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0PUP.Optional.SaveSense.Asuccess938d8768daa196a05c3c5b012bd9d927 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachinePUP.Optional.SaveSense.Asuccessaa764ba4f08bc5715e3ae8747193db25 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0PUP.Optional.SaveSense.Asuccess43ddc12ebdbef83eb4e4a6b6f60e13ed HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallbackPUP.Optional.SaveSense.Asuccessdd43ec032b5042f4287064f8a361b54b HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0PUP.Optional.SaveSense.Asuccess26fa628d9edd6acc6335a6b6000449b7 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvcPUP.Optional.SaveSense.Asuccessab7542adbac1f04624741448659f0df3 HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0PUP.Optional.SaveSense.Asuccess4fd126c97704b2845a3ece8e35cfb14f HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DealPlyLive.exePUP.Optional.DealPly.Asuccessf32de00fec8f37ff4ee6450a07fda25e HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\SaveSenseLive.exePUP.Optional.SaveSense.Asuccessc35d846bd3a8171f415633293bc99a66 HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\boipimhfjpakfgckhbljjengakjhkcbpPUP.Optional.Babylon.Asuccess23fd0ce3cab1b5819e1b59f550b4738d HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.dpliveupdate.com/DealPlyLive Update;version=3PUP.Optional.DealPly.Asuccess8b9512dd027989ad3ff82c23ad574db3 HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.dpliveupdate.com/DealPlyLive Update;version=9PUP.Optional.DealPly.Asuccesse63a0be4611a270f340366e926de2bd5 HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=3PUP.Optional.SaveSense.Asuccess40e027c80a7144f24358e874af5522de HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=9PUP.Optional.SaveSense.Asuccess57c9f2fd4a319f974259e577c73d5aa6 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_ToolbarPUP.Optional.DataMngr.Asuccess849c0fe01764b2849b1ca1ac37cdb44c HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPlyLivePUP.Optional.DealPly.Asuccess28f8ba35532844f243f6b59a679dc43c HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SaveSenseLivePUP.Optional.SaveSense.Asuccess041c00ef3a41e65095053c2027dd3bc5 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIEPUP.Optional.MultiIE.Asuccess041c648bfa81181e0048076405ff956b HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGongPUP.Optional.PriceGong.Asuccess51cfb33c42393402767e3cf5937015eb HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nikpibnbobmbdbheedjfogjlikpgpnhpPUP.Optional.DVDVideoSoftTB.Asuccesse7397a75f388cf67ba345aa8bf4432ce HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettingsPUP.Optional.BProtector.Asuccess9888618eb5c6d561a55ff35e1ee650b0 HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR{ae07101b-46d4-4a98-af68-0333ea26e113}PUP.Optional.SmartBarsuccessSmartbar0f11a54abbc0c86e7abe4db9699ac040 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR{ae07101b-46d4-4a98-af68-0333ea26e113}PUP.Optional.SmartBarsuccessSmartbarcf5120cfcfacba7ce35554b2a95a2ed2 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINbProtector Start PagePUP.BProtectorsuccesshxxp://www.searchgol.com/?babsrc=HP_ss_Btisdt7&mntrId=66DE3E659DB18485&affID=121136&tsp=5007fb2530bf0378ea4c03b68bc23cc8d12f HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPESDefaultScopePUP.Optional.Snapdo.Tsuccess{006ee092-9658-4fd6-bd8e-a21a348e59f5}f0306c83bac1d16554b554bcce35a060 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPESbProtectorDefaultScopePUP.BProtectorsuccess{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}27f903ec58230c2acaf086c733d1af51 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}PUP.Optional.Wajam.AsuccessC:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpid749a54a90eb1323cf4823fb62a14fb1 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINStart PagePUP.Optional.HelperBar.Areplacedhxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvSzskxzK-t_laIfxmmQQJE6HcPMfUbtU1Pea_RvYvMbFVRc-XaA445ql7pq-2MMM,hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvSzskxzK-t_laIfxmmQQJE6HcPMfUbtU1Pea_RvYvMbFVRc-XaA445ql7pq-2MMM,www.google.com29f7c22d5c1f3501403eb248ab59ee12 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHDefault_Search_URLPUP.Optional.HelperBar.Areplacedhxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}www.google.coma878ad42136857dfb0cf12e8a65ecc34 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSearchAssistantPUP.Optional.HelperBar.Areplacedhxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}www.google.com79a74ca35e1d26105f2136c428dc8f71 HKU\S-1-5-21-176568798-3075008774-576170976-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURLDefaultPUP.Optional.HelperBar.Areplacedhxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbHdKIqgRJyMidKuvnhDCuxhZjwitu2603iO2DKHysZ18XIslEo5bv_LOVevYn7fL57TZLxsHF8kqrE25Iikll3lGgS4kDXCtM55Mp_zNMIJ4jlfWNZvR0DbOtwMNabrWx5yxAPalXQKgMW2V2hfyDXY7poNiuI9vYCroFmsdwuBgYhmWwQ,&q={searchTerms}www.google.com61bf42adb5c6db5bb6c54eac0ef634cc C:\Users\Dorina Heller\AppData\Local\WebsteroidsPUP.Optional.Websteroids.Asuccessfb2513dc017a81b5c087cd53f2119868 C:\ProgramData\WebsteroidsPUP.Optional.Websteroids.Adelete-on-reboot71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\upPUP.Optional.Websteroids.Adelete-on-reboot71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\up\2.6.80PUP.Optional.Websteroids.Adelete-on-reboot71aff0ff62192c0a45f00e2b5fa4e719 C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPlyPUP.OPtional.Dealply.Asuccess8e92dc1395e6d85efa358fbe0ff5e51b C:\ProgramData\DealPlyLivePUP.Optional.DealPly.Asuccessf927529d8fec7bbb7a309a3a48ba28d8 C:\ProgramData\DealPlyLive\UpdatePUP.Optional.DealPly.Asuccessf927529d8fec7bbb7a309a3a48ba28d8 C:\ProgramData\DealPlyLive\Update\LogPUP.Optional.DealPly.Asuccessf927529d8fec7bbb7a309a3a48ba28d8 C:\Users\Dorina Heller\AppData\Roaming\DealplyPUP.Optional.DealPly.Asuccesscf51f4fb2b5091a5e0cb53816d95f808 C:\Users\Dorina Heller\AppData\Roaming\Dealply\UpdateProcPUP.Optional.DealPly.Asuccesscf51f4fb2b5091a5e0cb53816d95f808 C:\Program Files (x86)\DealPlyLivePUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\CrashReportsPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\UpdatePUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0PUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\DownloadPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\InstallPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\OfflinePUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\Offline\{A33A74E7-7598-470F-8254-4B128D6EE6E0}PUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Users\Dorina Heller\AppData\Roaming\OpenCandyPUP.Optional.OpenCandysuccess78a8b7382b501d197968fadaa55de020 C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\040188721B6D41E08B5DE8DEBC26B52CPUP.Optional.OpenCandysuccess78a8b7382b501d197968fadaa55de020 C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\0A20EE696E154A5894AD9886193F88A2PUP.Optional.OpenCandysuccess78a8b7382b501d197968fadaa55de020 C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\7D98AF312EFE4DE5B52DF654C88965CFPUP.Optional.OpenCandysuccess78a8b7382b501d197968fadaa55de020 C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\C41ACA3AE40E49C1B7F1D6422A64123BPUP.Optional.OpenCandysuccess78a8b7382b501d197968fadaa55de020 C:\Users\Dorina Heller\AppData\Local\DealPlyLivePUP.Optional.DealPly.Asuccessdd43e90616659c9af906a43091715ea2 C:\Users\Dorina Heller\AppData\Local\DealPlyLive\CrashReportsPUP.Optional.DealPly.Asuccessdd43e90616659c9af906a43091715ea2 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgfPUP.Optional.DealPly.Asuccess9987737cc1ba82b4cf953b9a55ad619f C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0PUP.Optional.DealPly.Asuccess9987737cc1ba82b4cf953b9a55ad619f C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\imagesPUP.Optional.DealPly.Asuccess9987737cc1ba82b4cf953b9a55ad619f C:\Users\Dorina Heller\AppData\Local\SaveSenseLivePUP.Optional.SaveSense.Asuccess65bbea051e5deb4b75d4ce08986a0000 C:\Users\Dorina Heller\AppData\Local\SaveSenseLive\CrashReportsPUP.Optional.SaveSense.Asuccess65bbea051e5deb4b75d4ce08986a0000 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfkPUP.Optional.SaveSense.Asuccess4cd419d67ffcbb7b1870fbdbb052e21e C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0PUP.Optional.SaveSense.Asuccess4cd419d67ffcbb7b1870fbdbb052e21e C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\imagesPUP.Optional.SaveSense.Asuccess4cd419d67ffcbb7b1870fbdbb052e21e C:\Users\Dorina Heller\AppData\LocalLow\PriceGongPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\DataPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}PUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\chromePUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\chrome\contentPUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\chrome\content\imagesPUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\defaultsPUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\defaults\preferencesPUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}PUP.Optional.SaveSense.Asuccess110f18d7abd006306240bb1f679b8f71 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\contentPUP.Optional.SaveSense.Asuccess110f18d7abd006306240bb1f679b8f71 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\content\imagesPUP.Optional.SaveSense.Asuccess110f18d7abd006306240bb1f679b8f71 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\defaultsPUP.Optional.SaveSense.Asuccess110f18d7abd006306240bb1f679b8f71 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\defaults\preferencesPUP.Optional.SaveSense.Asuccess110f18d7abd006306240bb1f679b8f71 C:\Program Files (x86)\SearchProtect49141188PUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\MainPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\binPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\LogsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\repPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\SearchProtectPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\SearchProtect\binPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\SearchProtect\LogsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\SearchProtect\repPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UIPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\binPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\bubblePUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\ImagesPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\libsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\protectionPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\protectionDSPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\settingsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\uninstallPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\repPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}PUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\contentPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\defaultsPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\defaults\preferencesPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\META-INFPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Local\onlysearchPUP.Optional.OnlySearchsuccess98887f7089f2d85e495a5aa19969e41c C:\Users\Dorina Heller\AppData\Local\onlysearch\onlysearchPUP.Optional.OnlySearchsuccess98887f7089f2d85e495a5aa19969e41c C:\Users\Dorina Heller\AppData\Local\onlysearch\onlysearch\1.3.12.9PUP.Optional.OnlySearchsuccess98887f7089f2d85e495a5aa19969e41c C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhpPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1PUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\imagesPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_localesPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\dePUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\enPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\esPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\frPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\itPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\jaPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\nlPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\plPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\ptPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\ruPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\trPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\zh_CNPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\zh_TWPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\ProgramData\Websteroids\up\2.6.80\WebsteroidsService.exePUP.Optional.Websteroids.Adelete-on-reboote0409c532259261017d4e5a89b66e917 C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exePUP.Optional.DealPly.Asuccess8f919659512ab680cda03af3db268878 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dllPUP.Optional.DealPly.Asuccess3be513dc700bda5cd00ea61bc53d0df3 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dllPUP.Optional.DealPly.Asuccessa37dbf30d7a454e2f3eca021e41eee12 C:\ProgramData\Websteroids\Websteroids.exePUP.Optional.MultiExtension.Asuccess51cf7d72205b10263a71c7c4dc25dd23 C:\ProgramData\Websteroids\Websteroids64.exePUP.Optional.Websteroids.Asuccessce52d11ee893072f23c8a9e412ef43bd C:\ProgramData\Websteroids\WebsteroidsService.exePUP.Optional.Websteroids.Asuccess2cf432bd601bc571b13a1974f809b848 C:\Users\Dorina Heller\AppData\Roaming\GameCenter\uninstall.exePUP.Optional.GoForFiles.Asuccess9a86dc13f289f640ace0d05bd62bb44c C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\040188721B6D41E08B5DE8DEBC26B52C\WS_p4v2_2CB2.exePUP.Optional.Amonetizesuccess7ca4618ee695c96d9ac1447b9e667f81 C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\0A20EE696E154A5894AD9886193F88A2\mconduitinstaller.exePUP.Optional.Conduit.Asuccess120e509fcfac2e088b4e71adae525fa1 C:\Program Files (x86)\Optimizer Pro\OptProReminder.exePUP.Optional.OptimizerProsuccessaf7158979be0f73ffe6003356f92b749 C:\Program Files (x86)\Optimizer Pro\OptProSchedule.exePUP.Optional.OptimizerProsuccess65bb6e817803bb7bc798e058a160da26 C:\Windows\SysWOW64\Websteroids.B324755F3F87.2.6.80.dllPUP.Optional.ZombieAlert.Asuccess7ca44fa0512a280edeb713c720e4c43c C:\Windows\SysWOW64\Websteroids.B324755F3F87.dllAdware.SaMonsuccess98881cd3017a0234c4b0c2b4f40d49b7 C:\Users\Dorina Heller\Downloads\ad_johannem_de_columna_petrarca_deambulabamus_romae_soli_übersetzung_downloader.exePUP.Optional.GoForFiles.Asuccess36eaa8474d2ecf677913cd5e44bd956b C:\Users\Dorina Heller\Downloads\cbsidlm-tr1_15-Efficient_Calendar_Free-ORG-10920848.exePUP.Optional.InstallBrain.Asuccess4dd330bf5a2161d5eae74a70788ce11f C:\Users\Dorina Heller\Downloads\InstallConverter.exePUP.Optional.ClientConnectsuccess8c94cd22fe7d999d726687397f8206fa C:\Users\Dorina Heller\Downloads\SoftangoDownloader_Calibre.exePUP.Optional.Softango.Asuccessf32d4ca3f18a86b09f0a2a580100718f C:\Users\Dorina Heller\Downloads\VlcMediaPlayer_SoftangoDownloader.exeAdware.InstallBrainsuccess9090b33c5e1dea4c1c1cbe5aa35e8080 C:\Users\Dorina Heller\AppData\Local\Conduit\Community Alerts\Alert.dllPUP.Optional.ClientConnectsuccessec34c12e720973c328a9377814edc23e C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.golsearch.com_0.localstoragePUP.Optional.GolSearch.Asuccess75ab5f9034472d09476e937126dd8a76 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.golsearch.com_0.localstorage-journalPUP.Optional.GolSearch.Asuccess4fd159963c3f61d5d4e1778d5ba841bf C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstoragePUP.Optional.Delta.Asuccess79a7e40b6a11c07610a6cd37719202fe C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage-journalPUP.Optional.Delta.Asuccess041cdb14037846f0eec88d77897a9070 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstoragePUP.Optional.Boost.Asuccess3ce430bfbbc04aecb926e22d7c87de22 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journalPUP.Optional.Boost.Asuccess0b15c926344700368857858a53b0946c C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstoragePUP.Optional.Boost.Asuccess021e8768ff7c52e47c64cf40a75cc937 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journalPUP.Optional.Boost.Asuccess65bbd81789f270c6f2ee9778a261728e C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCorePUP.Optional.DealPly.Asuccess938d9a5518632f07606258bc47bcce32 C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUAPUP.Optional.DealPly.Asuccess63bd5c93f28984b2784a5bb9bb48ab55 C:\Windows\System32\Tasks\BitGuardPUP.Optional.BitGuard.Asuccess1d03aa453b40db5ba61e40d42fd428d8 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstoragePUP.Optional.Babylon.Asuccessa779f2fd611a6ccabb0be43705fe2ad6 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journalPUP.Optional.Babylon.Asuccessa67ac9260d6e32048f37190243c04eb2 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstoragePUP.Optional.Superfish.Asuccess819f37b8304bc96dff8e0c13847fc63a C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journalPUP.Optional.Superfish.Asuccesse23eb63981fab284f796809f11f2a35d C:\Users\Dorina Heller\AppData\Local\Websteroids\data2.datPUP.Optional.Websteroids.Asuccessfb2513dc017a81b5c087cd53f2119868 C:\Windows\SysWOW64\Websteroids.B324755F3F87.dllPUP.Optional.Websteroids.Asuccess2af6727d601b999dbb4fb1792ed5c53b C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstoragePUP.Optional.Websteroids.Asuccessf62a3cb3ed8e043254b7ba70956e39c7 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage-journalPUP.Optional.Websteroids.Asuccess968ae00f6f0ccb6b0ffcbb6f5da6c13f C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\bProtector_extensions.sqlitePUP.Optional.BProtector.Asuccess051b99564a31d85ebfef8e9e0ef5de22 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\bprotector_prefs.jsPUP.Optional.BProtector.Asuccessa87817d846350a2c307f35f77e8516ea C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\searchplugins\Web Search.xmlPUP.Optional.WebSearch.Asuccess39e744abfa8195a18425af7e33d06997 C:\ProgramData\Websteroids\app.datPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\data.datPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\Uninstall.exePUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\Websteroids.exe.configPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\Websteroids.icoPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\Websteroids64.exe.configPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\WebsteroidsService.exe.configPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe.configPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\up\2.6.80\Websteroids64.exe.configPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\up\2.6.80\WebsteroidsService.exe.configPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\up\2.6.80\WebsteroidsUpdate.exePUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\ProgramData\Websteroids\up\2.6.80\WebsteroidsUpdate.exe.configPUP.Optional.Websteroids.Asuccess71aff0ff62192c0a45f00e2b5fa4e719 C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnkPUP.OPtional.Dealply.Asuccess8e92dc1395e6d85efa358fbe0ff5e51b C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.urlPUP.OPtional.Dealply.Asuccess8e92dc1395e6d85efa358fbe0ff5e51b C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.urlPUP.OPtional.Dealply.Asuccess8e92dc1395e6d85efa358fbe0ff5e51b C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.jobPUP.Optional.DealPly.Asuccessf22ea34ca1da6dc9bfcaa8abbc482ad6 C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.jobPUP.Optional.DealPly.Asuccess918f87686912a98dea9f63f09a6a659b C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.logPUP.Optional.DealPly.Asuccessf927529d8fec7bbb7a309a3a48ba28d8 C:\Users\Dorina Heller\AppData\Roaming\Dealply\UpdateProc\config.datPUP.Optional.DealPly.Asuccesscf51f4fb2b5091a5e0cb53816d95f808 C:\Users\Dorina Heller\AppData\Roaming\Dealply\UpdateProc\info.datPUP.Optional.DealPly.Asuccesscf51f4fb2b5091a5e0cb53816d95f808 C:\Users\Dorina Heller\AppData\Roaming\Dealply\UpdateProc\TTL.DATPUP.Optional.DealPly.Asuccesscf51f4fb2b5091a5e0cb53816d95f808 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLive.exePUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exePUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHandler.exePUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHelper.msiPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exePUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fa.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fi.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fil.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fr.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_gu.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hi.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hr.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hu.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_id.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_is.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_it.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_iw.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ja.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_kn.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ko.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lt.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lv.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ml.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_mr.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ms.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_nl.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_no.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_et.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pl.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-BR.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-PT.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ro.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sk.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sl.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sr.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sv.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sw.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ta.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_te.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_th.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_tr.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_uk.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ur.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_vi.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-CN.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-TW.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psuser.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_am.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ar.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bg.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bn.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ca.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_cs.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_da.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_de.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_el.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en-GB.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es-419.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es.dllPUP.Optional.DealPly.Asuccess22fec32c3c3fdd59c5e7c60edf231ae6 C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\0A20EE696E154A5894AD9886193F88A2\5284.icoPUP.Optional.OpenCandysuccess78a8b7382b501d197968fadaa55de020 C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\0A20EE696E154A5894AD9886193F88A2\EBB77268-338F-4C6A-8590-AD88FED26F4APUP.Optional.OpenCandysuccess78a8b7382b501d197968fadaa55de020 C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\0A20EE696E154A5894AD9886193F88A2\OCBrowserHelper_1.0.6.125.exePUP.Optional.OpenCandysuccess78a8b7382b501d197968fadaa55de020 C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\7D98AF312EFE4DE5B52DF654C88965CF\Trial-14.0.1000.89_de-DE_1004727_AT-2.exePUP.Optional.OpenCandysuccess78a8b7382b501d197968fadaa55de020 C:\Users\Dorina Heller\AppData\Roaming\OpenCandy\C41ACA3AE40E49C1B7F1D6422A64123B\TuneUpUtilities2013-2200213_de-DE.exePUP.Optional.OpenCandysuccess78a8b7382b501d197968fadaa55de020 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\background.jsPUP.Optional.DealPly.Asuccess9987737cc1ba82b4cf953b9a55ad619f C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\enb.txtPUP.Optional.DealPly.Asuccess9987737cc1ba82b4cf953b9a55ad619f C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\manifest.jsonPUP.Optional.DealPly.Asuccess9987737cc1ba82b4cf953b9a55ad619f C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\images\icon128.pngPUP.Optional.DealPly.Asuccess9987737cc1ba82b4cf953b9a55ad619f C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\images\icon16.pngPUP.Optional.DealPly.Asuccess9987737cc1ba82b4cf953b9a55ad619f C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\images\icon48.pngPUP.Optional.DealPly.Asuccess9987737cc1ba82b4cf953b9a55ad619f C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\background.jsPUP.Optional.SaveSense.Asuccess4cd419d67ffcbb7b1870fbdbb052e21e C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\manifest.jsonPUP.Optional.SaveSense.Asuccess4cd419d67ffcbb7b1870fbdbb052e21e C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images\icon128.pngPUP.Optional.SaveSense.Asuccess4cd419d67ffcbb7b1870fbdbb052e21e C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images\icon16.pngPUP.Optional.SaveSense.Asuccess4cd419d67ffcbb7b1870fbdbb052e21e C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\khcceooakamlehbimaepcldnnlnkcmfk\5.0.2.9_0\images\icon48.pngPUP.Optional.SaveSense.Asuccess4cd419d67ffcbb7b1870fbdbb052e21e C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\1.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\19922.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\a.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\b.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\c.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\d.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\e.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\f.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\g.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\h.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\i.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\j.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\k.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\l.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\m.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\n.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\o.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\p.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\q.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\r.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\s.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\t.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\u.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\v.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\w.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\wlu.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\x.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\y.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\LocalLow\PriceGong\Data\z.txtPUP.Optional.PriceGong.Asuccess1010e9062c4f9e982b345088d52d20e0 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\chrome.manifestPUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\install.rdfPUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\chrome\content\dealplyshopping.xulPUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\chrome\content\images\icon32.pngPUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f}\defaults\preferences\defaults.jsPUP.Optional.DealPly.Asuccess948ce50a364563d3ff7005d520e2936d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\chrome.manifestPUP.Optional.SaveSense.Asuccess110f18d7abd006306240bb1f679b8f71 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\install.rdfPUP.Optional.SaveSense.Asuccess110f18d7abd006306240bb1f679b8f71 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\content\savesense.xulPUP.Optional.SaveSense.Asuccess110f18d7abd006306240bb1f679b8f71 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\content\images\icon32.pngPUP.Optional.SaveSense.Asuccess110f18d7abd006306240bb1f679b8f71 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{8b337819-d1e8-48d3-8178-168ae8c99c36}\defaults\preferences\defaults.jsPUP.Optional.SaveSense.Asuccess110f18d7abd006306240bb1f679b8f71 C:\Program Files (x86)\SearchProtect49141188\EULA.txtPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\bin\CltMngSvc.exePUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\bin\SPTool.dllPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\bin\SPtool.dll_1389827337225PUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\bin\SPtool.dll_1390856343416PUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\bin\SPtool.dll_1390856343506PUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\bin\SPtool.dll_1391018621179PUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\bin\uninstall.exePUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\Main\rep\SystemRepository.datPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\SearchProtect\bin\cltmng.exePUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\SearchProtect\bin\SPTool64.exePUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\SearchProtect\bin\SPVC32.dllPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\SearchProtect\bin\SPVC32Loader.dllPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\SearchProtect\bin\SPVC64.dllPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\SearchProtect\bin\SPVC64Loader.dllPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\bin\cltmngui.exePUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\settings.htmlPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\style.cssPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\bubble\bubble.cssPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\bubble\bubble.htmlPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\bubble\bubble.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\bubble\defaults.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\Apply-default.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\Apply-onclick.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\Apply-Rollover.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\bg-with-logo.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\bg.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\bgNotif.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\bgSettings.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\bgUninstall.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\btnBlue.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\btnClose.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\btnSilver.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\checkbox.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\checkbox_checked.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\checkbox_def.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\close-win-def.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\close-win-over-click.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\gray-bg.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\hez-def.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\hez-selected.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\hez.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\icon-win.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\info-icon.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\menu-rollover.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\menu-selected.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\radio-button-def.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\radio-button-selected.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\radio-button.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\radio-button2.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\Settings-icon.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\text-field.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\v.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\Images\x.pngPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\libs\defaults.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\libs\dialogUtils.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\libs\jquery.1.7.1.min.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\libs\json2.min.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\libs\main.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\libs\SPDialogAPI.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\protection\defaults.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\protection\protection.cssPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\protection\protection.htmlPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\protection\protection.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\protectionDS\defaults.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\protectionDS\protectionDS.cssPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\protectionDS\protectionDS.htmlPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\protectionDS\protectionDS.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\settings\defaults.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\settings\settings.cssPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\settings\settings.htmlPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\settings\settings.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\uninstall\defaults.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\uninstall\uninstall.cssPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\uninstall\uninstall.htmlPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Program Files (x86)\SearchProtect49141188\UI\dialogs\uninstall\uninstall.jsPUP.Optional.SearchProtect.Asuccessd34d0ce37803c472f3eb33a720e28080 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\chrome.manifestPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\install.rdfPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\content\browserLoad.jsPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\content\firefoxOverlay.xulPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\content\priam.jsPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\content\priam.pngPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\content\priam_background.jsPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\content\priam_background_firefox.jsPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\content\priam_firefox.jsPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\defaults\preferences\priam_prefs.jsPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\META-INF\manifest.mfPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\META-INF\WajamsCOMODOCALimitedID.rsaPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}\META-INF\WajamsCOMODOCALimitedID.sfPUP.Optional.Wajam.Asuccess36ea86691368b38327898263c53d39c7 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\background.htmlPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\background.jsPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\dvs_freeyoutubedownload.cssPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\dvs_freeyoutubedownload.jsPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\dvs_logo.icoPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\dvs_logo.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\dvs_logo_128.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\dvs_logo_32.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\dvs_logo_48.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\errorRunProgramm.htmlPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\manifest.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\np_dvs_plugin.dllPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\options.htmlPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\options.jsPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\page_action.htmlPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\images\backbar.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\images\download.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\images\download_mp3_btn.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\images\download_video_btn.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\images\headphone.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\images\logo.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\images\small.pngPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\de\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\en\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\es\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\fr\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\it\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\ja\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\nl\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\pl\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\pt\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\ru\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\tr\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\zh_CN\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.3.0.0_1\_locales\zh_TW\messages.jsonPUP.Optional.DVDVideoSoftTB.Asuccess33edaa457b00fb3b2b7b35cb61a2ac54 C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\PreferencesPUP.Optional.Conduit.Areplaced "startup_urls": [ "hxxp://search.conduit.com/?ctid=CT3318001&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SP08C621C6-6C4F-4FA4-A536-CEA88C711E8A&SSPV=" ],47d9c32ce09be155dc531f199372ea16 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.admin", false);9090737c4e2df442d7a8d7605da8728e C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.aflt", "babsst");110fbe316c0f88ae126d0f28986d15eb C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");8d934ba445367fb777087cbb3ec7c33d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.dfltLng", "en");c75939b694e7ec4a6d12cf686e9713ed C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.excTlbr", false);6bb589662d4ed95deb945ed941c4e61a C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.id", "66de5d7f000000000000b870f4c8207c");928ef7f80f6c41f5c0bf47f04fb64db3 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.instlDay", "15614");37e9bc339be067cffd8285b28184ea16 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.instlRef", "sst");ea36a946502be94dfc83b48350b57987 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");ef31e906adcede581966ea4d27def50b C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.prtnrId", "babylon");c858ad422b507eb86e11340358ad51af C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.tlbrId", "base");e43c03ec334885b197e8c6715da855ab C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=66de5d7f000000000000b870f4c8207c&q=");859b19d61368db5b98e7fb3ce223fc04 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");1709af404a31ba7c423df344996c30d0 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");021e7e7173083006f68982b55da853ad C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar_i.newTab", true);9888b738790246f0dca3d46333d2e51b C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");6fb1a04fc8b363d3611ea7900ef78c74 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar_i.smplGrp", "none");a27e757a83f8d0663b440c2b5da8f907 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.718:54:35");f62a8c63afcc2412542bdf58a65fa35d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.admin", false);b967ef00cfac71c5a2e4a39431d4f010 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.aflt", "babsst");59c76887d0ab42f496f0231417ee58a8 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");76aac42b2a51181ed0b62a0d1de88e72 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.autoRvrt", "false");dd437778dd9e0e2872143ff8e4219e62 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.dfltLng", "en");57c9589799e240f6c8be50e79174926e C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.excTlbr", false);44dc1fd02754181e097de84f05008e72 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.ffxUnstlRst", true);0c14a9469ae15dd93b4b47f0b1547a86 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.id", "66de5d7f0000000000003e659db18485");a37dce218bf03bfb582e201749bc4db3 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.instlDay", "15835");869a9956e2993204e3a3c077030240c0 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.instlRef", "sst");7aa6678896e50b2b2b5b41f60df832ce C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.newTab", false);87990ce3c5b672c4196db681de27728e C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.prdct", "delta");110f49a69ae1d165097db78090750000 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.prtnrId", "delta");63bd628d74077db993f3cd6a33d225db C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.rvrt", "false");869a6e812556ce6881050e297d88b64a C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.smplGrp", "none");ca56c32c7704b284c4c2c86fe81d51af C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.tlbrId", "base");d050707fb7c46cca95f15bdc60a5738d C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.tlbrSrchUrl", "");9a86717e8dee8ea8abdbc96e010409f7 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.vrsn", "1.8.16.16");00209e51cdaee94d107687b0ad58f010 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.vrsnTs", "1.8.16.1616:02:57");39e723cc027982b41d69340320e502fe C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.jsPUP.Optional.Delta.Areplaceduser_pref("extensions.delta.vrsni", "1.8.16.16");a17f905fdd9e5cda414514234eb7b54b C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=66de5d7f000000000000b870f4c8207c&q=");061ae708e69547efa75a46f1b35247b9 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.id", "66de5d7f000000000000b870f4c8207c");4ad62cc33744eb4b0bf60730ee17ca36 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");42de4ba45a2143f30cf5999ebe4730d0 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.instlDay", "15614");79a78f6084f757df06fbc572b64fce32 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");c35d29c6a9d20d29c04165d2f70e43bd C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");081813dc8cef3105966b69cee421d62a C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.718:54:35");a878e7087803191ddd2454e306ffed13 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.prtnrId", "babylon");da46945b631886b00cf50a2de81dee12 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");36eae40b681347efd32e9c9b0302c040 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.aflt", "babsst");de42a8473a41af87ab565ed91fe6f40c C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar_i.smplGrp", "none");f0306887364506302ed333042cd94ab6 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.tlbrId", "base");120e2ac5c2b9dc5a0ef351e61beadd23 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.instlRef", "sst");21ffb93685f65bdb926f3bfcc34255ab C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.dfltLng", "en");a779c42b4a3187af758c00378d78d828 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.excTlbr", false);c858faf54239c6708a77a493f3127789 C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.jsPUP.Optional.Babylon.Areplaceduser_pref("extensions.BabylonToolbar.admin", false);9b8541ae3348bd79b64b8daa739207f9

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.310 - Bericht erstellt am 19/09/2014 um 11:41:47
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Dorina Heller - MARLEN-NOTEBOOK
# Gestartet von : C:\Users\Dorina Heller\Documents\Downloads\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : 70e6ca8c
Dienst Gelöscht : BackupStack

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Browser
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\JustCloud
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\LocalLow\mixidj
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\Roaming\goforfiles
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\Roaming\Optimizer Pro
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JustCloud
Ordner Gelöscht : C:\Users\Dorina Heller\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\Dorina Heller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JustCloud.lnk
Datei Gelöscht : C:\Users\Dorina Heller\Desktop\JustCloud.lnk
Datei Gelöscht : C:\Users\Dorina Heller\Desktop\Optimizer Pro.lnk
Datei Gelöscht : C:\Users\Dorina Heller\Desktop\Sync Folder.lnk
Datei Gelöscht : C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\invalidprefs.js
Datei Gelöscht : C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\user.js

***** [ Tasks ] *****

Task Gelöscht : BitGuard
Task Gelöscht : GoforFilesUpdate
Task Gelöscht : LaunchApp

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstallConverter bundle uninstaller\InstallConverter bundle uninstaller.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Websteroids_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Websteroids_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebsteroidsService_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebsteroidsService_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Schlüssel Gelöscht : HKCU\Software\5d08a8cb168eb17
Schlüssel Gelöscht : HKLM\SOFTWARE\5d08a8cb168eb17
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1070C156-160B-47A0-B7D9-1860396BAB57}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27CE191D-733B-4450-AFCD-096D105288C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{39A29266-D3E4-462D-AB05-F93B1053F6CF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44FC7A33-2E5C-48DC-B6F5-B81E8005D122}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{73192D81-6D24-4C40-BF7B-2507C6FA0B1A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{88C606E7-BA26-41CB-8CC3-D1E313E34E75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{93D3100A-BBB6-456C-96FC-82CAC5F383AC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{997E3BFB-F821-411C-8B96-D61D415EC8FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9E0546FF-D44F-4FE4-A324-995FCACB8D33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CDDAB3A4-E64D-4AE0-9E1D-F3132F5F913F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E66A759D-367F-433E-85C6-ED7F040BCC32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4B8D46C-4EEE-401B-8607-DC03025F34B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27CE191D-733B-4450-AFCD-096D105288C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Tbccint_HKLM
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\BackgroundContainer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.1 (x86 en-GB)

[ Datei : C:\Users\Dorina Heller\AppData\Roaming\Mozilla\Firefox\Profiles\pyzl8dpa.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.id", "66de5d7f000000000000b870f4c8207c");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15614");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=66de5d7f000000000000b870f4c8207c&q=");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.718:54:35");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "66de5d7f0000000000003e659db18485");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15835");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1616:02:57");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.helperbar.BackPageActive", true);
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3);
Zeile gelöscht : user_pref("extensions.helperbar.backPageCounter", 1);
Zeile gelöscht : user_pref("extensions.helperbar.backPageDay", 12);
Zeile gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1394659467842");
Zeile gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15);
Zeile gelöscht : user_pref("extensions.helperbar.barcodeid", "769");
Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "gb");
Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "quickobrw");
Zeile gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\"],\\\"hxxpInjection\\\":\\\"hxxp:\\\\\\/\\\\\\/i.linkuryjs.info\\\\\\/kury\\\\\\[...]
Zeile gelöscht : user_pref("extensions.helperbar.fromautoupdate", "true");
Zeile gelöscht : user_pref("extensions.helperbar.installationid", "b5a625b8-017c-4e0c-a7b1-1b991e439265");
Zeile gelöscht : user_pref("extensions.helperbar.installdate", "30/05/2013");
Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1394476521");
Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1395252446726");
Zeile gelöscht : user_pref("extensions.helperbar.publisher", "quickobrw");

-\\ Google Chrome v37.0.2062.120

[ Datei : C:\Users\Dorina Heller\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gelöscht [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Gelöscht [Extension] : khcceooakamlehbimaepcldnnlnkcmfk
Gelöscht [Extension] : mphpbdjcljebbcnfopfngmfdackbbdgf
Gelöscht [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

*************************

AdwCleaner[R0].txt - [18174 octets] - [19/09/2014 11:40:02]
AdwCleaner[S0].txt - [17344 octets] - [19/09/2014 11:41:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17405 octets] ##########
--- --- ---
Alt 20.09.2014, 07:00   #14
schrauber
/// the machine
/// TB-Ausbilder
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.09.2014, 14:14   #15
marlen101
 
Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Standard

Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


Ich finde leider nach mehrstündigem Scan nirgends eine txt.file vom ESET...
Und der Security Check lässt sich nicht ausführen. Da heißt es dann " UNSUPPORTED OPERATING SYSTEM! ABORTED!" Was tun?
lg

Antwort
Seite 1 von 2 1 2

Themen zu Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr
aktualisierung, conduitsearch, conduitsearch entfernen, dankbar, extrem, fehlercode 0x2944, fehlercode 0x3, fehlercode 0xc0000005, fehlercode 0xc000000d, fehlercode 0xe0434352, funktioniert nicht, funktioniert nicht mehr, gen, gerätemanager, hinweis, langsam, minute, nicht mehr, treiber, vorgänge


« Virus? Vermehrte Meldungen, SQL, clipz, https seiten | Folgendes Problem: Kein Zugriff auf Internet Seite Fehlercode: DNS_PROBE_FINISHED_NXDOMAIN ? »


Ähnliche Themen: Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr


  1. Maus clickt nicht mehr richtig, Pc extrem langsam
    Log-Analyse und Auswertung - 25.06.2015 (31)
  2. Bitdefender echtzeit Scan funktioniert nicht, rechner extrem langsam
    Log-Analyse und Auswertung - 17.04.2015 (16)
  3. Infiziertes Windows wiederbers ? Laufwerk funktioniert nicht
    Alles rund um Windows - 06.12.2013 (4)
  4. PC funktioniert nur noch sehr langsam im abgesicherten Modus, laesst sich nicht mehr bedienen!
    Plagegeister aller Art und deren Bekämpfung - 09.09.2013 (3)
  5. Computer EXTREM langsam
    Plagegeister aller Art und deren Bekämpfung - 18.05.2013 (2)
  6. [Virus?] Firewall funktoniert nicht, Taskmanger funktioniert nicht und Computer sehr langsam geworden !
    Log-Analyse und Auswertung - 16.05.2013 (1)
  7. Trojaner ( TR/ransom.foreign.acdb.1) von Avira entdeckt, Outlook funktioniert nicht mehr, PC langsam
    Plagegeister aller Art und deren Bekämpfung - 19.02.2013 (2)
  8. CD/DVD-Laufwerk funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 13.10.2012 (1)
  9. Windows fährt nicht mehr/extrem langsam hoch
    Alles rund um Windows - 28.09.2012 (1)
  10. PC extrem langsam weiß nicht mehr weiter
    Alles rund um Windows - 21.09.2012 (1)
  11. http://www2.flirtcafe.de/de/ , Google-Bildersuche funktioniert nicht mehr, Websites laden langsam
    Plagegeister aller Art und deren Bekämpfung - 31.01.2012 (33)
  12. Computer auf einmal extrem langsam, windows neuinstallation nicht möglich (vermutlich virus)
    Log-Analyse und Auswertung - 25.04.2011 (1)
  13. DVD-Laufwerk funktioniert nicht mehr richtig
    Netzwerk und Hardware - 19.05.2010 (3)
  14. computer funktioniert nicht mehr
    Alles rund um Windows - 14.01.2007 (3)
  15. Beide Computer langsam - einer nach 3 Minuten sogar extrem langsam
    Log-Analyse und Auswertung - 09.06.2006 (7)
  16. Computer ist extrem langsam
    Log-Analyse und Auswertung - 11.03.2006 (2)
  17. Computer extrem langsam
    Log-Analyse und Auswertung - 15.07.2005 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr - Hallo, seit einiger Zeit ist mein Computer extrem langsam bei allen Vorgängen, besonders das Rauffahren dauert Minuten. In den letzten Tagen ist er auch mehrmals abgestürzt, ließ sich dann aber - Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr...
Archiv
Du betrachtest: Computer extrem langsam und CD-Laufwerk funktioniert nicht mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131