Iminent - und ich werde es nicht los

charky · 11.12.2014, 17:00

Hallo,

ich habe mir wohl einen Iminent eingefangen.

Wer kann mir helfen diesen zu entfernen?

Danke

schrauber · 11.12.2014, 18:41

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

charky · 11.12.2014, 19:00

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-12-2014
Ran by Martina Maecker (administrator) on WUNSCHERFUELLER on 11-12-2014 18:53:23
Running from C:\Users\Martina Maecker\Desktop
Loaded Profiles: IUSR_NMPR & Martina Maecker (Available profiles: IUSR_NMPR & Martina Maecker)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
() C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
() C:\Windows\System32\NMSAccess32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Users\Martina Maecker\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Team MediaPortal) C:\Program Files\Team MediaPortal\MediaPortal TV Server\TvService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(ODSoft multimedia) C:\Program Files\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\GnabTray.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Panasonic Corporation) C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
() C:\Program Files\ScanWizard 5\ScannerFinder.exe
(Dropbox, Inc.) C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Intuit, Inc.) C:\Program Files\Lexware\bueroeasy\QBW32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Founder.De) C:\Program Files\Firelab\firelab.exe
(Axandra GmbH) C:\Program Files\IBP 11\IBP.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-08-17] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-08-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2007-12-01] (Google)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-08] (Intel Corporation)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46632 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [30248 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe [797696 2007-08-07] (ODSoft multimedia)
HKLM\...\Run: [TVEService] => C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [155648 2007-10-19] (CyberLink Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1468256 2009-11-11] (Microsoft Corporation)
HKLM\...\Run: [GnabTray] => C:\Program Files\Common Files\Gnab\Service\GnabTray.exe [327680 2007-04-13] (Empolis GmbH)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [623992 2008-10-14] (Adobe Systems Inc.)
HKLM\...\Run: [Adobe_ID0EYTHM] => C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM\...\Run: [Ocs_SM] => C:\Users\Martina Maecker\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-04-14] (OCS)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-17] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-22] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\...\RunOnce: [DPAPIKeyMig] => C:\Windows\system32\dpapimig.exe [72192 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [IBP] => [X]
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [AdobeUpdater] => C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2356088 2010-10-07] (Adobe Systems Incorporated)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\MountPoints2: E - E:\Player.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 5.1 HD Edition.lnk
ShortcutTarget: PHOTOfunSTUDIO 5.1 HD Edition.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Finder.lnk
ShortcutTarget: Scanner Finder.lnk -> C:\Program Files\ScanWizard 5\ScannerFinder.exe ()
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Medien-Prüfung.lnk
ShortcutTarget: PMB Medien-Prüfung.lnk -> D:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} -  No File
URLSearchHook: HKLM - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
SearchScopes: HKLM -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Winamp Toolbar Loader -> {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -> C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKLM - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Martina Maecker\AppData\Roaming\toolplugin\toolbar.dll No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\.DEFAULT -> Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 35 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 36 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 37 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 38 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 39 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 40 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 41 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 42 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 43 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 44 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 45 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 46 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 47 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 48 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 49 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 50 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 51 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 52 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 53 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 54 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 55 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 56 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 57 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 58 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 59 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 60 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 61 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 62 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 63 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 64 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 65 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 66 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 67 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 68 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 69 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 70 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 71 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 72 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 73 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 74 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 75 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 76 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 77 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 78 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default
FF SelectedSearchEngine: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @innoplus.de/ino3DViewer -> C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/VirtualEarth3D,version=3.0 -> C:\Program Files\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=6.0.11.2768 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2826 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1578 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\SearchTheWeb.xml
FF Extension: FoxyDeal - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-04-14]
FF Extension: Avira Browser Safety - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\Extensions\abs@avira.com [2014-12-11]
FF Extension: Avira SafeSearch - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\Extensions\safesearch@avira.com [2014-12-04]
FF Extension: Iminent - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\Extensions\firefoxmini@go.im.xpi [2014-08-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-28]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-15]
FF HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Iminent) - C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-04-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)
S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [806704 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-10-22] (Avira Operations GmbH & Co. KG)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2013-02-27] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [475136 2014-10-03] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [475136 2014-10-03] (Microsoft Corporation) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation) [File not signed]
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R3 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [102912 2012-07-04] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\system32\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [143872 2014-07-07] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-03] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [144384 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] () [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [556544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-14] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086976 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-14] (Microsoft Corporation) [File not signed]
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-09-30] (Macrovision Europe Ltd.) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [906240 2013-05-11] (Microsoft Corporation) [File not signed]
R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH) [File not signed]
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2007-12-01] (Google) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation) [File not signed]
S3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [102912 2014-11-22] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [679424 2013-10-12] (Microsoft Corporation) [File not signed]
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{3FC42713-B6E7-49AA-A553-A224FE9828A8}\Installer\InstallerService.exe [119296 2011-04-30] () [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2012-10-03] (Microsoft Corporation) [File not signed]
S2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)
R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2010-11-20] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
S2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
S2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [6041600 2009-08-18] () [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242176 2012-10-03] (Microsoft Corporation) [File not signed]
R2 NMSAccess; C:\Windows\system32\NMSAccess32.exe [71096 2009-01-12] ()
R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [119808 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [164352 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation) [File not signed]
S2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-14] (Microsoft Corporation) [File not signed]
S4 Schedule; C:\Windows\system32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SearchAnonymizer; C:\Users\Martina Maecker\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-04-14] () [File not signed]
R3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SplashtopRemoteService; C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe [520040 2011-10-24] (Splashtop Inc.)
R2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2012-02-11] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed]
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SSUService; C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe [609056 2013-08-07] (Splashtop Inc.)
R2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [523776 2014-10-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation) [File not signed]
S4 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] () [File not signed]
S4 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] () [File not signed]
R2 TVService; C:\Program Files\Team MediaPortal\MediaPortal TV Server\TVService.exe [212992 2012-04-10] (Team MediaPortal) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1203200 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WebClient; C:\Windows\System32\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1177088 2014-10-03] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121792 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation) [File not signed]
S3 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [73216 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185344 2014-01-28] (Microsoft Corporation) [File not signed]
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-30] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation) [File not signed]
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [101248 2011-12-29] (AVM Berlin) [File not signed]
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64512 2007-08-15] (AVM GmbH) [File not signed]
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37384 2014-10-22] (Avira Operations GmbH & Co. KG)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) [File not signed]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-23] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\system32\drivers\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [14080 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed]
S3 CYUSB3; C:\Windows\System32\Drivers\CYUSB3.sys [54008 2014-03-21] (Cypress Semiconductor)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Dot4; C:\Windows\System32\DRIVERS\Dot4.sys [131072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Dot4Print; C:\Windows\system32\drivers\Dot4Prt.sys [16384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 dot4usb; C:\Windows\System32\DRIVERS\dot4usb.sys [36864 2009-07-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-14] (Microsoft Corporation) [File not signed]
R3 e1express; C:\Windows\System32\DRIVERS\e1e6032.sys [211456 2009-07-13] (Intel Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-14] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fxusbase; C:\Windows\System32\DRIVERS\fxusbase.sys [567936 2007-08-15] (AVM Berlin) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation) [File not signed]
R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [80896 2009-07-14] (Microsoft Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [16024 2006-11-22] (InterVideo, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-27] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-09] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-27] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\system32\Drivers\Msfs.sys [22528 2009-07-14] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation) [File not signed]
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.) [File not signed]
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.) [File not signed]
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18048 2010-07-30] (Nokia) [File not signed]
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23040 2010-07-30] (Nokia) [File not signed]
R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-11-11] (Microsoft Corporation)
R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [79360 2009-07-14] (Microsoft Corporation) [File not signed]
S2 Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [8704 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [18816 2008-08-26] (Nokia) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [18944 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [14848 2012-08-23] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [184320 2014-07-17] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-29] (Microsoft Corporation) [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-10-22] (Avira GmbH)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2014-11-11] (Microsoft Corporation) [File not signed]
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2014-07-17] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [49152 2013-10-02] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) [File not signed]
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [144896 2010-11-12] (1&1 Internet AG) [File not signed]
R3 umbus; C:\Windows\system32\drivers\umbus.sys [39936 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2010-07-30] (Nokia) [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [43520 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [36352 2013-07-03] (Microsoft Corporation) [File not signed]
S3 usbser; C:\Windows\System32\drivers\usbser.sys [27648 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2010-07-30] (Nokia) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2013-11-27] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed]
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed]
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation) [File not signed]
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\HomeCinema\PlayMovie\000.fcl [41456 2007-10-11] (Cyberlink Corp.)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\HomeCinema\PowerDVD\000.fcl [41456 2007-10-09] (Cyberlink Corp.)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-11 18:53 - 2014-12-11 18:54 - 00074143 _____ () C:\Users\Martina Maecker\Desktop\FRST.txt
2014-12-11 18:53 - 2014-12-11 18:53 - 00000000 ____D () C:\FRST
2014-12-11 18:52 - 2014-12-11 18:52 - 01111040 _____ (Farbar) C:\Users\Martina Maecker\Desktop\FRST.exe
2014-12-11 07:13 - 2014-12-11 07:13 - 00003544 ____N () C:\bootsqm.dat
2014-12-11 03:34 - 2014-12-11 03:34 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:15 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:15 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 03:15 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 03:15 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 03:15 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 02:39 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 02:39 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 02:39 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 02:39 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 02:39 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 02:39 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 02:39 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 02:39 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 02:39 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 02:39 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 02:39 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 02:39 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 02:39 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 02:39 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 02:39 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 02:39 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 02:39 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 02:39 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 02:39 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 02:39 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 02:39 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 02:39 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 02:39 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 02:39 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 02:39 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 02:39 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 02:38 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 02:38 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 02:38 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 02:38 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 02:38 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 02:38 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 02:38 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 02:38 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 02:38 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 02:38 - 2014-10-30 02:46 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-11 02:38 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 02:38 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 02:38 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 02:38 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-12-10 12:26 - 2014-12-10 12:26 - 00000294 ____N () C:\Users\Martina Maecker\Desktop\141821076472529.txt
2014-12-10 06:54 - 2011-12-13 09:29 - 00029504 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-12-10 06:54 - 2011-12-13 09:29 - 00021312 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-12-09 18:36 - 2014-12-09 18:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-05 18:50 - 2014-12-05 18:50 - 00000512 _____ () C:\Users\Martina Maecker\Desktop\HBEDV.key
2014-12-04 17:24 - 2014-12-04 17:24 - 00114670 ____H () C:\Users\Martina Maecker\Downloads\~WRL0006.tmp
2014-12-02 19:56 - 2014-12-02 19:56 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Avira
2014-12-02 19:54 - 2014-10-22 16:33 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-12-02 19:46 - 2014-12-05 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-02 19:46 - 2014-12-02 19:54 - 00000000 ____D () C:\ProgramData\Avira
2014-12-02 19:46 - 2014-12-02 19:54 - 00000000 ____D () C:\Program Files\Avira
2014-12-02 19:46 - 2014-12-02 19:46 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-02 19:39 - 2014-12-02 19:39 - 00000067 _____ () C:\Users\Martina Maecker\Desktop\iminient.txt
2014-12-02 19:25 - 2014-12-02 19:26 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Local\AviraResume
2014-12-02 19:08 - 2014-12-02 19:12 - 169402768 _____ () C:\Users\Martina Maecker\Downloads\avira_antivirus_pro_de.exe
2014-12-02 18:02 - 2014-12-11 07:15 - 00150366 _____ () C:\Windows\setupact.log
2014-12-02 18:02 - 2014-12-02 18:02 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 18:01 - 2014-12-09 16:55 - 01009760 _____ () C:\Windows\PFRO.log
2014-12-02 17:24 - 2014-12-02 17:24 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\Martina Maecker\Downloads\avira_de_av_5686711189__ws.exe
2014-12-02 16:28 - 2014-12-02 16:28 - 00000000 __SHD () C:\Users\Martina Maecker\AppData\Local\EmieBrowserModeList
2014-11-29 18:30 - 2012-05-05 07:38 - 00221096 ____N () C:\Windows\hpoins43.dat.temp
2014-11-29 18:27 - 2014-11-29 18:27 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Martina Maecker\Downloads\avira_en_avpro_33469606_fblfanq8pg3yw81e0atd_wd.exe
2014-11-29 18:23 - 2014-11-29 18:26 - 156964432 _____ () C:\Users\Martina Maecker\Downloads\PS_AIO_06_C4700_USW_Full_Win_WW_140_175-4.exe
2014-11-19 19:14 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 19:14 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 19:02 - 2014-11-19 19:02 - 06126536 _____ (Tim Kosse) C:\Users\Martina Maecker\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-11-17 18:50 - 2014-11-17 18:50 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0028f54897b2.job
2014-11-11 21:46 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 21:46 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 21:46 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 21:46 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 21:46 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 21:46 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 21:46 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 21:46 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 21:46 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 21:46 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 21:46 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 21:46 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 21:46 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 21:46 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 21:46 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 21:46 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 21:46 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-11 18:37 - 2011-08-25 20:59 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\IBP
2014-12-11 18:31 - 2011-06-08 17:55 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-12-11 18:27 - 2009-11-27 14:42 - 00011216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-11 18:27 - 2009-11-27 14:42 - 00011216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-11 17:43 - 2014-07-31 14:59 - 00200704 ___SH () C:\Users\Martina Maecker\Desktop\Thumbs.db
2014-12-11 16:43 - 2007-10-09 15:23 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-11 16:42 - 2007-12-01 11:03 - 00000000 ____D () C:\Program Files\Google
2014-12-11 16:38 - 2009-11-27 15:16 - 01075968 _____ () C:\Windows\WindowsUpdate.log
2014-12-11 16:37 - 2012-05-04 18:32 - 00000000 ____D () C:\Users\Martina Maecker\Documents\Deutsche Post AG
2014-12-11 16:34 - 2007-12-01 11:13 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Local\Google
2014-12-11 16:34 - 2007-12-01 11:03 - 00000000 ____D () C:\ProgramData\Google
2014-12-11 16:29 - 2013-10-28 12:01 - 00000000 ___RD () C:\Users\Martina Maecker\Google Drive
2014-12-11 07:20 - 2012-08-21 18:47 - 00000000 ___RD () C:\Users\Martina Maecker\Dropbox
2014-12-11 07:20 - 2012-08-21 18:45 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Dropbox
2014-12-11 07:15 - 2012-05-13 18:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-11 03:34 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 03:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-12-11 03:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 03:17 - 2007-10-10 11:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:11 - 2013-07-19 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:04 - 2009-12-19 09:11 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 16:11 - 2012-04-03 16:00 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\Druckdaten autogrammkarten-druckerei.de
2014-12-10 06:53 - 2010-11-12 16:24 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2011
2014-12-09 16:45 - 2011-01-02 10:40 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\FileZilla
2014-12-03 06:49 - 2013-06-15 13:38 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Ofulb
2014-12-02 19:45 - 2014-05-27 05:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-02 19:44 - 2010-09-30 15:43 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-12-02 18:12 - 2009-11-27 14:42 - 01658020 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-02 17:14 - 2014-05-20 17:28 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Local\PriceMeter
2014-12-01 17:35 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-29 18:32 - 2011-05-15 11:05 - 00233373 _____ () C:\Windows\hpoins43.dat
2014-11-29 18:32 - 2011-05-15 11:05 - 00002133 _____ () C:\ProgramData\hpzinstall.log
2014-11-29 18:05 - 2009-11-27 14:43 - 00000000 ____D () C:\Users\IUSR_NMPR
2014-11-17 18:50 - 2014-10-25 10:11 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff033a6959e4b.job
2014-11-16 11:24 - 2012-08-21 18:46 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-13 18:49 - 2014-08-14 05:16 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\Druckdaten personalisierer.de
2014-11-12 03:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 03:31 - 2009-07-14 05:33 - 01943752 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\Martina Maecker\AppData\Local\Temp\avgnt.exe
C:\Users\Martina Maecker\AppData\Local\Temp\A~NSISu_.exe
C:\Users\Martina Maecker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw3izm0.dll
C:\Users\Martina Maecker\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-10-17 21:41] - [2014-07-17 02:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-06-03 06:45

==================== End Of Log ============================

--- --- ---

charky · 11.12.2014, 19:01

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-12-2014
Ran by Martina Maecker (administrator) on WUNSCHERFUELLER on 11-12-2014 18:53:23
Running from C:\Users\Martina Maecker\Desktop
Loaded Profiles: IUSR_NMPR & Martina Maecker (Available profiles: IUSR_NMPR & Martina Maecker)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
() C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
() C:\Windows\System32\NMSAccess32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Users\Martina Maecker\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(Team MediaPortal) C:\Program Files\Team MediaPortal\MediaPortal TV Server\TvService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(ODSoft multimedia) C:\Program Files\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\GnabTray.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Panasonic Corporation) C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
() C:\Program Files\ScanWizard 5\ScannerFinder.exe
(Dropbox, Inc.) C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Intuit, Inc.) C:\Program Files\Lexware\bueroeasy\QBW32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Founder.De) C:\Program Files\Firelab\firelab.exe
(Axandra GmbH) C:\Program Files\IBP 11\IBP.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-08-17] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-08-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2007-12-01] (Google)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-08] (Intel Corporation)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46632 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [30248 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe [797696 2007-08-07] (ODSoft multimedia)
HKLM\...\Run: [TVEService] => C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [155648 2007-10-19] (CyberLink Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1468256 2009-11-11] (Microsoft Corporation)
HKLM\...\Run: [GnabTray] => C:\Program Files\Common Files\Gnab\Service\GnabTray.exe [327680 2007-04-13] (Empolis GmbH)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [623992 2008-10-14] (Adobe Systems Inc.)
HKLM\...\Run: [Adobe_ID0EYTHM] => C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM\...\Run: [Ocs_SM] => C:\Users\Martina Maecker\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-04-14] (OCS)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-17] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-22] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\...\RunOnce: [DPAPIKeyMig] => C:\Windows\system32\dpapimig.exe [72192 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [IBP] => [X]
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [AdobeUpdater] => C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2356088 2010-10-07] (Adobe Systems Incorporated)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\MountPoints2: E - E:\Player.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 5.1 HD Edition.lnk
ShortcutTarget: PHOTOfunSTUDIO 5.1 HD Edition.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Finder.lnk
ShortcutTarget: Scanner Finder.lnk -> C:\Program Files\ScanWizard 5\ScannerFinder.exe ()
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Medien-Prüfung.lnk
ShortcutTarget: PMB Medien-Prüfung.lnk -> D:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} -  No File
URLSearchHook: HKLM - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
SearchScopes: HKLM -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Winamp Toolbar Loader -> {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -> C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKLM - toolplugin - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} - C:\Users\Martina Maecker\AppData\Roaming\toolplugin\toolbar.dll No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\.DEFAULT -> Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> Winamp Toolbar - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Winsock: Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog5 09 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 35 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 36 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 37 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 38 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 39 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 40 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 41 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 42 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 43 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 44 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 45 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 46 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 47 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 48 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 49 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 50 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 51 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 52 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 53 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 54 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 55 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 56 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 57 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 58 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 59 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 60 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 61 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 62 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 63 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 64 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 65 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 66 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 67 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 68 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 69 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 70 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 71 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 72 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 73 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 74 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 75 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 76 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 77 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Winsock: Catalog9 78 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default
FF SelectedSearchEngine: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @innoplus.de/ino3DViewer -> C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/VirtualEarth3D,version=3.0 -> C:\Program Files\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=6.0.11.2768 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2826 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1578 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\SearchTheWeb.xml
FF Extension: FoxyDeal - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-04-14]
FF Extension: Avira Browser Safety - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\Extensions\abs@avira.com [2014-12-11]
FF Extension: Avira SafeSearch - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\Extensions\safesearch@avira.com [2014-12-04]
FF Extension: Iminent - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\Extensions\firefoxmini@go.im.xpi [2014-08-14]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-28]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-15]
FF HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Iminent) - C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-04-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)
S3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [806704 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-10-22] (Avira Operations GmbH & Co. KG)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [47104 2013-02-27] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [475136 2014-10-03] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [475136 2014-10-03] (Microsoft Corporation) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [494592 2010-11-20] (Microsoft Corporation) [File not signed]
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
R3 BITS; C:\Windows\System32\qmgr.dll [585728 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [102912 2012-07-04] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\system32\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [143872 2014-07-07] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-03] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [144384 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] () [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\System32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [556544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-14] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1086976 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [523264 2010-11-20] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [28160 2009-07-14] (Microsoft Corporation) [File not signed]
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-09-30] (Macrovision Europe Ltd.) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [906240 2013-05-11] (Microsoft Corporation) [File not signed]
R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH) [File not signed]
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2007-12-01] (Google) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [593408 2010-11-20] (Microsoft Corporation) [File not signed]
S3 hidserv; C:\Windows\system32\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [71168 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [194560 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [102912 2014-11-22] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [679424 2013-10-12] (Microsoft Corporation) [File not signed]
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{3FC42713-B6E7-49AA-A553-A224FE9828A8}\Installer\InstallerService.exe [119296 2011-04-30] () [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [499712 2012-10-03] (Microsoft Corporation) [File not signed]
S2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)
R3 KeyIso; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [308736 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [168960 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2010-11-20] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-14] (Microsoft Corporation) [File not signed]
S2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
S2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [566272 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [6041600 2009-08-18] () [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [330240 2010-11-20] (Microsoft Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [242176 2012-10-03] (Microsoft Corporation) [File not signed]
R2 NMSAccess; C:\Windows\system32\NMSAccess32.exe [71096 2009-01-12] ()
R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [19456 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [327680 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [293376 2011-05-24] (Microsoft Corporation) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [20480 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [269824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [119808 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [164352 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [286208 2010-11-20] (Microsoft Corporation) [File not signed]
S2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [112640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [9216 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [376832 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-14] (Microsoft Corporation) [File not signed]
S4 Schedule; C:\Windows\system32\schedsvc.dll [750592 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SearchAnonymizer; C:\Users\Martina Maecker\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-04-14] () [File not signed]
R3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SplashtopRemoteService; C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe [520040 2011-10-24] (Splashtop Inc.)
R2 Spooler; C:\Windows\System32\spoolsv.exe [317440 2012-02-11] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3179520 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [53760 2010-11-20] (Microsoft Corporation) [File not signed]
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [90112 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SSUService; C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe [609056 2013-08-07] (Splashtop Inc.)
R2 StiSvc; C:\Windows\System32\wiaservc.dll [463360 2010-11-20] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1159168 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [523776 2014-10-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2010-11-20] (Microsoft Corporation) [File not signed]
S4 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] () [File not signed]
S4 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] () [File not signed]
R2 TVService; C:\Program Files\Team MediaPortal\MediaPortal TV Server\TVService.exe [212992 2012-04-10] (Team MediaPortal) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [35840 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [22528 2014-04-12] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [453632 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1025536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [288768 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1203200 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WebClient; C:\Windows\System32\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [147968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) [File not signed]
S3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [168960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [1177088 2014-10-03] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [136192 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1121792 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [85504 2010-11-20] (Microsoft Corporation) [File not signed]
S3 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [73216 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [185344 2014-01-28] (Microsoft Corporation) [File not signed]
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [164864 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [10240 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [338944 2014-05-30] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [55296 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [50176 2010-11-20] (Microsoft Corporation) [File not signed]
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [101248 2011-12-29] (AVM Berlin) [File not signed]
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64512 2007-08-15] (AVM GmbH) [File not signed]
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37384 2014-10-22] (Avira Operations GmbH & Co. KG)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation) [File not signed]
S3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\system32\Drivers\Beep.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-23] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\system32\drivers\cdrom.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [14080 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [31232 2010-11-20] (Microsoft Corporation) [File not signed]
S3 CYUSB3; C:\Windows\System32\Drivers\CYUSB3.sys [54008 2014-03-21] (Cypress Semiconductor)
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Dot4; C:\Windows\System32\DRIVERS\Dot4.sys [131072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Dot4Print; C:\Windows\system32\drivers\Dot4Prt.sys [16384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 dot4usb; C:\Windows\System32\DRIVERS\dot4usb.sys [36864 2009-07-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5120 2009-07-14] (Microsoft Corporation) [File not signed]
R3 e1express; C:\Windows\System32\DRIVERS\e1e6032.sys [211456 2009-07-13] (Intel Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\system32\Drivers\exfat.sys [142336 2009-07-14] (Microsoft Corporation) [File not signed]
R3 fastfat; C:\Windows\system32\Drivers\fastfat.sys [148480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fxusbase; C:\Windows\System32\DRIVERS\fxusbase.sys [567936 2007-08-15] (AVM Berlin) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.) [File not signed]
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [91136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [37888 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513536 2010-11-20] (Microsoft Corporation) [File not signed]
R3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [80896 2009-07-14] (Microsoft Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [65536 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [16024 2006-11-22] (InterVideo, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
S3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [28160 2010-11-20] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [86528 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [115712 2013-07-04] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123904 2011-04-27] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [223744 2011-07-09] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [96768 2011-04-27] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\system32\Drivers\Msfs.sys [22528 2009-07-14] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [46080 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\system32\Drivers\NDProxy.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2010-11-20] (Microsoft Corporation) [File not signed]
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.) [File not signed]
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.) [File not signed]
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18048 2010-07-30] (Nokia) [File not signed]
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23040 2010-07-30] (Nokia) [File not signed]
R1 Npfs; C:\Windows\system32\Drivers\Npfs.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-11-11] (Microsoft Corporation)
R1 Null; C:\Windows\system32\Drivers\Null.sys [4608 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [79360 2009-07-14] (Microsoft Corporation) [File not signed]
S2 Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [8704 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfd.sys [18816 2008-08-26] (Nokia) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [52224 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [31744 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [242688 2010-11-20] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [18944 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2010-11-20] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [14848 2012-08-23] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\system32\Drivers\RDPWD.sys [184320 2014-07-17] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2010-11-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\system32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [311808 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [310272 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [114688 2011-04-29] (Microsoft Corporation) [File not signed]
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-10-22] (Avira GmbH)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [35328 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [18432 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24576 2012-02-17] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74752 2014-11-11] (Microsoft Corporation) [File not signed]
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [31232 2014-07-17] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [49152 2013-10-02] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2010-11-20] (Microsoft Corporation) [File not signed]
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [144896 2010-11-12] (1&1 Internet AG) [File not signed]
R3 umbus; C:\Windows\system32\drivers\umbus.sys [39936 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2010-07-30] (Nokia) [File not signed]
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [76288 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [86016 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [43520 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [20480 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\system32\drivers\usbscan.sys [36352 2013-07-03] (Microsoft Corporation) [File not signed]
S3 usbser; C:\Windows\System32\drivers\usbser.sys [27648 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2010-07-30] (Nokia) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2013-11-27] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ViaC7; C:\Windows\system32\DRIVERS\viac7.sys [52736 2009-07-14] (Microsoft Corporation) [File not signed]
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-14] (Microsoft Corporation) [File not signed]
R3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [21632 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [35968 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [11264 2009-07-14] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] (Microsoft Corporation) [File not signed]
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] (Microsoft Corporation) [File not signed]
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\HomeCinema\PlayMovie\000.fcl [41456 2007-10-11] (Cyberlink Corp.)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\HomeCinema\PowerDVD\000.fcl [41456 2007-10-09] (Cyberlink Corp.)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-11 18:53 - 2014-12-11 18:54 - 00074143 _____ () C:\Users\Martina Maecker\Desktop\FRST.txt
2014-12-11 18:53 - 2014-12-11 18:53 - 00000000 ____D () C:\FRST
2014-12-11 18:52 - 2014-12-11 18:52 - 01111040 _____ (Farbar) C:\Users\Martina Maecker\Desktop\FRST.exe
2014-12-11 07:13 - 2014-12-11 07:13 - 00003544 ____N () C:\bootsqm.dat
2014-12-11 03:34 - 2014-12-11 03:34 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:15 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:15 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 03:15 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 03:15 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 03:15 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 02:39 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 02:39 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 02:39 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 02:39 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 02:39 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 02:39 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 02:39 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 02:39 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 02:39 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 02:39 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 02:39 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 02:39 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 02:39 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 02:39 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 02:39 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 02:39 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 02:39 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 02:39 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 02:39 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 02:39 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 02:39 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 02:39 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 02:39 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 02:39 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 02:39 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 02:39 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 02:38 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 02:38 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 02:38 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 02:38 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 02:38 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 02:38 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 02:38 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 02:38 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 02:38 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 02:38 - 2014-10-30 02:46 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-11 02:38 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 02:38 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 02:38 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 02:38 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-12-10 12:26 - 2014-12-10 12:26 - 00000294 ____N () C:\Users\Martina Maecker\Desktop\141821076472529.txt
2014-12-10 06:54 - 2011-12-13 09:29 - 00029504 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-12-10 06:54 - 2011-12-13 09:29 - 00021312 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-12-09 18:36 - 2014-12-09 18:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-05 18:50 - 2014-12-05 18:50 - 00000512 _____ () C:\Users\Martina Maecker\Desktop\HBEDV.key
2014-12-04 17:24 - 2014-12-04 17:24 - 00114670 ____H () C:\Users\Martina Maecker\Downloads\~WRL0006.tmp
2014-12-02 19:56 - 2014-12-02 19:56 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Avira
2014-12-02 19:54 - 2014-10-22 16:33 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-12-02 19:46 - 2014-12-05 18:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-02 19:46 - 2014-12-02 19:54 - 00000000 ____D () C:\ProgramData\Avira
2014-12-02 19:46 - 2014-12-02 19:54 - 00000000 ____D () C:\Program Files\Avira
2014-12-02 19:46 - 2014-12-02 19:46 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-02 19:39 - 2014-12-02 19:39 - 00000067 _____ () C:\Users\Martina Maecker\Desktop\iminient.txt
2014-12-02 19:25 - 2014-12-02 19:26 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Local\AviraResume
2014-12-02 19:08 - 2014-12-02 19:12 - 169402768 _____ () C:\Users\Martina Maecker\Downloads\avira_antivirus_pro_de.exe
2014-12-02 18:02 - 2014-12-11 07:15 - 00150366 _____ () C:\Windows\setupact.log
2014-12-02 18:02 - 2014-12-02 18:02 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 18:01 - 2014-12-09 16:55 - 01009760 _____ () C:\Windows\PFRO.log
2014-12-02 17:24 - 2014-12-02 17:24 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\Martina Maecker\Downloads\avira_de_av_5686711189__ws.exe
2014-12-02 16:28 - 2014-12-02 16:28 - 00000000 __SHD () C:\Users\Martina Maecker\AppData\Local\EmieBrowserModeList
2014-11-29 18:30 - 2012-05-05 07:38 - 00221096 ____N () C:\Windows\hpoins43.dat.temp
2014-11-29 18:27 - 2014-11-29 18:27 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Martina Maecker\Downloads\avira_en_avpro_33469606_fblfanq8pg3yw81e0atd_wd.exe
2014-11-29 18:23 - 2014-11-29 18:26 - 156964432 _____ () C:\Users\Martina Maecker\Downloads\PS_AIO_06_C4700_USW_Full_Win_WW_140_175-4.exe
2014-11-19 19:14 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 19:14 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 19:02 - 2014-11-19 19:02 - 06126536 _____ (Tim Kosse) C:\Users\Martina Maecker\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-11-17 18:50 - 2014-11-17 18:50 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0028f54897b2.job
2014-11-11 21:46 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 21:46 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 21:46 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 21:46 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 21:46 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 21:46 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 21:46 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 21:46 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 21:46 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 21:46 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 21:46 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 21:46 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 21:46 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 21:46 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 21:46 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 21:46 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 21:46 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 21:46 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-11 18:37 - 2011-08-25 20:59 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\IBP
2014-12-11 18:31 - 2011-06-08 17:55 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-12-11 18:27 - 2009-11-27 14:42 - 00011216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-11 18:27 - 2009-11-27 14:42 - 00011216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-11 17:43 - 2014-07-31 14:59 - 00200704 ___SH () C:\Users\Martina Maecker\Desktop\Thumbs.db
2014-12-11 16:43 - 2007-10-09 15:23 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-11 16:42 - 2007-12-01 11:03 - 00000000 ____D () C:\Program Files\Google
2014-12-11 16:38 - 2009-11-27 15:16 - 01075968 _____ () C:\Windows\WindowsUpdate.log
2014-12-11 16:37 - 2012-05-04 18:32 - 00000000 ____D () C:\Users\Martina Maecker\Documents\Deutsche Post AG
2014-12-11 16:34 - 2007-12-01 11:13 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Local\Google
2014-12-11 16:34 - 2007-12-01 11:03 - 00000000 ____D () C:\ProgramData\Google
2014-12-11 16:29 - 2013-10-28 12:01 - 00000000 ___RD () C:\Users\Martina Maecker\Google Drive
2014-12-11 07:20 - 2012-08-21 18:47 - 00000000 ___RD () C:\Users\Martina Maecker\Dropbox
2014-12-11 07:20 - 2012-08-21 18:45 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Dropbox
2014-12-11 07:15 - 2012-05-13 18:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-11 03:34 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 03:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-12-11 03:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 03:17 - 2007-10-10 11:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:11 - 2013-07-19 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:04 - 2009-12-19 09:11 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 16:11 - 2012-04-03 16:00 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\Druckdaten autogrammkarten-druckerei.de
2014-12-10 06:53 - 2010-11-12 16:24 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2011
2014-12-09 16:45 - 2011-01-02 10:40 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\FileZilla
2014-12-03 06:49 - 2013-06-15 13:38 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Ofulb
2014-12-02 19:45 - 2014-05-27 05:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-02 19:44 - 2010-09-30 15:43 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-12-02 18:12 - 2009-11-27 14:42 - 01658020 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-02 17:14 - 2014-05-20 17:28 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Local\PriceMeter
2014-12-01 17:35 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-29 18:32 - 2011-05-15 11:05 - 00233373 _____ () C:\Windows\hpoins43.dat
2014-11-29 18:32 - 2011-05-15 11:05 - 00002133 _____ () C:\ProgramData\hpzinstall.log
2014-11-29 18:05 - 2009-11-27 14:43 - 00000000 ____D () C:\Users\IUSR_NMPR
2014-11-17 18:50 - 2014-10-25 10:11 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff033a6959e4b.job
2014-11-16 11:24 - 2012-08-21 18:46 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-13 18:49 - 2014-08-14 05:16 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\Druckdaten personalisierer.de
2014-11-12 03:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-12 03:31 - 2009-07-14 05:33 - 01943752 _____ () C:\Windows\system32\FNTCACHE.DAT

Some content of TEMP:
====================
C:\Users\Martina Maecker\AppData\Local\Temp\avgnt.exe
C:\Users\Martina Maecker\AppData\Local\Temp\A~NSISu_.exe
C:\Users\Martina Maecker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw3izm0.dll
C:\Users\Martina Maecker\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-10-17 21:41] - [2014-07-17 02:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870

C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-06-03 06:45

==================== End Of Log ============================

--- --- ---

charky · 11.12.2014, 19:03

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-12-2014
Ran by Martina Maecker at 2014-12-11 18:55:03
Running from C:\Users\Martina Maecker\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1&1 Upload-Manager (HKLM\...\1&1 Upload-Manager) (Version: 2.0.628 - 1&1 Internet AG)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
3D-Viewer-innoPlus (HKLM\...\{B96DB037-DBEA-4186-9081-9CBD537F82E8}) (Version: 10.00.0119 - INNOVA-engineering GmbH)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY FineReader OCR Engine für ScanWizard (HKLM\...\{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}) (Version:  - )
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen (HKLM\...\Adobe_67a7fb1e97aa14ee9ef0950eb6fd757) (Version: 1.0 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader 9.4.0 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.6.606 - Adobe Systems, Inc.)
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
AllDup 3.2.14 (HKLM\...\AllDup_is1) (Version: 3.2.14 - Michael Thummerer Software Design)
Amazonia (HKLM\...\{46390857-C554-4F37-A888-9BEEC4241CC6}_is1) (Version:  - cerasus.media GmbH)
Antivirus Pro (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AstroStar 11.0 (HKLM\...\InstallShield_{CF25B0C4-A162-49C8-94FA-FFCFC8BD59FE}) (Version: 1.00.0000 - USM)
AstroStar 11.0 (Version: 1.00.0000 - USM) Hidden
Avira (HKLM\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
AVM FRITZ!Box USB-Fernanschluss (HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\f018cf21c0452c64) (Version: 2.2.1.0 - AVM Berlin)
AVM FRITZ!fax für FRITZ!Box (HKLM\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Banner Generator 1.00 (HKLM\...\Banner Generator 1.00) (Version:  - )
BeCyBookKeeper (HKLM\...\BeCyBookKeeper) (Version: 2.43.0 - Benjamin Bentmann)
Bing Bar (HKLM\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Box Shot 3D (HKLM\...\Box Shot 3D) (Version: 3.5 - Apps For Life)
Brother MFL-Pro Suite (HKLM\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.00 - Brother Industries, Ltd.)
BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
C4700 (Version: 140.0.690.000 - Hewlett-Packard) Hidden
CamStudio (HKLM\...\CamStudio) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
COMPUTERBILD-Abzockschutz (HKLM\...\{F1BFD15D-9EEC-4072-942D-240BA0B99467}) (Version: 1.0.19 - J3S)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B6B75FB9-D1DB-491B-847D-144D9C580AA3}) (Version: 16.4.0.1280 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.4.1280 - Corel Corporation) Hidden
Corel Website Creator X6 (HKLM\...\{D1039800-B865-48DE-9800-83B69AB0F304}) (Version: 12.5 - Corel)
Corel Website Creator X6 (Version: 12.50.0000.5223 - NetObjects) Hidden
CorelDRAW Graphics Suite X4 - Capture (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - PP (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - BR (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Content (HKLM\...\_{C221B72F-C0AC-4DD7-B27E-701B1E9DE23A}) (Version: 16.0 -  Corel Corporation)
CorelDRAW Graphics Suite X6 - Content (Version: 16.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - ES (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (Version: 16.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FR (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IT (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - NL (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.7 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.4.1.1281 - Corel Corporation)
CorelDRAW Graphics Suite X6 (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
Cover Commander 3.1.3 by Insofta Development (HKLM\...\Cover Commander) (Version: 3.1.3 - Insofta Development)
Desktop Icon für Amazon (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 (de) - )
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
eCover Creator (HKLM\...\{EBB34B5E-9D29-43CB-8D96-142BBF7A8EAE}_is1) (Version:  - )
FileZilla Client 3.8.0 (HKLM\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Firelab (HKLM\...\{045E662E-452C-4A80-A8D1-22E5BCD74F94}_is1) (Version:  - Pott V. GmbH)
FoxTab Audio Converter (HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\FoxTab Audio Converter) (Version:  - ) <==== ATTENTION
Free Monitor for Google 2.5 (HKLM\...\Free Monitor for Google_is1) (Version:  - CleverStat)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Sound Recorder (HKLM\...\Free Sound Recorder) (Version:  - CoolRecordEdit Inc.)
Free YouTube Download version 3.0.815 (HKLM\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Ltd..)
Free YouTube to MP3 Converter version 3.12.27.225 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.27.225 - DVDVideoSoft Ltd.)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Drive (HKLM\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GoToMeeting 5.0.0.799 (HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\GoToMeeting) (Version: 5.0.0.799 - CitrixOnline)
GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
GSiteCrawler (HKLM\...\GSiteCrawler) (Version: v1.23 - SOFTplus Entwicklungen GmbH, CH-6340 Baar)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{68550918-63B5-4762-85CB-3C160AA4B213}) (Version: 14.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden
HyperCam 3 (HKLM\...\HyperCam 3) (Version: 3.2.1107.8 - Solveig Multimedia)
IBP 11.9.1 (HKLM\...\IBP11_is1) (Version: 11.9.1 - Axandra GmbH)
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
ICQ7.2 (HKLM\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Impact PopUp 1.0 (HKLM\...\Impact PopUp_is1) (Version:  - )
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Intel(R) PRO Network Connections 12.2.41.0 (HKLM\...\PROSetDX) (Version: 12.2.41.0 - Intel)
Intel® Viiv™ Software (HKLM\...\Intel(R) Configuration Center) (Version: 1.7.512.0 - Intel Corporation)
Internet-TV für Windows Media Center (HKLM\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
InterVideo MediaOne Gallery (HKLM\...\{34F0D55F-C386-4195-9A5B-961D3F6ACD46}) (Version:  - )
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.710 - Oracle)
Java(TM) 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kauftraffic (HKLM\...\{A98AC393-5A37-44A9-A8E4-6AD6383D3F2D}_is1) (Version:  - founder.de)
Konfigurator Eumex 400 (HKLM\...\Konfigurator Eumex 400) (Version:  - )
L&H TTS3000 Deutsch (HKLM\...\LHTTSGED) (Version:  - )
Letstrade (HKLM\...\{E0091C29-DEE8-4B24-BF65-8C35B5940D77}) (Version: 1.00.0000 - Buhl Data Service)
Lexware Abschreibungsrechner (HKLM\...\{2698CA4A-EA1E-45EB-9ADC-8B994C5EF38E}) (Version: 13.00.04.0003 - Haufe-Lexware GmbH & Co.KG)
Lexware büro easy 2014 (HKLM\...\{4ED37D3D-79B1-4562-B04D-377EBAF90064}) (Version: 27.50.04.0155 - Haufe-Lexware GmbH & Co.KG)
Lexware Elster (HKLM\...\{BE9FAE8A-01AF-4570-8E91-4C76D05556DC}) (Version: 13.14.00.0008 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (HKLM\...\{5CC0729F-FC90-4D8F-87AA-A74A18B30ECF}) (Version: 4.01.00.0077 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{32359055-5E26-4040-B99F-459C17F767D6}) (Version: 22.00.00.0035 - Haufe-Lexware GmbH & Co.KG)
Lexware Sepa Check (Version: 1.00.00.0003 - Haufe-Lexware GmbH & Co.KG) Hidden
Licensing Service (03000201) (Version: 03.00.02.15 - Protexis Inc.) Hidden
MakeDisc (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.0.2203 - CyberLink Corp.)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
MediaPortal (HKLM\...\MediaPortal) (Version: 1.2.3 - Team MediaPortal)
MediaPortal TV Server / Client (HKLM\...\MediaPortal TV Server) (Version: 1.2.3 - Team MediaPortal)
MediaShow (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version: 3.0.4325 - CyberLink Corporation)
Medion Media Center 0 (HKLM\...\{23CE4550-F67C-4114-88DF-FE923BC13E7F}) (Version: 1.0.12.0 - Medion)
MEDIONbox (HKLM\...\{27FDF949-69CE-435A-8372-339F72336AC5}) (Version: 1.09.0000.00050 - Medion)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB953297) (HKLM\...\M953297) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}) (Version: 7.10.344.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 SP1 CRT Redistributable (HKLM\...\{CC038D57-788A-4544-BF8F-179E5CF50D2F}) (Version: 1.00.0000 - Buhl Data Service GmbH)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
Mobipocket Creator 4.2 (HKLM\...\{AFE499B5-FCC4-45E6-A1A5-3C51AE0E539B}) (Version: 4.2.41 - Mobipocket.com)
Mozilla Firefox 34.0.5 (x86 de) (HKLM\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
Mp3tag v2.41 (HKLM\...\Mp3tag) (Version: v2.41 - Florian Heidenreich)
MS-Buchhalter Start 3.0 (HKLM\...\MS-Buchhalter Start) (Version: 3.0 - Michael Schroeder)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Server 5.1 (HKLM\...\{291D8FE1-ED05-4934-80CE-A5F6B7A8718D}) (Version: 5.1.38 - MySQL AB)
NaturalReaderFree (HKLM\...\{B99690D5-0BD4-403B-98D9-D0E997239454}) (Version: 1.00.0000 - Naturalsoft)
Nero 8 Essentials (HKLM\...\{53DF73B1-37F5-4B7F-86ED-FA7CC4041031}) (Version: 8.10.124 - Nero AG)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nimbuzz 2.0.1 (HKLM\...\Nimbuzz) (Version: 2.0.1 - Nimbuzz B.V.)
Nokia Connectivity Cable Driver (HKLM\...\{4216D328-0FE8-48B8-85B8-BD300E6F080F}) (Version: 7.1.36.0 - Nokia)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.59.37 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
PaperPort Image Printer (HKLM\...\{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM\...\{D4AEC53C-1720-41D9-B6D7-6A60DE62D444}) (Version: 10.50.2.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PHOTOfunSTUDIO 5.1 HD Edition (HKLM\...\{959282E3-55A9-49D8-B885-D27CF8A2FD82}) (Version: 5.01.127 - Panasonic Corporation)
PhotoNow! 1.0 (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 3.0.4310 - CyberLink Corporation)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Package Music Transfer (HKLM\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.0.01.23160 - Sony Corporation)
Play Movie (HKLM\...\{A450831D-25F6-4F42-9662-D000B25E0D82}) (Version: BD+HD 1.5.3307.0 - CyberLink Corp.)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2209a - CyberLink Corp.)
PowerDirector (Version: 6.5.2209a - CyberLink Corp.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.3.3319c.0 - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
Primo (Version: 1.00.0000 - Your Company Name) Hidden
PS_AIO_06_C4700_SW_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden
PureSync (Version: 2.7.2 - Jumping Bytes) Hidden
PureSync 2.7.2 (HKLM\...\PureSync) (Version: 2.7.2 - Jumping Bytes)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - RealNetworks)
RealSpeak Solo fur Deutsch - Steffi (HKLM\...\{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}) (Version: 4.00.0000 - ScanSoft)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
Rechnungsvorlage V3.40 V3-40  (HKLM\...\Rechnungsvorlage V3.40) (Version: V3-40 - Eugen Brisch - excelservice)
Runtime (Version: 1.00.0000 - Your Company Name) Hidden
Safari (HKLM\...\{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}) (Version: 5.34.52.7 - Apple Inc.)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
ScanSoft PaperPort 11 (HKLM\...\{B6C89654-A6A2-477C-873B-724EC1C56407}) (Version: 11.1.0000 - Nuance Communications, Inc.)
ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version:  - )
Sceneo AbsolutTV (HKLM\...\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}) (Version:  - )
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.6 - Seagate Technology)
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.10.15030 - Sony Corporation)
Sony USB Driver (HKLM\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Splashtop Software Updater (HKLM\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
Splashtop Streamer (HKLM\...\InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}) (Version: 1.6.5.3 - Splashtop Inc.)
Splashtop Streamer (Version: 1.6.5.3 - Splashtop Inc.) Hidden
STANLY Track (HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\STANLY Track) (Version:  - NLR)
Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden
TeamViewer 5 (HKLM\...\TeamViewer 5) (Version: 5.0.7478  - TeamViewer GmbH)
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
toolplugin (HKLM\...\toolplugin) (Version:  - )
TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
TrekStor i.Beat 115 (HKLM\...\{5DB4B051-33AB-45E9-BB3A-4C41784C12D7}) (Version:  - )
TuneUp Utilities 2011 (HKLM\...\TuneUp Utilities 2011) (Version: 10.0.4600.4 - TuneUp Software)
TuneUp Utilities 2011 (Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 10.0.4600.4 - TuneUp Software) Hidden
TV Enhance (HKLM\...\{E4C891D6-6844-41B8-86E8-633CACCC644F}) (Version: 1.0.4619 - CyberLink Corp.)
TVsweeper (HKLM\...\{CCC8E84E-AB61-4EC0-890D-8B553915B3AD}) (Version: 3.0.2 - Sonavis)
Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
Veetle TV (HKLM\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
Website Indexer (HKLM\...\{06005D86-3436-43E4-9014-3CC4A972D47B}) (Version: 1.7.0 - Phoenix Labs)
WebsiteBooster 2.0 (HKLM\...\{1BCA1F47-9498-46E3-895E-1C235D7AE967}_is1) (Version:  - founder.de)
Winamp (HKLM\...\Winamp) (Version: 5.531  - Nullsoft, Inc)
Winamp Remote (HKLM\...\Orb) (Version: 2.2008.0508.1530 - Orb Networks)
Winamp Toolbar for Internet Explorer (HKLM\...\Winamp Toolbar) (Version: 5.1.20.3 - AOL LLC) <==== ATTENTION
Windows 7 Games 1  (HKLM\...\Windows 7 Games) (Version: 1 - KlickMedia)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WISO Sparbuch 2009 (HKLM\...\{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}) (Version: 16.00.6228 - Buhl Data Service GmbH)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )
Xtreme Squeeze Page Pro v2.0 (HKLM\...\Xtreme Squeeze Page Pro_is1) (Version:  - )
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
Z-DBackup (HKLM\...\{F2DA54F3-F7FB-4AE8-9B33-BEA5391E4A03}) (Version: 5.6.0.8 - IMU Andreas Baumann)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{294935CE-F637-4E7C-A41B-AB255460B862}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{304CE942-6E39-40D8-943A-B913C40C9CD4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{30E72785-9BEB-4ed0-B60A-4504D0AF7AAE}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GermanyRain.gadget\AxSBHost.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{32C15893-74C0-4478-879B-FE14EB684AB4}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x86\hpqgps01.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{39C26CEE-9070-4B47-9261-6743499AFBF7}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x86\hpqgutil.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{41FCCC3A-1FA1-4949-953A-6EE61C46A4D1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{477A3783-2D4D-11D3-B244-444553540000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{4D50EBC1-F054-4110-8D92-700E630361A6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{9CC1FE07-02F9-49A6-A3F4-63AD8BAE9E49}\InprocServer32 -> C:\Users\IUSR_NMPR\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\x86\hpqgps01.dll N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{DF2FCE13-25EC-45BB-9D4C-CECD47C2430C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{E436EBB3-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{E436EBB8-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1003_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{294935CE-F637-4E7C-A41B-AB255460B862}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{304CE942-6E39-40D8-943A-B913C40C9CD4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{30E72785-9BEB-4ed0-B60A-4504D0AF7AAE}\InprocServer32 -> C:\Users\Martina Maecker\AppData\Local\Microsoft\Windows Sidebar\Gadgets\GermanyRain.gadget\AxSBHost.dll (Mark Schmidt - Microsoft)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{41FCCC3A-1FA1-4949-953A-6EE61C46A4D1}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{477A3783-2D4D-11D3-B244-444553540000}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{4D50EBC1-F054-4110-8D92-700E630361A6}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\799\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{b2b568c8-3712-4a75-b806-4b3c2fdb06d5}\localserver32 -> C:\Users\MARTIN~1\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.exe  (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{BCDE0395-E52F-467C-8E3D-C4579291692E}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{DF2FCE13-25EC-45BB-9D4C-CECD47C2430C}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{E436EBB3-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{E436EBB8-524F-11CE-9F53-0020AF0BA770}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3270019199-247663063-2118203487-1004_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> No File Path

==================== Restore Points  =========================

19-08-2014 14:19:44 Installed HP Update.
21-08-2014 13:54:27 Windows Update
22-08-2014 11:57:36 Windows Update
27-08-2014 04:52:56 Windows Update
29-08-2014 01:00:35 Windows Update
03-09-2014 04:26:14 Windows Update
06-09-2014 18:37:58 Windows Update
13-09-2014 07:24:47 Windows Update
14-09-2014 01:01:38 Windows Update
18-09-2014 16:03:17 Windows Update
22-09-2014 21:29:08 Windows Update
28-09-2014 08:39:44 Windows Update
29-09-2014 01:00:36 Windows Update
02-10-2014 01:00:41 Windows Update
05-10-2014 03:54:53 Windows Update
09-10-2014 04:45:31 Windows Update
13-10-2014 04:43:45 Windows Update
17-10-2014 20:23:35 Installed Java 7 Update 71
17-10-2014 20:39:58 Windows Update
18-10-2014 01:00:57 Windows Update
21-10-2014 19:33:57 Windows Update
28-10-2014 14:35:14 Windows Update
04-11-2014 11:21:39 Windows Update
11-11-2014 20:39:44 Windows Update
12-11-2014 02:01:37 Windows Update
16-11-2014 10:18:12 Windows Update
20-11-2014 02:00:36 Windows Update
24-11-2014 16:15:23 Windows Update
29-11-2014 17:13:25 Windows Update
02-12-2014 16:20:49 Entfernt WISO Sparbuch 2010
11-12-2014 02:01:02 Windows Update
11-12-2014 15:35:40 Deutsche Post E-Porto wird entfernt
11-12-2014 15:40:19 Removed Google Earth.
11-12-2014 15:45:42 Playway 2 wird entfernt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0138E1BC-137F-4B2B-B8CE-FCD197054450} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-11-11] (Microsoft Corporation)
Task: {2A795798-BBD1-4319-8C0A-B2125EC6FD29} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20] (Adobe Systems Incorporated)
Task: {39EB9F5F-A2AF-449A-9E50-67A78DECB494} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {40330240-963D-46AA-B667-82A7A8640E8A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4460BBE6-7711-456D-97C7-36E08B86B43E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011 => C:\Program Files\TuneUp Utilities 2011\OneClick.exe [2011-12-13] (TuneUp Software)
Task: {4EE14FBF-0D19-4ADB-9E84-0B29636F06B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {4F81F684-66F2-46FA-8183-AAA18BE35359} - System32\Tasks\ScanSoft Background Update => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {5EC51F22-53C1-486B-9066-93C1FAEAC3EE} - System32\Tasks\20100930_173100_Martina Maecker kl.Festplatte => C:\Program Files\Nero\Nero8\Nero BackItUp\BackItUp.exe [2007-09-20] (Nero AG)
Task: {7FA4D946-152C-4BED-9793-C1D9CB749002} - System32\Tasks\20101001_162100_Martina Maecker => C:\Program Files\Nero\Nero8\Nero BackItUp\BackItUp.exe [2007-09-20] (Nero AG)
Task: {86806FD7-C3B5-4DF3-9B73-2E185B726860} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Martina Maecker => C:\Program Files\Windows Calendar\WinCal.exe
Task: {8E5C49B0-779B-4EB5-8C4D-EC7450FAD75A} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-16] (Google)
Task: {CC213583-8DB7-4D9D-8EAA-557D264477CB} - System32\Tasks\{B4E1BD93-9E8A-4920-9E5C-3B349D644F36} => C:\Program Files\Adobe\Photoshop Elements 5.0\Photoshop Elements 5.0.exe
Task: {D2F5E9B8-8779-4D25-8EE4-EAB43C7373E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {E50E75F7-0C0A-4AC8-BDE1-8C33356B0952} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\20100930_173100_Martina Maecker kl.Festplatte.job => C:\Program Files\Nero\Nero8\Nero BackItUp\BackItUp.exe
Task: C:\Windows\Tasks\20101001_162100_Martina Maecker.job => C:\Program Files\Nero\Nero8\Nero BackItUp\BackItUp.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf90fb55a94f25.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff033a6959e4b.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0028f54897b2.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2011.job => C:\Program Files\TuneUp Utilities 2011\OneClick.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{CB48C0E2-D7EB-4B01-8590-6E0C49C3DFB0}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2010-10-14 09:52 - 2007-05-11 00:31 - 00921600 _____ () C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdistRes.DEU
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-02-12 10:46 - 2007-02-12 10:46 - 00208896 _____ () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
2009-11-27 15:33 - 2009-11-27 15:33 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_59bdfaae\mscorlib.dll
2009-11-27 15:33 - 2009-11-27 15:33 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_72f472a4\system.dll
2009-11-27 15:33 - 2009-11-27 15:33 - 03018752 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_ab773734\system.windows.forms.dll
2009-11-27 15:33 - 2009-11-27 15:33 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_2b4c6a45\system.xml.dll
2007-10-15 15:38 - 2007-04-13 17:14 - 00006656 _____ () c:\program files\medion\medionbox\program\structconverter.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2009-08-18 21:08 - 2009-08-18 21:08 - 06041600 _____ () C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
2009-09-28 10:00 - 2009-01-12 07:15 - 00071096 _____ () C:\Windows\system32\NMSAccess32.exe
2007-10-22 13:01 - 2007-01-09 09:25 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2013-04-14 19:04 - 2013-04-14 19:04 - 00040960 _____ () C:\Users\Martina Maecker\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
2007-10-22 12:49 - 2007-05-16 21:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll
2012-03-30 21:40 - 2012-03-30 21:40 - 00131072 _____ () C:\Program Files\Team MediaPortal\MediaPortal TV Server\Gentle.Framework.dll
2012-03-30 21:40 - 2012-03-30 21:40 - 00069632 _____ () C:\Program Files\Team MediaPortal\MediaPortal TV Server\Gentle.Common.dll
2012-03-30 21:40 - 2012-03-30 21:40 - 00024576 _____ () C:\Program Files\Team MediaPortal\MediaPortal TV Server\Gentle.Provider.MySQL.dll
2012-03-30 21:40 - 2012-03-30 21:40 - 00040960 _____ () C:\Program Files\Team MediaPortal\MediaPortal TV Server\Gentle.Provider.SQLServer.dll
2012-01-03 09:57 - 2012-01-03 09:57 - 00129024 _____ () C:\Program Files\Team MediaPortal\MediaPortal TV Server\StreamingServer.dll
2014-03-28 10:35 - 2014-03-28 10:35 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2007-12-09 22:53 - 2007-09-20 18:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2009-11-27 15:33 - 2009-11-27 15:33 - 00835584 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_a996b93c\system.drawing.dll
2013-09-26 11:20 - 2013-09-26 11:20 - 00176168 _____ () C:\Program Files\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2013-09-26 11:20 - 2013-09-26 11:20 - 00043048 _____ () C:\Program Files\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
2007-12-22 15:46 - 2007-01-12 13:40 - 00339968 _____ () C:\Program Files\ScanWizard 5\ScannerFinder.exe
2007-12-22 15:46 - 2007-01-05 14:05 - 00249856 _____ () C:\Program Files\ScanWizard 5\SFRes.dll
2014-12-11 07:19 - 2014-12-11 07:19 - 00043008 _____ () c:\Users\Martina Maecker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpw3izm0.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\libcef.dll
2011-01-17 15:19 - 2011-08-18 21:46 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2014-12-11 07:18 - 2014-12-11 07:18 - 00098816 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32api.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00110080 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\pywintypes27.dll
2014-12-11 07:18 - 2014-12-11 07:18 - 00364544 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\pythoncom27.dll
2014-12-11 07:18 - 2014-12-11 07:18 - 00045568 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\_socket.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 01160704 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\_ssl.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00320512 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32com.shell.shell.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00713216 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\_hashlib.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 01175040 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\wx._core_.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00805888 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\wx._gdi_.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00811008 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\wx._windows_.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 01062400 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\wx._controls_.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00735232 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\wx._misc_.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00128512 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\_elementtree.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00127488 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\pyexpat.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00557056 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\pysqlite2._sqlite.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00087552 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\_ctypes.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00119808 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32file.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00108544 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32security.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00007168 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\hashobjs_ext.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00167936 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32gui.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00018432 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32event.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00038912 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32inet.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00011264 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32crypt.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00070656 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\wx._html2.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00027136 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\_multiprocessing.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00035840 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32process.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00686080 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\unicodedata.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00122368 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\wx._wizard.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00024064 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32pipe.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00025600 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32pdh.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00525640 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\windows._lib_cacheinvalidation.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00010240 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\select.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00017408 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32profile.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00022528 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\win32ts.pyd
2014-12-11 07:18 - 2014-12-11 07:18 - 00078336 _____ () C:\Users\Martina Maecker\AppData\Local\Temp\_MEI51162\wx._animate.pyd
2014-06-11 17:04 - 2014-06-11 17:04 - 03022960 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll
2014-06-11 17:04 - 2014-06-11 17:04 - 00158832 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-11 17:04 - 2014-06-11 17:04 - 00023152 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
2010-09-22 21:12 - 2010-09-22 21:12 - 00016832 _____ () C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll
2013-01-17 12:32 - 2013-01-17 12:32 - 01433600 _____ () C:\Program Files\Lexware\bueroeasy\PrintEng.dll
2014-12-09 18:36 - 2014-12-09 18:36 - 03758192 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-10-19 09:44 - 2014-10-19 09:44 - 16832176 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Sparbuch heute.lnk.CommonStartup

========================= Accounts: ==========================

Administrator (S-1-5-21-3270019199-247663063-2118203487-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3270019199-247663063-2118203487-1001 - Limited - Enabled)
Gast (S-1-5-21-3270019199-247663063-2118203487-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3270019199-247663063-2118203487-1006 - Limited - Enabled)
IUSR_NMPR (S-1-5-21-3270019199-247663063-2118203487-1003 - Limited - Enabled) => C:\Users\IUSR_NMPR
Martina Maecker (S-1-5-21-3270019199-247663063-2118203487-1004 - Administrator - Enabled) => C:\Users\Martina Maecker

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/11/2014 06:31:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 1.2.24.1227, Zeitstempel: 0x52bd8022
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x73616c63
ID des fehlerhaften Prozesses: 0x160
Startzeit der fehlerhaften Anwendung: 0xUninstall.exe_unknown0
Pfad der fehlerhaften Anwendung: Uninstall.exe_unknown1
Pfad des fehlerhaften Moduls: Uninstall.exe_unknown2
Berichtskennung: Uninstall.exe_unknown3

Error: (12/11/2014 04:39:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 1.2.24.1227, Zeitstempel: 0x52bd8022
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x73616c63
ID des fehlerhaften Prozesses: 0x910
Startzeit der fehlerhaften Anwendung: 0xUninstall.exe_unknown0
Pfad der fehlerhaften Anwendung: Uninstall.exe_unknown1
Pfad des fehlerhaften Moduls: Uninstall.exe_unknown2
Berichtskennung: Uninstall.exe_unknown3

Error: (12/11/2014 04:25:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25595193

Error: (12/11/2014 04:25:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25595193

Error: (12/11/2014 04:25:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/11/2014 09:16:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe, Version: 10.0.4600.4, Zeitstempel: 0x4ee70d79
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18532, Zeitstempel: 0x53c334f3
Ausnahmecode: 0xc0020043
Fehleroffset: 0x00062539
ID des fehlerhaften Prozesses: 0xab0
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService32.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesService32.exe2
Berichtskennung: TuneUpUtilitiesService32.exe3

Error: (12/10/2014 11:08:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesApp32.exe, Version: 10.0.4600.4, Zeitstempel: 0x4ee70d99
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xf38
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesApp32.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesApp32.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesApp32.exe2
Berichtskennung: TuneUpUtilitiesApp32.exe3

Error: (12/10/2014 11:08:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe, Version: 10.0.4600.4, Zeitstempel: 0x4ee70d79
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18532, Zeitstempel: 0x53c334f3
Ausnahmecode: 0xc0020043
Fehleroffset: 0x00062539
ID des fehlerhaften Prozesses: 0x2f48
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService32.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesService32.exe2
Berichtskennung: TuneUpUtilitiesService32.exe3

Error: (12/10/2014 11:08:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe, Version: 10.0.4600.4, Zeitstempel: 0x4ee70d79
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18532, Zeitstempel: 0x53c334f3
Ausnahmecode: 0xc0020043
Fehleroffset: 0x00062539
ID des fehlerhaften Prozesses: 0x1c0c
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService32.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesService32.exe2
Berichtskennung: TuneUpUtilitiesService32.exe3

Error: (12/10/2014 10:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe, Version: 10.0.4600.4, Zeitstempel: 0x4ee70d79
Name des fehlerhaften Moduls: RPCRT4.dll, Version: 6.1.7601.18532, Zeitstempel: 0x53c334f3
Ausnahmecode: 0xc0020043
Fehleroffset: 0x00062539
ID des fehlerhaften Prozesses: 0x4e4
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService32.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService32.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesService32.exe2
Berichtskennung: TuneUpUtilitiesService32.exe3


System errors:
=============
Error: (12/11/2014 09:16:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/11/2014 07:19:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (12/11/2014 07:17:09 AM) (Source: DCOM) (EventID: 10016) (User: WUNSCHERFUELLER)
Description: AnwendungsspezifischLokalAktivierung{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}WUNSCHERFUELLERIUSR_NMPRS-1-5-21-3270019199-247663063-2118203487-1003LocalHost (unter Verwendung von LRPC)

Error: (12/11/2014 07:16:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Intel(R) Remoting Service" ist vom Dienst "Intel(R) Application Tracker" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-1951547665

Error: (12/11/2014 07:16:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Intel(R) Viiv(TM) Media Server" ist vom Dienst "Intel(R) Software Services Manager" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-1951547665

Error: (12/11/2014 07:16:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) Application Tracker" wurde mit folgendem Fehler beendet: 
%%-1951547665

Error: (12/11/2014 07:16:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) Software Services Manager" wurde mit folgendem Fehler beendet: 
%%-1951547665

Error: (12/10/2014 11:08:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist bereits 6 Mal passiert.

Error: (12/10/2014 11:08:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist bereits 5 Mal passiert.

Error: (12/10/2014 10:07:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TuneUp Utilities Service" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (08/16/2013 06:26:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 391685 seconds with 480 seconds of active time.  This session ended with a crash.

Error: (08/12/2013 05:38:00 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 853409 seconds with 2340 seconds of active time.  This session ended with a crash.

Error: (03/14/2013 07:13:46 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 778558 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (02/27/2013 05:24:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 914525 seconds with 1080 seconds of active time.  This session ended with a crash.

Error: (02/25/2013 07:18:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 189365 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/17/2013 03:17:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 84337 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/06/2013 06:49:39 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 171212 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (11/28/2012 08:03:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 219290 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (11/08/2012 07:31:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3872 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (11/08/2012 06:24:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 276 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 77%
Total physical RAM: 3070.18 MB
Available physical RAM: 705.81 MB
Total Pagefile: 6138.64 MB
Available Pagefile: 2352.14 MB
Total Virtual: 2047.88 MB
Available Virtual: 1896.34 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:576.17 GB) (Free:226.98 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:0.03 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=576.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

==================== End Of Log ============================

Danke für die Hilfe

schrauber · 12.12.2014, 17:09

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

FoxTab Audio Converter

Winamp Toolbar for Internet Explorer (HKLM\...\Winamp Toolbar) (Version: 5.1.20.3 - AOL LLC) <==== ATTENTION
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

charky · 12.12.2014, 18:42

Code:

ATTFilter

ComboFix 14-12-10.03 - XXXXXXX 12.12.2014  17:55:29.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3070.806 [GMT 1:00]
ausgeführt von:: C:\Users\XXXXXXX\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Enabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Das Problem besteht leider noch immer ....

schrauber · 13.12.2014, 15:38

Ist das das komplette Log? Das ist ja leer. Wir sind ja auch noch lange nicht fertig.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

charky · 13.12.2014, 16:50

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 13.12.2014
Suchlauf-Zeit: 15:48:05
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.13.04
Rootkit Datenbank: v2014.12.08.03
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Martina Maecker

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 396655
Verstrichene Zeit: 33 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 7
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [c7918bd7403c1e18b25863a50bf8e61a], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [6cecc39f7804350195768e7a46bd629e], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, In Quarantäne, [ca8ef270097396a05839b3de659e24dc], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [a4b43e24d2aa93a3355d830edb28ea16], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, In Quarantäne, [b8a05c0686f644f2e610fe5114ef25db], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [f3655a08156769cd564c315ff70c3cc4], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [66f264fe1b61162012b06343679d1be5], 

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0R2Y1I1P1N0J1U1C, In Quarantäne, [66f264fe1b61162012b06343679d1be5]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 33
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\images, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\lib, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\Webmail, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\Webmail, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\default, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\default\de, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\default\Webmail, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\default\Webmail\Webmail, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\advertising, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\off, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\on, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\ql, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\games, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu_page, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\_locales, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\_locales\en, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\_locales\fr, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.PriceMeter.A, C:\Users\Martina Maecker\AppData\Local\PriceMeter, In Quarantäne, [3226164c700c3006a193b36fab5859a7], 
PUP.Optional.Babylon.A, C:\Users\Martina Maecker\AppData\LocalLow\BabylonToolbar, In Quarantäne, [0157e979601cfb3b7693c26baf542ed2], 
PUP.Optional.Babylon.A, C:\Users\Martina Maecker\AppData\LocalLow\BabylonToolbar\BabylonToolbar, In Quarantäne, [0157e979601cfb3b7693c26baf542ed2], 

Dateien: 426
PUP.OfferBundler.ST, C:\Users\Martina Maecker\Downloads\SoftonicDownloader_fuer_hypercam(1).exe, In Quarantäne, [afa994ce59236cca36e106a225db6d93], 
PUP.OfferBundler.ST, C:\Users\Martina Maecker\Downloads\SoftonicDownloader_fuer_hypercam.exe, In Quarantäne, [d48464fed3a9f0467e9920888e72a060], 
PUP.Optional.Softonic.A, C:\Users\Martina Maecker\Downloads\SoftonicDownloader_fuer_mws-reader.exe, In Quarantäne, [7ddb9fc3a4d85cda8fb8ca735aa7e21e], 
PUP.Optional.BabylonToolBar.A, C:\Users\Martina Maecker\AppData\Local\Babylon\Setup\MyBabylonTB.exe, In Quarantäne, [ea6e4f137c0062d43689e84c9b66bd43], 
PUP.Optional.Iminent.A, C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\extensions\firefoxmini@go.im.xpi, In Quarantäne, [3523a9b987f5979f53b1154e798a42be], 
PUP.Optional.Iminent.A, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, In Quarantäne, [8ace5a08463651e53463e5950af90000], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\manifest.json, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\images\icon_19.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\images\logo128.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\images\logo16.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\images\logo48.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\background.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\contentScript.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\SOAP.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\lib\base64.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\lib\jquery.min.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\config.xml, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\minibar.min.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\template.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\01net.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\amazon.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\antronio.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\ask.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\autoscout.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\avmagazine.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\banners-test.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\basecamphq.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\blog.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\blogger.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\bomnegocio.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\ciao.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\conduit.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\dailymotion.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\dailymotion.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\diretta.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\drivingitalia.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\ebay.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\ebayit.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\ehow.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\everyeye.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\facebook.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\facebook.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\flickr.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\forum.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\forumVB.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\foxsports.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\france_hardware.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\friv.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\funutilities.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\gamekult.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\gamesvillage.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\globo.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\google-map.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\google-map.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\guiadohardware.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\gumtree.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\hardware.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\hi5.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\ilmeteo.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\imdb.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\imdb.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\inbox.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\indeed.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\infos_du_net.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\jappy.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\leboncoin.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\libero.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\linkedin.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\lokalisten.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\macitynet.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\marca.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\meebo.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\meteonetwork.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\milanuncios.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\movie2k.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\mundoanuncio.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\myspace.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\myspace.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\netlog.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\nexopia.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\nexopia.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\nirvam.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\ohmydollz.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\orkut.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\orkut.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\pagesjaunes.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\photobucket.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\pinterest.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\pof.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\poptropica.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\prodigy_msn.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\roblox.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\schueler.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\segundamano.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\shopping.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\skype.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\skyrock.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\subito.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\t-online.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\craigslist.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\hi5.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\meebo.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\t-online.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\tagged.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\taringa.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\taringa.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\terra.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\tibiabr.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\tiscali.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\tripadvisor.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\twitter.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\twitter.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\ultrasurf.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\uol.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\v9.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\virgilio.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\voila.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\walmart.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\weather.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\web.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\wordpress.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\wp-admin.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\xvideos.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\yahoo.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\yahoo.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\yammer.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\yellowpages.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\yelp.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\youtube.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\youtube.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de\lokalisten.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de\lokalisten.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de\schueler.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de\schueler.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de\stayfriends.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de\stayfriends.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de\studivz.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de\studivz.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de\wer-kennt-wen.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\de\wer-kennt-wen.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\Webmail\aol.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\Webmail\aol.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\Webmail\gmail.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\Webmail\gmail.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\Webmail\hotmail.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\Webmail\hotmail.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\Webmail\orange.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\1\Webmail\outlook.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\01net.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\amazon.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\antronio.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\ask.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\autoscout.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\avmagazine.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\banners-test.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\basecamphq.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\blog.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\blogger.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\bomnegocio.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\ciao.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\conduit.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\dailymotion.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\dailymotion.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\diretta.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\drivingitalia.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\ebay.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\ebayit.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\ehow.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\everyeye.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\facebook.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\facebook.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\flickr.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\forum.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\forumVB.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\foxsports.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\france_hardware.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\friv.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\funutilities.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\gamekult.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\gamesvillage.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\globo.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\google-map.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\google-map.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\guiadohardware.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\gumtree.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\hardware.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\hi5.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\ilmeteo.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\imdb.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\imdb.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\inbox.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\indeed.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\infos_du_net.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\jappy.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\leboncoin.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\libero.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\linkedin.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\lokalisten.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\macitynet.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\marca.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\meebo.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\meteonetwork.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\milanuncios.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\movie2k.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\mundoanuncio.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\myspace.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\myspace.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\netlog.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\nexopia.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\nexopia.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\nirvam.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\ohmydollz.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\orkut.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\orkut.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\pagesjaunes.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\photobucket.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\pinterest.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\pof.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\poptropica.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\prodigy_msn.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\roblox.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\schueler.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\segundamano.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\shopping.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\skype.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\skyrock.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\subito.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\t-online.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\craigslist.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\hi5.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\meebo.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\t-online.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\tagged.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\taringa.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\taringa.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\terra.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\tibiabr.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\tiscali.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\tripadvisor.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\twitter.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\twitter.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\ultrasurf.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\uol.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\v9.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\virgilio.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\voila.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\walmart.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\weather.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\web.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\wordpress.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\wp-admin.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\xvideos.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\yahoo.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\yahoo.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\yammer.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\yellowpages.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\yelp.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\youtube.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\youtube.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de\lokalisten.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de\lokalisten.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de\schueler.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de\schueler.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de\stayfriends.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de\stayfriends.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de\studivz.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de\studivz.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de\wer-kennt-wen.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\de\wer-kennt-wen.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\Webmail\aol.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\Webmail\aol.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\Webmail\gmail.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\Webmail\gmail.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\Webmail\hotmail.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\Webmail\hotmail.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\Webmail\orange.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\adapters\28\Webmail\outlook.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\advertising\AdFrame.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\advertising\adsmanagement.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\advertising\rmx.js, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\led_background.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\off\blink.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\off\flip.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\off\led.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\off\rainbow.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\off\typed.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\off\wave.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\on\blink.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\on\flip.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\on\led.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\on\rainbow.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\on\typed.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\fx2\on\wave.gif, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\fbimageview.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\arrow.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\ArrowExpandBar.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\BkgExpandBar.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\btnPinterest.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\close.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\default_icon.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\default_icon_states.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\Expand-26x24.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\fbcoverimage.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\fbimagenotheater.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\FB_Share.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\FB_Share_Tiny.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\gifts.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\googleimagesbutton.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\googleimagesbuttonNEW.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\help.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\home.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\imbwin1.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\imbwin1_409daae67f73f4fb84c27d6d70463f2b.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\imbwin_bg.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\imbwin_hf.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\imbwin_vf.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\iminentbutton.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\iminentbutton_bg.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\InviteFriends.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\LeftExpandBar.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\leftTooltip.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\Line.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\Line2.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\logo48.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\mailfooter.jpg, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\Minibar_buttons.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\new.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\notification.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\ql_popup3.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\RightExpandBar.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\rightTooltip.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\s10.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\search.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\separator.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\social_games.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\TellAFriendBackground.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\toolbarbutton_bg.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\toolbar_bg.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\tooltipArrow.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\ui-check-box-checked.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\ui-check-box.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F90B0.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9299.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\E29ABD.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\E29BB5.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F8C99.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F8C9F.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F8CB9.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F8D80.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F8DBB.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F8E81.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F8E89.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F8EB1.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F8EB6.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F8EB8.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F908D.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F90A7.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F90AC.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F90AE.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F90AF.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F90B1.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F90B4.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F90B6.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F90B7.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F90B9.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F918C.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F918D.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F918E.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F91BD.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9280.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9284.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F928B.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F928D.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F928F.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9293.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9294.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9297.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F929B.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F929C.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F929D.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F92A4.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F92A9.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F92AA.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F93B1.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F94A5.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9881.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9882.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9884.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9889.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F988A.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F988C.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F988D.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9892.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9893.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9894.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9896.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9898.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F989A.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F989C.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F98A1.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F98AD.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F98B2.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F98B3.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9A97.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\emoji\F09F9ABD.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\ql\add-icon.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\ql\close-icon.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\content\images\ql\logo.png, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\games\gameiframe1.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\games\gameiframe2.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\games\gameiframe3.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\games\gameiframe4.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\games\games.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\games\games.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu_page\1031.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu_page\1033.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu_page\1036.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu_page\1040.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu_page\1048.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu_page\1055.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu_page\2070.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu_page\3082.html, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\scripts\minibar\menu_page\ShareMenu.css, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\_locales\en\messages.json, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 
PUP.Optional.Conduit, C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.15.4.1_0\_locales\fr\messages.json, In Quarantäne, [a6b2d58de993f442e055a875d42ff60a], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

charky · 13.12.2014, 17:19

Code:

ATTFilter

# AdwCleaner v4.105 - Bericht erstellt am 13/12/2014 um 16:56:22
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-13.4 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Martina Maecker - WUNSCHERFUELLER
# Gestartet von : C:\Users\Martina Maecker\Downloads\AdwCleaner_4.105.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : SearchAnonymizer
Dienst Gelöscht : NMSAccess

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Program Files\ICQ6Toolbar
Ordner Gelöscht : C:\Users\Martina Maecker\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Martina Maecker\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\Martina Maecker\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Martina Maecker\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Martina Maecker\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Martina Maecker\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\Martina Maecker\AppData\Roaming\Toolplugin
Ordner Gelöscht : C:\Users\Martina Maecker\Documents\Updater
Datei Gelöscht : C:\Windows\system32\NMSAccess32.exe
Datei Gelöscht : C:\Program Files\Mozilla Firefox\Components\AskSearch.js
Datei Gelöscht : C:\Program Files\Mozilla Firefox\browser\searchplugins\SearchTheWeb.xml

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Ocs_SM]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFEFCDEE-CF1A-4FC8-89AF-189327213627}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\Zugo
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\toolplugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 de)

[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"14a0bda09a07a-00d55068c80011-7f6d1435-0-14a0bda09a126c\"");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_expires_at", "1418747728");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"150b0ac34e164c321cea24cfdae178d9c88b746c\"");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_userid", "5686734431");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.SAUTH_utoken", "\"3012d5ffc73160ac7cbf173bca11d65d5bae98fd\"");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.install", "1417538046374");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("extensions.safesearch.search_offer_disabled", "true");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.LayoutId", "1");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.ShowThankyouPixel", "0");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":3}");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.adapters", "{\"iminent\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"expireTime\":\"13900327722421814400\"},\"google\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":[...]
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.displayFavLinks", "1");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"urlhxxps\[...]
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.externalScripts.iRobinHood.IROBPKG", "{\"pkgid\":\"wrPCt8KwwrTCuMK4wrXCs8Kx\",\"raw_pkgid\":\"261599420\"}");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.externalScripts.iRobinHood.irobsettings2", "[{\"ALERT_MESSAGES\":1,\"Analytics_code\":\"\",\"APPROVE_STRIP_COLOR\":\"4BBA42    \",\"CHARITY_URL\":\"hxxp://iminent.donation-tools.org[...]
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.externalScripts.iRobinHood.menuURL", "hxxp://iminent.donation-tools.org/home.aspx?pkgId=wrPCt8KwwrTCuMK4wrXCs8Kx");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1418405805266");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent109", "1413577630068");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent111", "1413577629855");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent112", "1413577633291");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent122", "1413577630138");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent140", "1414945016100");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts12", "1416930025088");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts13", "1416931508546");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts14", "1416930448020");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts15", "1416502425398");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts16", "1416502515062");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts2", "1416502312440");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts20", "1418226886646");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts3", "1416502313461");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts5", "1416502313601");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts6", "1416502360976");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts7", "1416502313766");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts8", "1416502313915");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackExternalScripts9", "1416930472549");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.version", "8.45.2.1");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.45.2.1\",\"InstallEventCTime\":1417537458073,\"InstallEvent\":\"True\"}");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1375971929149");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.SOFTONICREFRESHRATE", "140000");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
[akx2lygd.default\prefs.js] - Zeile gelöscht : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1375958817408");

-\\ Google Chrome v

[C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
[C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
[C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://slirsredirect.search.aol.com/slirs_hxxp/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
[C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=WC
[C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://mystart.incredimail.com/?loc=GC_Default_Search&search={searchTerms}

*************************

AdwCleaner[R0].txt - [20269 octets] - [13/12/2014 16:54:10]
AdwCleaner[S0].txt - [20702 octets] - [13/12/2014 16:56:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20763 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x86
Ran by Martina Maecker on 13.12.2014 at 17:11:05,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3270019199-247663063-2118203487-1004\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Martina Maecker\AppData\Roaming\getrighttogo"



~~~ FireFox

Successfully deleted: [File] C:\Users\Martina Maecker\AppData\Roaming\mozilla\firefox\profiles\akx2lygd.default\searchplugins\avira-safesearch.xml
Successfully deleted: [Folder] C:\Users\Martina Maecker\AppData\Roaming\mozilla\firefox\profiles\akx2lygd.default\extensions\safesearch@avira.com
Successfully deleted the following from C:\Users\Martina Maecker\AppData\Roaming\mozilla\firefox\profiles\akx2lygd.default\prefs.js

user_pref("avira.safe_search.search_was_active", "false");
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-
user_pref("extensions.bootstrappedAddons", "{\"safesearch@avira.com\":{\"version\":\"1.1.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Martina Maecker\\\\AppData\
user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"14a446570251ac-0cc5b86e0da365-7f6a1335-0-14a4465702629b\"");
user_pref("extensions.safesearch.SAUTH_expires_at", "1419091510");
user_pref("extensions.safesearch.SAUTH_rndsnr", "\"e576a7f9008114e16ba969a9a6d135432e4ada39\"");
user_pref("extensions.safesearch.SAUTH_userid", "5710640102");
user_pref("extensions.safesearch.SAUTH_utoken", "\"34302b7fc6bd2e452f754e503329cd3e187766a4\"");
user_pref("extensions.safesearch.install", "1418486707308");
Emptied folder: C:\Users\Martina Maecker\AppData\Roaming\mozilla\firefox\profiles\akx2lygd.default\minidumps [26 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.12.2014 at 17:14:42,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2014
Ran by Martina Maecker (administrator) on WUNSCHERFUELLER on 13-12-2014 17:17:31
Running from C:\Users\Martina Maecker\Desktop
Loaded Profiles: IUSR_NMPR & Martina Maecker (Available profiles: IUSR_NMPR & Martina Maecker)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
(Team MediaPortal) C:\Program Files\Team MediaPortal\MediaPortal TV Server\TvService.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(ODSoft multimedia) C:\Program Files\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\GnabTray.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Panasonic Corporation) C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
() C:\Program Files\ScanWizard 5\ScannerFinder.exe
(Dropbox, Inc.) C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-08-17] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-08-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2007-12-01] (Google)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-08] (Intel Corporation)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46632 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [30248 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe [797696 2007-08-07] (ODSoft multimedia)
HKLM\...\Run: [TVEService] => C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [155648 2007-10-19] (CyberLink Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1468256 2009-11-11] (Microsoft Corporation)
HKLM\...\Run: [GnabTray] => C:\Program Files\Common Files\Gnab\Service\GnabTray.exe [327680 2007-04-13] (Empolis GmbH)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [623992 2008-10-14] (Adobe Systems Inc.)
HKLM\...\Run: [Adobe_ID0EYTHM] => C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-17] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\...\RunOnce: [DPAPIKeyMig] => C:\Windows\system32\dpapimig.exe [72192 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [IBP] => [X]
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [AdobeUpdater] => C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2356088 2010-10-07] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 5.1 HD Edition.lnk
ShortcutTarget: PHOTOfunSTUDIO 5.1 HD Edition.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Finder.lnk
ShortcutTarget: Scanner Finder.lnk -> C:\Program Files\ScanWizard 5\ScannerFinder.exe ()
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Medien-Prüfung.lnk
ShortcutTarget: PMB Medien-Prüfung.lnk -> D:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3270019199-247663063-2118203487-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKU\.DEFAULT -> No Name - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default
FF SelectedSearchEngine: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @innoplus.de/ino3DViewer -> C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/VirtualEarth3D,version=3.0 -> C:\Program Files\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=6.0.11.2768 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2826 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1578 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: FoxyDeal - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-04-14]
FF Extension: Avira Browser Safety - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\Extensions\abs@avira.com [2014-12-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-28]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-15]
FF HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [806704 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] () [File not signed]
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-09-30] (Macrovision Europe Ltd.) [File not signed]
R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH) [File not signed]
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2007-12-01] (Google) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{3FC42713-B6E7-49AA-A553-A224FE9828A8}\Installer\InstallerService.exe [119296 2011-04-30] () [File not signed]
S2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)
S2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [6041600 2009-08-18] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)
S2 PEVSystemStart; C:\ComboFix\CregB.dat [2446 2014-12-12] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)
S2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
R2 SplashtopRemoteService; C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe [520040 2011-10-24] (Splashtop Inc.)
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH) [File not signed]
R2 SSUService; C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe [609056 2013-08-07] (Splashtop Inc.)
S4 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] () [File not signed]
S4 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] () [File not signed]
R2 TVService; C:\Program Files\Team MediaPortal\MediaPortal TV Server\TVService.exe [212992 2012-04-10] (Team MediaPortal) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [101248 2011-12-29] (AVM Berlin)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64512 2007-08-15] (AVM GmbH)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37384 2014-10-22] (Avira Operations GmbH & Co. KG)
S3 CYUSB3; C:\Windows\System32\Drivers\CYUSB3.sys [54008 2014-03-21] (Cypress Semiconductor)
S3 fxusbase; C:\Windows\System32\DRIVERS\fxusbase.sys [567936 2007-08-15] (AVM Berlin)
R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [16024 2006-11-22] (InterVideo, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-12-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-11-11] (Microsoft Corporation)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-10-22] (Avira GmbH)
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [144896 2010-11-12] (1&1 Internet AG) [File not signed]
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\HomeCinema\PlayMovie\000.fcl [41456 2007-10-11] (Cyberlink Corp.)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\HomeCinema\PowerDVD\000.fcl [41456 2007-10-09] (Cyberlink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\MARTIN~1\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 17:17 - 2014-12-13 17:17 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\FRST-OlderVersion
2014-12-13 17:14 - 2014-12-13 17:14 - 00002943 _____ () C:\Users\Martina Maecker\Desktop\JRT.txt
2014-12-13 17:10 - 2014-12-13 17:10 - 00000000 ____D () C:\Windows\ERUNT
2014-12-13 17:08 - 2014-12-13 17:08 - 01707646 _____ (Thisisu) C:\Users\Martina Maecker\Downloads\JRT.exe
2014-12-13 16:54 - 2014-12-13 16:56 - 00000000 ____D () C:\AdwCleaner
2014-12-13 16:52 - 2014-12-13 16:52 - 02166272 _____ () C:\Users\Martina Maecker\Downloads\AdwCleaner_4.105.exe
2014-12-13 16:49 - 2014-12-13 16:49 - 00113071 _____ () C:\Users\Martina Maecker\Desktop\mbam.txt
2014-12-13 15:58 - 2014-12-13 16:01 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\pbtheme
2014-12-13 15:47 - 2014-12-13 17:04 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-13 15:46 - 2014-12-13 15:46 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-13 15:46 - 2014-12-13 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-13 15:46 - 2014-12-13 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-13 15:46 - 2014-12-13 15:46 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-12-13 15:46 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-13 15:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-13 15:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-13 15:44 - 2014-12-13 15:45 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Martina Maecker\Desktop\mbam-setup-2.0.4.1028.exe
2014-12-13 15:24 - 2014-12-13 15:24 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\all-in-one-seo-pack
2014-12-13 15:22 - 2014-12-13 15:24 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\profit_builder
2014-12-12 18:19 - 2014-12-12 18:19 - 474659900 _____ () C:\Windows\MEMORY.DMP
2014-12-12 18:19 - 2014-12-12 18:19 - 00888560 _____ () C:\Windows\Minidump\121214-23883-01.dmp
2014-12-12 17:53 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-12 17:53 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-12 17:53 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-12 17:53 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-12 17:53 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-12 17:53 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-12 17:53 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-12 17:53 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-12 17:52 - 2014-12-12 18:08 - 00000000 ___SD () C:\ComboFix
2014-12-12 17:50 - 2014-12-12 17:52 - 00000000 ____D () C:\Qoobox
2014-12-12 17:49 - 2014-12-12 18:08 - 00000000 ____D () C:\Windows\erdnt
2014-12-12 17:47 - 2014-12-12 17:48 - 05600944 ____R (Swearware) C:\Users\Martina Maecker\Desktop\ComboFix.exe
2014-12-12 17:28 - 2014-12-12 17:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Martina Maecker\Downloads\revosetup95.exe
2014-12-12 17:28 - 2014-12-12 17:28 - 00001226 _____ () C:\Users\Martina Maecker\Desktop\Revo Uninstaller.lnk
2014-12-12 17:28 - 2014-12-12 17:28 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-12-12 17:22 - 2014-12-12 17:22 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-11 18:55 - 2014-12-11 18:57 - 00070812 _____ () C:\Users\Martina Maecker\Desktop\Addition.txt
2014-12-11 18:53 - 2014-12-13 17:17 - 00032872 _____ () C:\Users\Martina Maecker\Desktop\FRST.txt
2014-12-11 18:53 - 2014-12-13 17:17 - 00000000 ____D () C:\FRST
2014-12-11 18:52 - 2014-12-13 17:17 - 01111552 _____ (Farbar) C:\Users\Martina Maecker\Desktop\FRST.exe
2014-12-11 07:13 - 2014-12-11 07:13 - 00003544 ____N () C:\bootsqm.dat
2014-12-11 03:34 - 2014-12-11 03:34 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:15 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:15 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 03:15 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 03:15 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 03:15 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 02:39 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 02:39 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 02:39 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 02:39 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 02:39 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 02:39 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 02:39 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 02:39 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 02:39 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 02:39 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 02:39 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 02:39 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 02:39 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 02:39 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 02:39 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 02:39 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 02:39 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 02:39 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 02:39 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 02:39 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 02:39 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 02:39 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 02:39 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 02:39 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 02:39 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 02:39 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 02:38 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 02:38 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 02:38 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 02:38 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 02:38 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 02:38 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 02:38 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 02:38 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 02:38 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 02:38 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 02:38 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 02:38 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 12:26 - 2014-12-10 12:26 - 00000294 ____N () C:\Users\Martina Maecker\Desktop\141821076472529.txt
2014-12-10 06:54 - 2011-12-13 09:29 - 00029504 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-12-10 06:54 - 2011-12-13 09:29 - 00021312 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-12-09 18:36 - 2014-12-09 18:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-05 18:50 - 2014-12-05 18:50 - 00000512 _____ () C:\Users\Martina Maecker\Desktop\HBEDV.key
2014-12-04 17:24 - 2014-12-04 17:24 - 00114670 ____H () C:\Users\Martina Maecker\Downloads\~WRL0006.tmp
2014-12-02 19:56 - 2014-12-02 19:56 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Avira
2014-12-02 19:54 - 2014-10-22 16:33 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-12-02 19:46 - 2014-12-12 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-02 19:46 - 2014-12-12 17:22 - 00000000 ____D () C:\Program Files\Avira
2014-12-02 19:46 - 2014-12-02 19:54 - 00000000 ____D () C:\ProgramData\Avira
2014-12-02 19:39 - 2014-12-02 19:39 - 00000067 _____ () C:\Users\Martina Maecker\Desktop\iminient.txt
2014-12-02 19:25 - 2014-12-02 19:26 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Local\AviraResume
2014-12-02 19:08 - 2014-12-02 19:12 - 169402768 _____ () C:\Users\Martina Maecker\Downloads\avira_antivirus_pro_de.exe
2014-12-02 18:02 - 2014-12-13 16:58 - 00250610 _____ () C:\Windows\setupact.log
2014-12-02 18:02 - 2014-12-02 18:02 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 18:01 - 2014-12-13 16:58 - 01227430 _____ () C:\Windows\PFRO.log
2014-12-02 17:24 - 2014-12-02 17:24 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\Martina Maecker\Downloads\avira_de_av_5686711189__ws.exe
2014-12-02 16:28 - 2014-12-02 16:28 - 00000000 __SHD () C:\Users\Martina Maecker\AppData\Local\EmieBrowserModeList
2014-11-29 18:30 - 2012-05-05 07:38 - 00221096 ____N () C:\Windows\hpoins43.dat.temp
2014-11-29 18:27 - 2014-11-29 18:27 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Martina Maecker\Downloads\avira_en_avpro_33469606_fblfanq8pg3yw81e0atd_wd.exe
2014-11-29 18:23 - 2014-11-29 18:26 - 156964432 _____ () C:\Users\Martina Maecker\Downloads\PS_AIO_06_C4700_USW_Full_Win_WW_140_175-4.exe
2014-11-19 19:14 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 19:14 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 19:02 - 2014-11-19 19:02 - 06126536 _____ (Tim Kosse) C:\Users\Martina Maecker\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-11-17 18:50 - 2014-11-17 18:50 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0028f54897b2.job

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-13 17:10 - 2009-11-27 14:42 - 00011216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 17:10 - 2009-11-27 14:42 - 00011216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-13 17:02 - 2012-08-21 18:47 - 00000000 ___RD () C:\Users\Martina Maecker\Dropbox
2014-12-13 17:02 - 2012-08-21 18:45 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Dropbox
2014-12-13 17:01 - 2013-10-28 12:01 - 00000000 ___RD () C:\Users\Martina Maecker\Google Drive
2014-12-13 16:57 - 2009-11-27 15:16 - 01205596 _____ () C:\Windows\WindowsUpdate.log
2014-12-13 16:31 - 2014-07-31 14:59 - 00252416 ___SH () C:\Users\Martina Maecker\Desktop\Thumbs.db
2014-12-13 16:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\security
2014-12-13 16:23 - 2011-01-02 10:40 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\FileZilla
2014-12-13 10:40 - 2012-08-21 18:46 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-12 18:20 - 2009-11-27 14:43 - 00000000 ____D () C:\Users\IUSR_NMPR
2014-12-12 18:19 - 2010-10-08 19:31 - 00000000 ____D () C:\Windows\Minidump
2014-12-12 18:07 - 2009-11-27 14:43 - 00000000 ____D () C:\Users\Martina Maecker
2014-12-12 17:36 - 2012-04-03 16:00 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\Druckdaten autogrammkarten-druckerei.de
2014-12-12 17:23 - 2014-05-27 05:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-12 03:19 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-12-11 22:43 - 2011-08-25 20:59 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\IBP
2014-12-11 18:31 - 2011-06-08 17:55 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-12-11 16:43 - 2007-10-09 15:23 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-11 16:42 - 2007-12-01 11:03 - 00000000 ____D () C:\Program Files\Google
2014-12-11 16:37 - 2012-05-04 18:32 - 00000000 ____D () C:\Users\Martina Maecker\Documents\Deutsche Post AG
2014-12-11 16:34 - 2007-12-01 11:13 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Local\Google
2014-12-11 16:34 - 2007-12-01 11:03 - 00000000 ____D () C:\ProgramData\Google
2014-12-11 07:15 - 2012-05-13 18:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-11 03:34 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 03:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 03:17 - 2007-10-10 11:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:11 - 2013-07-19 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:04 - 2009-12-19 09:11 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 06:53 - 2010-11-12 16:24 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2011
2014-12-03 06:49 - 2013-06-15 13:38 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Ofulb
2014-12-02 19:44 - 2010-09-30 15:43 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-12-02 18:12 - 2009-11-27 14:42 - 01658020 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-01 17:35 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-29 18:32 - 2011-05-15 11:05 - 00233373 _____ () C:\Windows\hpoins43.dat
2014-11-29 18:32 - 2011-05-15 11:05 - 00002133 _____ () C:\ProgramData\hpzinstall.log
2014-11-17 18:50 - 2014-10-25 10:11 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff033a6959e4b.job
2014-11-13 18:49 - 2014-08-14 05:16 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\Druckdaten personalisierer.de

Some content of TEMP:
====================
C:\Users\Martina Maecker\AppData\Local\Temp\avgnt.exe
C:\Users\Martina Maecker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_qroc_.dll
C:\Users\Martina Maecker\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina Maecker\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-06-03 06:45

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 14.12.2014, 12:31

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

charky · 14.12.2014, 22:46

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a04c84a6985c4e44ae998d4274d5e0ee
# engine=21548
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-14 04:26:53
# local_time=2014-12-14 05:26:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 1044170 170205604 0 0
# scanned=527910
# found=17
# cleaned=17
# scan_time=8356
sh=ED3098838321C4F991744C78383DC79EC748D022 ft=1 fh=cf36bbd9c768de33 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Martina Maecker\AppData\Local\Babylon\Setup\Setup.exe.vir"
sh=9C1F74613924FCC1259DC3E2BE0BDB31EA2590D9 ft=1 fh=83932a9109e1e39c vn="Variante von Win32/InstallCore.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\AudioConverter\AudioConverter.exe"
sh=5033F03511BFE34CB67C64871D7EAD795FF38D5D ft=1 fh=d6894d1c6b25087b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\ashampoo_photo_commander_7_7.31_7011.exe"
sh=B5E6EEF8518F35BEEDD6E88E4C628CB90CD8EBB1 ft=1 fh=77b6701407383e8e vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\Downloader-fuer-calc.exe"
sh=A74175DC28536CB69AB250C871DD7462CD5993DB ft=1 fh=83652e4b6a3b6de4 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\FreeStudio(1).exe"
sh=A74175DC28536CB69AB250C871DD7462CD5993DB ft=1 fh=83652e4b6a3b6de4 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\FreeStudio.exe"
sh=BBE6AAABD5A77CD24A85F82FE70AC6714C390CD7 ft=1 fh=dfac48d52eb87a35 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\FreeVideoFlipAndRotate.exe"
sh=874B4ACE11D979A6A56CA1CBDCAE2B01D83FDE21 ft=1 fh=7563957466d6b68a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\FreeYouTubeDownload.exe"
sh=A6D4FFD859A883F630DDC41C026A7C48D7C1324D ft=1 fh=23060b6acf7e60a7 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\FreeYouTubeToMP3Converter.exe"
sh=AA190194CD322F27B81B57B66F0E48B16DDF09FC ft=1 fh=7a1e2a1eaadddca3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe"
sh=2113E1432F7A8F74AC5BD2DB6D9D3FAE2F924971 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\easymobilehomepage\software\admin\home.php"
sh=C73552A831AAD7DBB0C73651AE55DAF9985CE906 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\easymobilehomepage\software\admin\index.php"
sh=D503559666C4E8F2CF28529B5FAF5F193698A4B8 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\easymobilehomepage\software\admin\inc\leftsidebar.php"
sh=57365AAC0FD58A3E8C06BEDBA023CD44920C5B5B ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\happiness-for-growing-up\happiness-for-growing-up\footer.php"
sh=98EE54608B03AB88E2756FB2508F0A5EF35A20DE ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\Love-Baby\Love-Baby1\footer.php"
sh=8EC7DF11BB17682998C27193B86B91F71AD2448F ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\MomandBaby\ultraschall_theme\sidebar1.php"
sh=8E2CF443B023BCAC4DDE8BEB059F7BC3DC0BFE17 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Martina Maecker\Downloads\MomandBaby\ultraschall_theme\sidebar2.php"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x86   
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2011   
 TuneUp Utilities Language Pack (de-DE) 
 CCleaner     
 JavaFX 2.1.0    
 Java(TM) 6 Update 30  
 Java(TM) 6 Update 22  
 Java 7 Update 71  
 Adobe Flash Player 	15.0.0.189  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox (34.0.5) 
 Mozilla Thunderbird (24.6.0) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-12-2014
Ran by Martina Maecker (administrator) on WUNSCHERFUELLER on 14-12-2014 22:40:10
Running from C:\Users\Martina Maecker\Desktop
Loaded Profiles: IUSR_NMPR & Martina Maecker &  (Available profiles: IUSR_NMPR & Martina Maecker)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(B.H.A Corporation) C:\Windows\System32\bgsvcgen.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe
(Nero AG) C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version5\TeamViewer.exe
(Team MediaPortal) C:\Program Files\Team MediaPortal\MediaPortal TV Server\TvService.exe
(Splashtop Inc.) C:\Program Files\Splashtop\Splashtop Remote\Server\SRServer.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(ODSoft multimedia) C:\Program Files\Sceneo\AbsolutTV\Services\ODSBC\ODSBCApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\GnabTray.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Panasonic Corporation) C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
() C:\Program Files\ScanWizard 5\ScannerFinder.exe
(Dropbox, Inc.) C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Users\Martina Maecker\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-08-17] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-08-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CCUTRAYICON] => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel(R) Corporation)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.)
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [220160 2007-12-01] (Google)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-08] (Intel Corporation)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46632 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [30248 2007-01-29] (Nuance Communications, Inc.)
HKLM\...\Run: [toolbar_eula_launcher] => C:\Program Files\GoogleEULA\EULALauncher.exe [16896 2007-02-09] ( )
HKLM\...\Run: [TVBroadcast] => C:\Program Files\Sceneo\AbsolutTV\SERVICES\ODSBC\ODSBCApp.exe [797696 2007-08-07] (ODSoft multimedia)
HKLM\...\Run: [TVEService] => C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [155648 2007-10-19] (CyberLink Corp.)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1468256 2009-11-11] (Microsoft Corporation)
HKLM\...\Run: [GnabTray] => C:\Program Files\Common Files\Gnab\Service\GnabTray.exe [327680 2007-04-13] (Empolis GmbH)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [623992 2008-10-14] (Adobe Systems Inc.)
HKLM\...\Run: [Adobe_ID0EYTHM] => C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-17] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-21] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\...\RunOnce: [DPAPIKeyMig] => C:\Windows\system32\dpapimig.exe [72192 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [DPAPIKeyMig] => C:\Windows\system32\dpapimig.exe [72192 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516096 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [IBP] => [X]
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Run: [AdobeUpdater] => C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2356088 2010-10-07] (Adobe Systems Incorporated)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [IBP] => [X]
HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeUpdater] => C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2356088 2010-10-07] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-03-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 5.1 HD Edition.lnk
ShortcutTarget: PHOTOfunSTUDIO 5.1 HD Edition.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Scanner Finder.lnk
ShortcutTarget: Scanner Finder.lnk -> C:\Program Files\ScanWizard 5\ScannerFinder.exe ()
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Martina Maecker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PMB Medien-Prüfung.lnk
ShortcutTarget: PMB Medien-Prüfung.lnk -> D:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe (Sony Corporation)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
HKU\S-1-5-21-3270019199-247663063-2118203487-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3270019199-247663063-2118203487-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3270019199-247663063-2118203487-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
HKU\S-1-5-21-3270019199-247663063-2118203487-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3270019199-247663063-2118203487-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3270019199-247663063-2118203487-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3270019199-247663063-2118203487-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKU\.DEFAULT -> No Name - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -  No File
Toolbar: HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default
FF SelectedSearchEngine: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @innoplus.de/ino3DViewer -> C:\Program Files\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/VirtualEarth3D,version=3.0 -> C:\Program Files\Virtual Earth 3D\ ()
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=6.0.11.2768 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2826 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1578 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: FoxyDeal - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-04-14]
FF Extension: Avira Browser Safety - C:\Users\Martina Maecker\AppData\Roaming\Mozilla\Firefox\Profiles\akx2lygd.default\Extensions\abs@avira.com [2014-12-11]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-28]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-15]
FF HKU\S-1-5-21-3270019199-247663063-2118203487-1004\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-3270019199-247663063-2118203487-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Martina Maecker\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc7.exe [806704 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-10-22] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 bgsvcgen; C:\Windows\System32\bgsvcgen.exe [145504 2007-06-15] (B.H.A Corporation)
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] () [File not signed]
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-09-30] (Macrovision Europe Ltd.) [File not signed]
R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH) [File not signed]
S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [69120 2007-12-01] (Google) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 Installer Service; C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{3FC42713-B6E7-49AA-A553-A224FE9828A8}\Installer\InstallerService.exe [119296 2011-04-30] () [File not signed]
S2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)
S2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe [6041600 2009-08-18] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)
S2 PEVSystemStart; C:\ComboFix\CregB.dat [2446 2014-12-12] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)
S2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [628736 2010-12-08] (Nokia) [File not signed]
R2 SplashtopRemoteService; C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe [520040 2011-10-24] (Splashtop Inc.)
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH) [File not signed]
R2 SSUService; C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe [609056 2013-08-07] (Splashtop Inc.)
S4 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] () [File not signed]
S4 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] () [File not signed]
R2 TVService; C:\Program Files\Team MediaPortal\MediaPortal TV Server\TVService.exe [212992 2012-04-10] (Team MediaPortal) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [101248 2011-12-29] (AVM Berlin)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [64512 2007-08-15] (AVM GmbH)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37384 2014-10-22] (Avira Operations GmbH & Co. KG)
S3 CYUSB3; C:\Windows\System32\Drivers\CYUSB3.sys [54008 2014-03-21] (Cypress Semiconductor)
S3 fxusbase; C:\Windows\System32\DRIVERS\fxusbase.sys [567936 2007-08-15] (AVM Berlin)
R3 Iviaspi; C:\Windows\System32\drivers\iviaspi.sys [16024 2006-11-22] (InterVideo, Inc.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-12-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-11-11] (Microsoft Corporation)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1311232 2009-07-13] (NXP Semiconductors)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2014-10-22] (Avira GmbH)
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [144896 2010-11-12] (1&1 Internet AG) [File not signed]
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\HomeCinema\PlayMovie\000.fcl [41456 2007-10-11] (Cyberlink Corp.)
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Program Files\HomeCinema\PowerDVD\000.fcl [41456 2007-10-09] (Cyberlink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\MARTIN~1\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-14 22:28 - 2014-12-14 22:28 - 00852490 _____ () C:\Users\Martina Maecker\Downloads\SecurityCheck.exe
2014-12-14 15:04 - 2014-12-14 15:04 - 02347384 _____ (ESET) C:\Users\Martina Maecker\Downloads\esetsmartinstaller_deu.exe
2014-12-13 17:17 - 2014-12-13 17:17 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\FRST-OlderVersion
2014-12-13 17:14 - 2014-12-13 17:14 - 00002943 _____ () C:\Users\Martina Maecker\Desktop\JRT.txt
2014-12-13 17:10 - 2014-12-13 17:10 - 00000000 ____D () C:\Windows\ERUNT
2014-12-13 17:08 - 2014-12-13 17:08 - 01707646 _____ (Thisisu) C:\Users\Martina Maecker\Downloads\JRT.exe
2014-12-13 16:54 - 2014-12-13 16:56 - 00000000 ____D () C:\AdwCleaner
2014-12-13 16:52 - 2014-12-13 16:52 - 02166272 _____ () C:\Users\Martina Maecker\Downloads\AdwCleaner_4.105.exe
2014-12-13 16:49 - 2014-12-13 16:49 - 00113071 _____ () C:\Users\Martina Maecker\Desktop\mbam.txt
2014-12-13 15:58 - 2014-12-13 16:01 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\pbtheme
2014-12-13 15:47 - 2014-12-14 22:25 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-13 15:46 - 2014-12-13 15:46 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-13 15:46 - 2014-12-13 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-13 15:46 - 2014-12-13 15:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-13 15:46 - 2014-12-13 15:46 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-12-13 15:46 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-13 15:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-13 15:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-13 15:44 - 2014-12-13 15:45 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Martina Maecker\Desktop\mbam-setup-2.0.4.1028.exe
2014-12-13 15:24 - 2014-12-13 15:24 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\all-in-one-seo-pack
2014-12-13 15:22 - 2014-12-13 15:24 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\profit_builder
2014-12-12 18:19 - 2014-12-12 18:19 - 474659900 _____ () C:\Windows\MEMORY.DMP
2014-12-12 18:19 - 2014-12-12 18:19 - 00888560 _____ () C:\Windows\Minidump\121214-23883-01.dmp
2014-12-12 17:53 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-12 17:53 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-12 17:53 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-12 17:53 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-12 17:53 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-12 17:53 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-12 17:53 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-12 17:53 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-12 17:52 - 2014-12-12 18:08 - 00000000 ___SD () C:\ComboFix
2014-12-12 17:50 - 2014-12-12 17:52 - 00000000 ____D () C:\Qoobox
2014-12-12 17:49 - 2014-12-12 18:08 - 00000000 ____D () C:\Windows\erdnt
2014-12-12 17:47 - 2014-12-12 17:48 - 05600944 ____R (Swearware) C:\Users\Martina Maecker\Desktop\ComboFix.exe
2014-12-12 17:28 - 2014-12-12 17:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Martina Maecker\Downloads\revosetup95.exe
2014-12-12 17:28 - 2014-12-12 17:28 - 00001226 _____ () C:\Users\Martina Maecker\Desktop\Revo Uninstaller.lnk
2014-12-12 17:28 - 2014-12-12 17:28 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-12-12 17:22 - 2014-12-12 17:22 - 00001095 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-11 18:55 - 2014-12-11 18:57 - 00070812 _____ () C:\Users\Martina Maecker\Desktop\Addition.txt
2014-12-11 18:53 - 2014-12-14 22:40 - 00036253 _____ () C:\Users\Martina Maecker\Desktop\FRST.txt
2014-12-11 18:53 - 2014-12-14 22:40 - 00000000 ____D () C:\FRST
2014-12-11 18:52 - 2014-12-13 17:17 - 01111552 _____ (Farbar) C:\Users\Martina Maecker\Desktop\FRST.exe
2014-12-11 07:13 - 2014-12-11 07:13 - 00003544 ____N () C:\bootsqm.dat
2014-12-11 03:34 - 2014-12-11 03:34 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:15 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:15 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 03:15 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 03:15 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 03:15 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 02:39 - 2014-12-04 05:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 02:39 - 2014-12-04 05:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 02:39 - 2014-12-02 00:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 02:39 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 02:39 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 02:39 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 02:39 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 02:39 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 02:39 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 02:39 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 02:39 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 02:39 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 02:39 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 02:39 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-11 02:39 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 02:39 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 02:39 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 02:39 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 02:39 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 02:39 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 02:39 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 02:39 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 02:39 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 02:39 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 02:39 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 02:39 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 02:39 - 2014-11-11 02:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 02:38 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 02:38 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 02:38 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 02:38 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 02:38 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 02:38 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 02:38 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 02:38 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 02:38 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 02:38 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 02:38 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 02:38 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 02:38 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 12:26 - 2014-12-10 12:26 - 00000294 ____N () C:\Users\Martina Maecker\Desktop\141821076472529.txt
2014-12-10 06:54 - 2011-12-13 09:29 - 00029504 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-12-10 06:54 - 2011-12-13 09:29 - 00021312 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-12-09 18:36 - 2014-12-09 18:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-12-05 18:50 - 2014-12-05 18:50 - 00000512 _____ () C:\Users\Martina Maecker\Desktop\HBEDV.key
2014-12-04 17:24 - 2014-12-04 17:24 - 00114670 ____H () C:\Users\Martina Maecker\Downloads\~WRL0006.tmp
2014-12-02 19:56 - 2014-12-02 19:56 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Avira
2014-12-02 19:54 - 2014-10-22 16:33 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-12-02 19:54 - 2014-10-22 16:33 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-12-02 19:46 - 2014-12-12 17:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-02 19:46 - 2014-12-12 17:22 - 00000000 ____D () C:\Program Files\Avira
2014-12-02 19:46 - 2014-12-02 19:54 - 00000000 ____D () C:\ProgramData\Avira
2014-12-02 19:39 - 2014-12-02 19:39 - 00000067 _____ () C:\Users\Martina Maecker\Desktop\iminient.txt
2014-12-02 19:25 - 2014-12-02 19:26 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Local\AviraResume
2014-12-02 19:08 - 2014-12-02 19:12 - 169402768 _____ () C:\Users\Martina Maecker\Downloads\avira_antivirus_pro_de.exe
2014-12-02 18:02 - 2014-12-13 16:58 - 00250610 _____ () C:\Windows\setupact.log
2014-12-02 18:02 - 2014-12-02 18:02 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-02 18:01 - 2014-12-13 16:58 - 01227430 _____ () C:\Windows\PFRO.log
2014-12-02 17:24 - 2014-12-02 17:24 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\Martina Maecker\Downloads\avira_de_av_5686711189__ws.exe
2014-12-02 16:28 - 2014-12-02 16:28 - 00000000 __SHD () C:\Users\Martina Maecker\AppData\Local\EmieBrowserModeList
2014-11-29 18:30 - 2012-05-05 07:38 - 00221096 ____N () C:\Windows\hpoins43.dat.temp
2014-11-29 18:27 - 2014-11-29 18:27 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Martina Maecker\Downloads\avira_en_avpro_33469606_fblfanq8pg3yw81e0atd_wd.exe
2014-11-29 18:23 - 2014-11-29 18:26 - 156964432 _____ () C:\Users\Martina Maecker\Downloads\PS_AIO_06_C4700_USW_Full_Win_WW_140_175-4.exe
2014-11-19 19:14 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 19:14 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 19:02 - 2014-11-19 19:02 - 06126536 _____ (Tim Kosse) C:\Users\Martina Maecker\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-11-17 18:50 - 2014-11-17 18:50 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0028f54897b2.job

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-14 22:30 - 2013-10-28 11:58 - 00880784 _____ (Google Inc.) C:\Users\Martina Maecker\Downloads\googledrivesync.exe
2014-12-14 22:26 - 2007-10-15 17:38 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-12-14 22:25 - 2009-11-27 15:16 - 01221917 _____ () C:\Windows\WindowsUpdate.log
2014-12-14 17:17 - 2011-07-23 11:09 - 00000000 ____D () C:\Users\Martina Maecker\AudioConverter
2014-12-14 14:59 - 2013-10-28 12:01 - 00000000 ___RD () C:\Users\Martina Maecker\Google Drive
2014-12-14 09:47 - 2012-04-03 16:00 - 00000000 ____D () C:\Users\Martina Maecker\Desktop\Druckdaten autogrammkarten-druckerei.de
2014-12-13 17:10 - 2009-11-27 14:42 - 00011216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-13 17:10 - 2009-11-27 14:42 - 00011216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-13 17:02 - 2012-08-21 18:47 - 00000000 ___RD () C:\Users\Martina Maecker\Dropbox
2014-12-13 17:02 - 2012-08-21 18:45 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Dropbox
2014-12-13 16:56 - 2009-11-16 15:14 - 00000000 ____D () C:\ProgramData\ICQ
2014-12-13 16:31 - 2014-07-31 14:59 - 00252416 ___SH () C:\Users\Martina Maecker\Desktop\Thumbs.db
2014-12-13 16:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\security
2014-12-13 16:23 - 2011-01-02 10:40 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\FileZilla
2014-12-13 10:40 - 2012-08-21 18:46 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-12 18:20 - 2009-11-27 14:43 - 00000000 ____D () C:\Users\IUSR_NMPR
2014-12-12 18:19 - 2010-10-08 19:31 - 00000000 ____D () C:\Windows\Minidump
2014-12-12 18:07 - 2009-11-27 14:43 - 00000000 ____D () C:\Users\Martina Maecker
2014-12-12 17:23 - 2014-05-27 05:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-12 03:19 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-12-11 22:43 - 2011-08-25 20:59 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\IBP
2014-12-11 18:31 - 2011-06-08 17:55 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-12-11 18:31 - 2011-06-08 17:54 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-12-11 16:43 - 2007-10-09 15:23 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-12-11 16:42 - 2007-12-01 11:03 - 00000000 ____D () C:\Program Files\Google
2014-12-11 16:37 - 2012-05-04 18:32 - 00000000 ____D () C:\Users\Martina Maecker\Documents\Deutsche Post AG
2014-12-11 16:34 - 2007-12-01 11:13 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Local\Google
2014-12-11 16:34 - 2007-12-01 11:03 - 00000000 ____D () C:\ProgramData\Google
2014-12-11 07:15 - 2012-05-13 18:15 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-12-11 03:34 - 2014-05-07 02:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 03:34 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 03:17 - 2007-10-10 11:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:11 - 2013-07-19 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:04 - 2009-12-19 09:11 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-10 06:53 - 2010-11-12 16:24 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2011
2014-12-03 06:49 - 2013-06-15 13:38 - 00000000 ____D () C:\Users\Martina Maecker\AppData\Roaming\Ofulb
2014-12-02 19:44 - 2010-09-30 15:43 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-12-02 18:12 - 2009-11-27 14:42 - 01658020 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-01 17:35 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-29 18:32 - 2011-05-15 11:05 - 00233373 _____ () C:\Windows\hpoins43.dat
2014-11-29 18:32 - 2011-05-15 11:05 - 00002133 _____ () C:\ProgramData\hpzinstall.log
2014-11-17 18:50 - 2014-10-25 10:11 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff033a6959e4b.job

Some content of TEMP:
====================
C:\Users\Martina Maecker\AppData\Local\Temp\avgnt.exe
C:\Users\Martina Maecker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_qroc_.dll
C:\Users\Martina Maecker\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina Maecker\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-06-03 06:45

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Hallo Schrauber,

ob es noch Probleme gibt, wird der morgige Test zeigen.
Schon jetzt ein riesen Dank für Deinen Einsatz!

Charky

schrauber · 15.12.2014, 19:38

Adobe updaten. Ich warte dann mal auf Rückmeldung

charky · 16.12.2014, 06:42

Hallo

bis jetzt, nach kurzen Test´s, scheint es sauber zu sein

Danke

schrauber · 16.12.2014, 21:30

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

15.12.2014, 19:38	#13
schrauber /// the machine /// TB-Ausbilder	Iminent - und ich werde es nicht los Adobe updaten. Ich warte dann mal auf Rückmeldung __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Iminent - und ich werde es nicht los

Plagegeister aller Art und deren Bekämpfung: Iminent - und ich werde es nicht los