| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Weißer Bildschirm nach LaptopstartWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.12.2014, 21:46
| #31 |
 |  Weißer Bildschirm nach Laptopstart FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-12-2014
Ran by USer (administrator) on USER-HP on 24-12-2014 21:41:54
Running from C:\Users\USer\Downloads
Loaded Profiles: UpdatusUser & USer (Available profiles: UpdatusUser & USer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkManagerDMS.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkDMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(ManyCam LLC) C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe
(Spotify Ltd) C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Pokki) C:\Users\USer\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Spotify Ltd) C:\Users\USer\AppData\Roaming\Spotify\spotify.exe
(Akamai Technologies, Inc.) C:\Users\USer\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Users\USer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(GoPro) C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Akamai Technologies, Inc.) C:\Users\USer\AppData\Local\Akamai\netsession_win.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Pokki) C:\Users\USer\AppData\Local\Pokki\Engine\HostAppService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Pokki) C:\Users\USer\AppData\Local\Pokki\Engine\HostAppService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Pokki) C:\Users\USer\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
() C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\HPNetworkCommunicator.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-01-04] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-09-03] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-05] (Intel Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [576568 2011-11-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Nation toolbar\vprot.exe [2403144 2013-10-02] ()
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [764096 2014-04-05] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [YouCam Service6] => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [504792 2014-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2980980110-3536347163-1446437705-1000\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe [1266712 2013-06-03] (AVG Secure Search)
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [5379472 2012-12-05] (ManyCam LLC)
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [Spotify Web Helper] => C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-21] (Spotify Ltd)
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [HP ENVY 110 series (NET)] => C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-19] (Hewlett-Packard Co.)
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [Spotify] => C:\Users\USer\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-21] (Spotify Ltd)
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [Akamai NetSession Interface] => C:\Users\USer\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [SkyDrive] => C:\Users\USer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\USer\AppData\Local\Smartbar\Application\SnapDo.exe [29728 2014-05-29] (Smartbar)
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\MountPoints2: {f9b5f5dd-8aa3-11e3-b66a-08edb990d442} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [245056 2014-12-10] (Client Connect LTD)
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [260928 2012-02-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [215360 2014-12-10] (Client Connect LTD)
AppInit_DLLs-x32: 0 => "0" File Not Found
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCzzzy0D0DyBtCzztByBtBtN0D0Tzu0CtAtAtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1718976369
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCzzzy0D0DyBtCzztByBtBtN0D0Tzu0CtAtAtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1718976369
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKU\S-1-5-21-2980980110-3536347163-1446437705-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=hp&installDate=07/08/2013
HKU\S-1-5-21-2980980110-3536347163-1446437705-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=ds&q={searchTerms}&installDate=07/08/2013
HKU\S-1-5-21-2980980110-3536347163-1446437705-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=ds&q={searchTerms}&installDate=07/08/2013
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=55&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB&SSPV=
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbNYs3FtjPDQ0_dIzmvu2aFpHO5YtKzATUToBYuI2BS7y7HdVH1tzp6QMCOqynXuKFdDGXMUCAOzgfEifhoPh0Y0AbuCU-AYNZMxmSOAuVD93z96DdAEhKmSLHhwV3PMfhnnco075g,,&q={searchTerms}
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://mixidj.delta-search.com/?babsrc=HP_ss&mntrId=8EAFE006E689DD71&affID=121128&tsp=5015
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbNYs3FtjPDQ0_dIzmvu2aFpHO5YtKzATUToBYuI2BS7y7HdVH1tzp6QMCOqynXuKFdDGXMUCAOzgfEifhoPh0Y0AbuCU-AYNZMxmSOAuVD93z96DdAEhKmSLHhwV3PMfhnnco075g,,&q={searchTerms}
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM-x32 - DVDVideoSoftTB_DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\USer\AppData\LocalLow\CT2625848\ldrtbDVDV.dll ()
URLSearchHook: HKLM-x32 - (No Name) - {04a8dd1a-4754-48fe-a703-99846646ef04} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCzzzy0D0DyBtCzztByBtBtN0D0Tzu0CtAtAtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1718976369
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCzzzy0D0DyBtCzztByBtBtN0D0Tzu0CtAtAtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1718976369
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {C660B190-4D7B-4859-91B0-5F18ED7AC738} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=ds&q={searchTerms}&installDate=07/08/2013
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=ds&q={searchTerms}&installDate=07/08/2013
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1Qzu0EtDtDyC0EyCzzzy0D0DyBtCzztByBtBtN0D0Tzu0CtAtAtDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1718976369
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-2980980110-3536347163-1446437705-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=ds&q={searchTerms}&installDate=07/08/2013
SearchScopes: HKU\S-1-5-21-2980980110-3536347163-1446437705-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=ds&q={searchTerms}&installDate=07/08/2013
SearchScopes: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=58&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbNYs3FtjPDQ0_dIzmvu2aFpHO5YtKzATUToBYuI2BS7y7HdVH1tzp6QMCOqynXuKFdDGXMUCAOzgfEifhoPh0Y0AbuCU-AYNZMxmSOAuVD93z96DdAEhKmSLHhwV3PMfhnnco075g,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=58&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: TubeSaver-1 -> {11111111-1111-1111-1111-110411151160} -> C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-bho64.dll (YTSsaver)
BHO: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoftTB_DE Toolbar -> {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -> C:\Users\USer\AppData\LocalLow\CT2625848\ldrtbDVDV.dll ()
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PriceGong - Price Comparison -> {1631550F-191D-4826-B069-D9439253D926} -> C:\Program Files (x86)\PriceGong\2.6.12\PriceGongIE.dll (PriceGong)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Nation toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Nation toolbar\17.0.1.7\AVG Nation toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: No Name -> {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - DVDVideoSoftTB_DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Users\USer\AppData\LocalLow\CT2625848\ldrtbDVDV.dll ()
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\17.0.1.7\AVG Nation toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File
Toolbar: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> No Name - {434D452D-5637-006A-76A7-7A786E7484D7} - No File
Toolbar: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-07-04] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=55&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB&SSPV=
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbNYs3FtjPDQ0_dIzmvu2aFpHO5YtKzATUToBYuI2BS7y7HdVH1tzp6QMCOqynXuKFdDGXMUCAOzgfEifhoPh0Y0AbuCU-AYNZMxmSOAuVD93z96DdAEhKmSLHhwV3PMfhnnco075g,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.1\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF user.js: detected! => C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\user.js
FF SearchPlugin: C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF Extension: Plus-HD-2.2 - C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com [2013-12-03]
FF Extension: TubeSaver-1 - C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\951bb5c8-a6ed-4af6-a53c-1d3eec03d6dd@b61ef5da-5b52-4500-a9b4-273eca044964.com [2013-09-24]
FF Extension: ICQ Toolbar - C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013-10-15]
FF Extension: PriceGong - C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} [2013-08-07]
FF Extension: Snap.Do - C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\{8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad} [2014-06-16]
FF Extension: ICQ Sparberater - C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\ciuvo-extension@icq.de.xpi [2013-10-07]
FF Extension: ICQ Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013-03-08]
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2012-11-26]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-11-28]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Profile: C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01]
CHR Extension: (Google Drive) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01]
CHR Extension: (Funmoods Chat) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh [2014-05-01]
CHR Extension: (PriceGong) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok [2014-05-01]
CHR Extension: (YouTube) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01]
CHR Extension: (MixiDJ Toolbar) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp [2014-05-01]
CHR Extension: (Adblock Plus) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-04]
CHR Extension: (Funmoods) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj [2014-05-01]
CHR Extension: (Google Search) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01]
CHR Extension: (Website Logon) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfgjjhcgfbfkkoelpepohanhmbhdanh [2014-05-01]
CHR Extension: (Wajam) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2014-05-01]
CHR Extension: (Plus-HD-2.2) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo [2014-05-02]
CHR Extension: (PricePeep) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb [2014-05-01]
CHR Extension: (Skype Click to Call) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-05-01]
CHR Extension: (Google Wallet) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01]
CHR Extension: (Gmail) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\USer\AppData\Local\funmoods.crx [2012-11-25]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\USer\AppData\Local\funmoods-speeddial_sf.crx [2012-11-25]
CHR HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\USer\AppData\Local\funmoods.crx [2012-11-25]
CHR HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\USer\AppData\Local\funmoods-speeddial_sf.crx [2012-11-25]
CHR HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - No Path
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\USer\AppData\Local\funmoods.crx [2012-11-25]
CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.12\pricegong.crx [2013-07-02]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\USer\AppData\Local\funmoods-speeddial_sf.crx [2012-11-25]
CHR HKLM-x32\...\Chrome\Extension: [jpfgjjhcgfbfkkoelpepohanhmbhdanh] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2011-12-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkManagerDMS.exe [404360 2013-08-23] (Samsung) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S3 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2012-12-16] (BOONTY) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3320640 2014-12-10] (Client Connect LTD)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-09-03] (Copyright 2013 SAMSUNG)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)
R2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1733448 2013-10-02] (AVG Secure Search)
S2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
S2 ezSharedSvc; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-21] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-09-30] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-21] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2011-11-03] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-21] (Broadcom Corporation.)
R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-10-11] (ManyCam LLC)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [20016 2011-10-14] (Synaptics Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz134; \??\C:\Users\USer\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-24 21:41 - 2014-12-24 21:42 - 00043320 _____ () C:\Users\USer\Downloads\FRST.txt
2014-12-24 21:40 - 2014-12-24 21:41 - 02122240 _____ (Farbar) C:\Users\USer\Desktop\FRST64.exe
2014-12-24 04:45 - 2014-12-24 21:42 - 00000000 ____D () C:\FRST
2014-12-21 18:03 - 2014-12-21 18:03 - 00000000 ____D () C:\Users\USer\AppData\Roaming\WTablet
2014-12-21 17:46 - 2014-12-24 12:50 - 00000000 ____D () C:\Users\USer\AppData\Roaming\Solvusoft
2014-12-21 17:46 - 2014-12-21 17:46 - 03894696 _____ (solvusoft Corporation ) C:\Users\USer\Downloads\Libxml2.dll-Reparaturprogramm-WinThruster.exe
2014-12-21 17:45 - 2014-12-21 17:49 - 05344984 _____ (Dll-Files.com ) C:\Users\USer\Downloads\dffsetup-libxml2.exe
2014-12-21 17:44 - 2014-12-21 17:44 - 00002109 _____ () C:\Users\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
2014-12-21 17:40 - 2014-12-24 21:31 - 00005128 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for USer-HP-USer USer-HP
2014-12-21 17:34 - 2014-12-24 06:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2014-12-21 17:34 - 2014-12-24 06:10 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-12-21 17:34 - 2014-12-24 06:10 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-12-21 17:34 - 2014-08-19 20:12 - 02006808 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2014-12-21 17:34 - 2014-08-19 20:12 - 01991448 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.dll
2014-12-21 17:34 - 2014-08-19 20:12 - 01984792 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Touch_Tablet.dll
2014-12-21 17:34 - 2014-08-19 20:12 - 01858328 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2014-12-21 17:34 - 2014-08-19 20:12 - 01610008 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2014-12-21 17:34 - 2014-08-19 20:12 - 01607448 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Touch_Tablet.dll
2014-12-21 17:34 - 2014-08-06 19:15 - 00102200 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2014-12-21 17:32 - 2014-12-21 17:33 - 40103880 _____ () C:\Users\USer\Downloads\PenTablet_5.3.5-3 (9).exe
2014-12-18 17:16 - 2014-12-18 17:21 - 40103880 _____ () C:\Users\USer\Downloads\PenTablet_5.3.5-3 (8).exe
2014-12-18 15:22 - 2014-12-18 15:22 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-18 15:22 - 2014-12-18 15:22 - 00001137 _____ () C:\ProgramData\Desktop\Avira.lnk
2014-12-18 13:03 - 2014-12-18 13:06 - 40103880 _____ () C:\Users\USer\Downloads\PenTablet_5.3.5-3 (7).exe
2014-12-18 12:59 - 2014-08-19 20:12 - 01614104 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dln
2014-12-18 12:54 - 2014-12-18 12:57 - 40103880 _____ () C:\Users\USer\Downloads\PenTablet_5.3.5-3 (6).exe
2014-12-18 12:48 - 2014-08-19 20:12 - 01614104 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dlm
2014-12-18 12:43 - 2014-12-18 12:47 - 40103880 _____ () C:\Users\USer\Downloads\PenTablet_5.3.5-3 (5).exe
2014-12-15 15:13 - 2014-12-15 15:13 - 00001258 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-12-15 15:13 - 2014-12-15 15:13 - 00001258 _____ () C:\ProgramData\Desktop\World of Warcraft.lnk
2014-12-15 15:13 - 2014-12-15 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-12-15 15:08 - 2014-12-18 13:06 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-12-15 15:07 - 2014-12-21 17:33 - 00000000 ____D () C:\Users\USer\AppData\Local\Battle.net
2014-12-15 15:07 - 2014-12-15 15:08 - 00000000 ____D () C:\Users\USer\AppData\Roaming\Battle.net
2014-12-15 15:07 - 2014-12-15 15:07 - 00001122 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-12-15 15:07 - 2014-12-15 15:07 - 00001122 _____ () C:\ProgramData\Desktop\Battle.net.lnk
2014-12-15 15:07 - 2014-12-15 15:07 - 00000000 ____D () C:\Users\USer\AppData\Local\Blizzard Entertainment
2014-12-15 15:06 - 2014-12-15 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-12-15 15:06 - 2014-12-15 15:07 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-12-15 15:06 - 2014-12-15 15:07 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-12-15 15:05 - 2014-12-15 15:05 - 02942368 _____ (Blizzard Entertainment) C:\Users\USer\Downloads\World-of-Warcraft-Setup-deDE.exe
2014-12-15 15:05 - 2014-12-15 15:05 - 00000000 ____D () C:\ProgramData\Battle.net
2014-12-15 14:44 - 2014-12-15 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-12-15 14:44 - 2014-12-15 14:44 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-12-04 20:33 - 2014-12-15 14:44 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-12-04 20:33 - 2014-12-15 14:44 - 00001931 _____ () C:\ProgramData\Desktop\McAfee Security Scan Plus.lnk
2014-12-04 20:33 - 2014-12-15 14:44 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-12-04 20:25 - 2014-12-04 20:25 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-12-04 20:25 - 2014-12-04 20:25 - 00002026 _____ () C:\ProgramData\Desktop\Sony PC Companion 2.1.lnk
2014-11-29 19:19 - 2014-11-29 19:19 - 00000000 ____D () C:\Users\USer\Downloads\TubeStar v1.6.5.10
2014-11-29 19:18 - 2014-11-29 19:18 - 01870350 _____ () C:\Users\USer\Downloads\TubeStar v1.6.5.10.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-24 21:43 - 2013-03-09 13:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-24 21:42 - 2012-02-24 18:55 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2014-12-24 21:42 - 2012-02-24 18:55 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2014-12-24 21:42 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-24 21:39 - 2013-02-17 22:15 - 00000000 ____D () C:\Users\USer\AppData\Roaming\Spotify
2014-12-24 21:39 - 2012-09-12 13:25 - 01678358 _____ () C:\Windows\WindowsUpdate.log
2014-12-24 21:38 - 2009-07-14 05:45 - 00031248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-24 21:38 - 2009-07-14 05:45 - 00031248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-24 21:34 - 2012-09-12 13:54 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6B68E1B9-7268-4935-94D5-F8D93E608BCA}
2014-12-24 21:28 - 2014-05-30 18:51 - 00000000 ___RD () C:\Users\USer\OneDrive
2014-12-24 21:27 - 2014-05-01 22:39 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-24 21:27 - 2014-03-31 12:38 - 00291744 _____ () C:\Windows\PFRO.log
2014-12-24 21:27 - 2014-03-31 12:38 - 00017136 _____ () C:\Windows\setupact.log
2014-12-24 21:27 - 2013-12-03 21:47 - 00002070 _____ () C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job
2014-12-24 21:27 - 2013-12-03 21:47 - 00001906 _____ () C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job
2014-12-24 21:27 - 2013-12-03 21:47 - 00001196 _____ () C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job
2014-12-24 21:27 - 2013-09-24 17:49 - 00001288 _____ () C:\Windows\Tasks\TubeSaver-1-updater.job
2014-12-24 21:27 - 2013-09-24 17:49 - 00001192 _____ () C:\Windows\Tasks\TubeSaver-1-codedownloader.job
2014-12-24 21:27 - 2013-09-24 17:49 - 00001092 _____ () C:\Windows\Tasks\TubeSaver-1-enabler.job
2014-12-24 21:27 - 2013-06-03 13:28 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-12-24 21:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-24 20:30 - 2014-05-01 22:39 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-24 20:30 - 2014-03-21 19:05 - 00000288 _____ () C:\Windows\Tasks\Funmoods.job
2014-12-24 20:30 - 2012-11-28 17:02 - 00000254 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-12-24 13:08 - 2012-11-24 22:47 - 00000000 ____D () C:\Users\USer\AppData\Local\CrashDumps
2014-12-24 13:00 - 2014-05-30 18:38 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-24 12:49 - 2013-02-17 22:16 - 00000000 ____D () C:\Users\USer\AppData\Local\Spotify
2014-12-24 12:48 - 2013-08-07 12:02 - 00000000 ____D () C:\Users\USer\AppData\Local\Pokki
2014-12-24 06:11 - 2014-05-29 15:41 - 00000000 ____D () C:\Users\USer\AppData\Local\Akamai
2014-12-24 06:10 - 2014-10-01 18:18 - 00000000 ____D () C:\Program Files\Tablet
2014-12-24 06:10 - 2014-03-18 17:15 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-12-24 06:10 - 2012-07-05 02:00 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-12-24 06:10 - 2012-02-24 10:32 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-12-24 06:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-12-21 17:44 - 2013-11-18 18:23 - 00002263 _____ () C:\Users\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2014-12-21 17:44 - 2013-04-14 12:56 - 00001327 _____ () C:\Windows\wininit.ini
2014-12-21 17:41 - 2012-10-13 12:49 - 00000000 ____D () C:\Users\USer\Documents\Youcam
2014-12-21 17:35 - 2014-09-16 15:02 - 00000000 ____D () C:\Users\USer\Desktop\Easy Paint Tool SAI
2014-12-21 17:32 - 2012-09-22 08:18 - 00000166 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-12-18 18:02 - 2013-08-16 20:49 - 00000000 ____D () C:\Users\USer\AppData\Roaming\TS3Client
2014-12-18 15:22 - 2014-05-30 18:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-18 15:22 - 2014-05-30 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-18 15:22 - 2014-05-30 18:29 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-18 14:30 - 2012-11-24 16:36 - 00000000 ____D () C:\Users\USer\AppData\Roaming\.minecraft
2014-12-17 18:08 - 2014-07-26 16:42 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1399201204
2014-12-17 18:08 - 2013-02-07 18:29 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-12-15 18:12 - 2013-03-09 13:49 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-15 18:12 - 2013-03-08 20:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-15 18:12 - 2013-02-07 16:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-15 14:49 - 2014-05-01 22:40 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-15 14:49 - 2014-05-01 22:40 - 00002175 _____ () C:\ProgramData\Desktop\Google Chrome.lnk
2014-12-04 20:34 - 2012-11-28 20:45 - 00000000 ____D () C:\Users\USer\AppData\Local\Adobe
2014-12-04 20:25 - 2014-03-26 16:30 - 00097958 _____ () C:\Windows\DPINST.LOG
2014-12-04 20:25 - 2014-03-01 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-04 20:24 - 2012-02-24 10:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-29 15:57 - 2014-09-16 15:02 - 00000000 ____D () C:\Users\USer\Downloads\Easy Paint Tool SAI
Some content of TEMP:
====================
C:\Users\USer\AppData\Local\Temp\avgnt.exe
C:\Users\USer\AppData\Local\Temp\drm_dyndata_7330014.dll
C:\Users\USer\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\USer\AppData\Local\Temp\Helper.dll
C:\Users\USer\AppData\Local\Temp\i4jdel0.exe
C:\Users\USer\AppData\Local\Temp\nsb2CD6.exe
C:\Users\USer\AppData\Local\Temp\nsgC5A6.exe
C:\Users\USer\AppData\Local\Temp\nslB465.exe
C:\Users\USer\AppData\Local\Temp\nsm385C.exe
C:\Users\USer\AppData\Local\Temp\nsr2151.exe
C:\Users\USer\AppData\Local\Temp\nsrBD5C.exe
C:\Users\USer\AppData\Local\Temp\oct6AF2.tmp.exe
C:\Users\USer\AppData\Local\Temp\OnlineBackup.exe
C:\Users\USer\AppData\Local\Temp\ReimagePackage.exe
C:\Users\USer\AppData\Local\Temp\ReimageRepair.exe
C:\Users\USer\AppData\Local\Temp\SkypeSetup.exe
C:\Users\USer\AppData\Local\Temp\speedupmypc.exe
C:\Users\USer\AppData\Local\Temp\SPSetup.exe
C:\Users\USer\AppData\Local\Temp\SymCCIS.dll
C:\Users\USer\AppData\Local\Temp\uninst1.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-17 15:14
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-12-2014
Ran by USer at 2014-12-24 21:43:16
Running from C:\Users\USer\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.240 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AllShare Framework DMS (HKLM\...\{C34E2E6F-6A24-40B8-8902-9960A4D42884}) (Version: 1.3.17 - Samsung)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
AuthenTec TrueAPI 64-bit (Version: 1.5.0.165 - AuthenTec, Inc.) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 15.4.0.5 - AVG Technologies)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
BitGuard (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - MediaTechSoft Inc.) <==== ATTENTION
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.3300 - Broadcom Corporation)
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Celtx (2.9) (HKLM-x32\...\Celtx (2.9)) (Version: 2.9 (de) - Greyfirst)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2728.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DealPly (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\DealPly) (Version: - ) <==== ATTENTION
Die Sims Deluxe (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version: - )
Die Sims™ 2 Deluxe (HKLM-x32\...\{9C244239-ED8E-40f1-937F-51C706CD2160}) (Version: - )
Die Sims™ 2 Gute Reise (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
Die Sims™ 2 H&M®-Fashion-Accessoires (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
Die Sims™ 2 IKEA® Home-Accessoires (HKLM-x32\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version: - Electronic Arts)
Die Sims™ 2 Teen Style-Accessoires (HKLM-x32\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version: - Electronic Arts)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Movie-Accessoires (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
Download & Install Packages (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Download & Install Packages) (Version: - ) <==== ATTENTION
DVDVideoSoftTB DE Toolbar (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\CT2625848) (Version: 10.14.0.127 - DVDVideoSoftTB DE)
Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{768A6276-5822-489C-8A2B-67190F745655}) (Version: 4.1.2 - Hewlett-Packard)
EverQuest Free-to-Play (HKLM-x32\...\Steam App 205710) (Version: - Sony Online Entertainment)
expert Bildschirmschoner (HKLM-x32\...\expert Bildschirmschoner_is1) (Version: 1.0 - expert AG)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FileParade bundle uninstaller (HKLM-x32\...\FileParade bundle uninstaller) (Version: 2.0.0.3 - FileParade) <==== ATTENTION
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
FreeOCR v4.2 (HKLM-x32\...\freeocr_is1) (Version: - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{8F258628-2E18-4C2E-8127-EF4EFAF5F75C}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{B288E426-9954-451C-B811-B0F234CF0EDD}) (Version: 1.3.0.0 - Hewlett-Packard)
HP ENVY 110 series - Grundlegende Software für das Gerät (HKLM\...\{DC8A4058-3798-4B37-8D78-62624D2E1585}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
HP ENVY 110 series Hilfe (HKLM-x32\...\{D4444B31-E9E9-4389-B35D-41B5BCA5E9FB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{C61FCEC2-3ED4-496E-B4B4-1CED423824B9}) (Version: 2.6.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}) (Version: 2.0.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass (HKLM-x32\...\{880B5A98-B242-4B53-BD6F-41EA17495EAD}) (Version: 5.4.0.402 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{99195D46-6173-4695-B7F5-4C1E6EB83475}) (Version: 4.5.4.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2626 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live 8.2.1 (HKLM-x32\...\Live 8.2.1) (Version: - )
Live 8.2.2 (HKLM-x32\...\Live 8.2.2) (Version: - )
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
ManyCam 3.1.21 (HKLM-x32\...\ManyCam) (Version: 3.1.21 - ManyCam LLC)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MinecraftAlpha (HKLM-x32\...\MinecraftAlpha) (Version: - )
Mobogenie (HKLM-x32\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION
MovieDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - 1clickmoviedownloader.com) <==== ATTENTION
Mozilla Firefox 17.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 17.0 (x86 en-US)) (Version: 17.0 - Mozilla)
Mozilla Firefox 24.0 (x86 en-US) (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla)
Mozilla Firefox Packages (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Mozilla Firefox Packages) (Version: - ) <==== ATTENTION
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NVIDIA Grafiktreiber 295.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 295.55 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plus-HD-2.2 (HKLM-x32\...\Plus-HD-2.2) (Version: 1.31.153.0 - Plus HD) <==== ATTENTION
Pokki (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Pokki) (Version: 0.269.5.339 - Pokki) <==== ATTENTION!
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PriceGong 2.6.12 (HKLM-x32\...\PriceGong) (Version: 2.6.12 - PriceGong) <==== ATTENTION
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Qtrax Player (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\4264672968.portal.qtrax.com) (Version: - portal.qtrax.com)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Samsung Link 1.7.0.1309031728 (HKLM\...\8474-7877-9059-0204) (Version: 1.7.0.1309031728 - Copyright 2013 SAMSUNG)
Search Protect (x32 Version: 2.19.10.160 - Client Connect LTD) Hidden <==== ATTENTION
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Snap.Do (HKLM-x32\...\{D5E50D52-C658-4C16-9722-9F9B057B5F0F}) (Version: 11.74.1.17518 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\{42adf490-1571-4c29-a90c-65b78d81a2b2}) (Version: 10.200.1.13712 - ReSoft Ltd.) <==== ATTENTION
Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony)
Spotify (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP ENVY 110 series Produkten (HKLM\...\{FC87C2FD-540E-4AB5-807B-D4A172129C73}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TubeSaver-1 (HKLM-x32\...\TubeSaver-1) (Version: 1.28.153.3 - YTSsaver)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{DA83578A-7DB2-4CF6-9453-CF24C7917AB8}) (Version: 4.3.301.0 - Validity Sensors, Inc.)
Version Checker for Funmoods (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Funmoods) (Version: - ) <==== ATTENTION
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Yontoo 1.10.03 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.03 - Yontoo LLC) <==== ATTENTION
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
20-11-2014 13:40:28 DirectX wurde installiert
21-12-2014 17:53:29 WinThruster So, Dez 21, 14 17:53
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {077C6D66-754E-4F5C-8CBE-0D50AA6C8599} - System32\Tasks\{B6ED1E97-8608-425E-8427-72D95CFCF7F0} => c:\program files (x86)\opera\opera.exe
Task: {129F6241-B18B-43EB-8840-0A7B6FFE0A24} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Ui.exe <==== ATTENTION
Task: {14E02ADE-9F2B-4D06-9EB7-DE89DEE0CE49} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06] (Adobe Systems Incorporated)
Task: {197FAA1B-9EFB-431D-AFE5-84CFB6BCAD05} - System32\Tasks\DealPly => C:\Users\USer\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {1D94626D-BB7B-4946-ABE4-FA977C9742A1} - System32\Tasks\Plus-HD-2.2-firefoxinstaller => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe <==== ATTENTION
Task: {1DE461EB-CF7E-4F3F-958D-706CDA2771DB} - System32\Tasks\Plus-HD-2.2-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe <==== ATTENTION
Task: {27223C37-9CFB-4158-B19D-AB7F10E66F07} - System32\Tasks\TubeSaver-1-updater => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-updater.exe
Task: {29D840C3-3A93-4CDD-A322-561616D49A51} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-03-24] (Hewlett-Packard)
Task: {342D2A49-9625-4381-8606-53EC85B59E5A} - System32\Tasks\{00FEC30B-876A-4B57-A659-7227FFF7423C} => E:\start.exe
Task: {35793514-2E5A-41EA-969C-3CB584082C77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01] (Google Inc.)
Task: {3591EF04-9736-426F-A5F4-7A8C7CFDC8A6} - System32\Tasks\{7F50E79C-FE24-4ADA-8F82-75FC46603378} => pcalua.exe -a C:\PROGRA~2\Ableton\LIVE82~1.1\Redist\VCREDI~1.EXE -d C:\Users\USer\AppData\Local\Temp\Rar$EXa0.100 -c /q:a
Task: {374D680B-5908-4870-BC34-37EF468E9F60} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01] (Google Inc.)
Task: {37DDF6F5-3A3C-42B9-9573-491CC9017199} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {3F2B618B-8BD7-45C9-91FA-AB4EB19A8BEF} - System32\Tasks\Plus-HD-2.2-codedownloader => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe <==== ATTENTION
Task: {3FF7021C-F3FD-41DC-86F7-1B0E0EB760CD} - System32\Tasks\Funmoods => C:\Users\USer\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {43B5D3A5-2E0B-4D1E-BE53-E2C454188481} - System32\Tasks\{1553568B-4557-472A-A335-03B4DAFB0DFF} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {452A0EE5-2ABB-450A-BB8E-17E6C716B917} - System32\Tasks\{ECC7B677-A528-47B1-B307-11560B9458CE} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {5A87CE46-DB97-4F5A-8CC1-C9E64C1CEB8E} - System32\Tasks\{FCAFAE04-31B2-419F-87F3-7E199589CF22} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsMain
Task: {5A947360-B034-4BF1-921D-502365599F41} - System32\Tasks\AdobeAAMUpdater-1.0-USer-HP-USer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {6E8DBF50-6C5D-4160-896E-27153A937C3B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7397E59C-0768-4C6B-89B0-C5B4FDE1EA61} - System32\Tasks\Microsoft Office 15 Sync Maintenance for USer-HP-USer USer-HP => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {744731F4-D32F-4233-80DD-9607A119BF7A} - System32\Tasks\{7B3EE811-CF05-4075-8BE6-D56A9D78ED52} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {77BA7823-3279-4BC8-AC81-8DE21AAE8F26} - System32\Tasks\HPCustParticipation HP ENVY 110 series => C:\Program Files\HP\HP ENVY 110 series\Bin\HPCustPartic.exe [2011-09-19] (Hewlett-Packard Co.)
Task: {780FEF2B-D5A7-459A-8DE6-DDA164FAC922} - System32\Tasks\{755891D9-18AE-4B40-8AA6-2927F13325D4} => C:\Users\USer\Desktop\MinecraftSP.exe
Task: {78673BCA-2571-445C-84E5-48A9E73F6FEE} - System32\Tasks\{DFC2FB6E-FFC4-4E67-BA1B-FB9912421B00} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {79BA169C-72CD-4F51-BE5D-1695E268955E} - System32\Tasks\{BAD026AD-6E5E-4F60-9D2B-AE919246835B} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {7B3F91CC-A3C1-4204-AC28-C88CD8AC7B7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {7B845F95-CB6A-4C67-A90F-D8BBCBA34DAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {81957A16-5BA8-4434-BF2C-5F09E4C76A5C} - System32\Tasks\Opera scheduled Autoupdate 1399201204 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {854C6F50-2E1D-485F-8540-5F83EFD83850} - System32\Tasks\{B92CC125-2EE8-415C-B947-CA089A98FEE2} => E:\Setup\Setup.exe
Task: {86857CBA-25D3-4266-A133-3C453A0166E3} - System32\Tasks\{17532C65-95A7-49F7-820D-7AF3A252BECA} => pcalua.exe -a "C:\Program Files (x86)\AVS4YOU\Uninstall.exe" -d "C:\Users\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU"
Task: {91956F09-CB0F-483B-B1A0-4674D6CA7DD9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {9375D4BD-082D-4ABE-A350-7C6A71A7797A} - System32\Tasks\{65E53754-2178-4427-887F-47F589BE0876} => E:\start.exe
Task: {9C89115B-3904-459D-A088-52EDD5F0D4EA} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\JustCloud\Signup Wizard.exe
Task: {A0FBF65C-B947-428B-B49E-058BE16A099A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {A82F9F33-5E1C-44C0-B3A0-69FBFA80F393} - System32\Tasks\{C8C4602E-5420-4DC4-ADCF-18B207CCE92C} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {A9AD3BE8-22B2-4AB2-A390-D757976DB5C3} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{37CF5E9F-01E5-4160-948D-51E69078783F}.exe
Task: {BAD19340-5A1F-4EB7-AD88-F5F1F84179AC} - System32\Tasks\{F3A8EE98-6F99-477E-AB15-37E6C9073035} => E:\start.exe
Task: {C07EEF00-8AB7-4B1A-A0FF-7ACAD49B4ED3} - System32\Tasks\Software Updater => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Bootstrapper.exe <==== ATTENTION
Task: {C762635E-9CEA-4C1F-BB1D-4A081E48EC40} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15] (Adobe Systems Incorporated)
Task: {E0512DBE-0325-4D21-ADFF-C281A9C7695E} - System32\Tasks\{E001A8EF-A3EA-4737-B886-705343C8413D} => E:\start.exe
Task: {E3201B06-6F2D-441F-BE06-C441E865CF51} - System32\Tasks\{C9178D7B-CD5C-4112-98DC-203C05807D21} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {E721A169-0EAF-4EC2-849B-D7B7A3E8F947} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {F0DCB307-402D-4C80-B203-956CC0C5A591} - System32\Tasks\TubeSaver-1-codedownloader => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-codedownloader.exe
Task: {F0F35D59-CDFD-4B92-84F0-3D8D03D1F7D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {F4788C8B-5AEE-43BC-86D5-FBC17D050300} - System32\Tasks\{526A12A7-D86A-407B-95EE-7EF5632D7D6E} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {F7CBA215-0270-491A-8F39-B9B98B729EB0} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {F9A0125B-FC56-4DF5-9C16-C7AB586AD0D8} - System32\Tasks\TubeSaver-1-enabler => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-enabler.exe
Task: {F9BF9E5F-679E-4C52-AC60-FCA7DB6D7514} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{37CF5E9F-01E5-4160-948D-51E69078783F}.exe
Task: C:\Windows\Tasks\Funmoods.job => C:\Users\USer\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\Plus-HD-2.2-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.2-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\TubeSaver-1-codedownloader.job => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-codedownloader.exe
Task: C:\Windows\Tasks\TubeSaver-1-enabler.job => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-enabler.exe
Task: C:\Windows\Tasks\TubeSaver-1-updater.job => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-updater.exe
==================== Loaded Modules (whitelisted) =============
2014-05-30 18:38 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-07-04 17:11 - 2011-12-16 21:37 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2013-09-20 10:15 - 2013-09-03 16:28 - 00012800 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2013-09-20 10:16 - 2013-09-20 10:16 - 00515584 _____ () C:\Windows\Temp\sqlite-3.7.2-sqlitejdbc.dll
2013-09-20 10:15 - 2013-09-03 16:28 - 01386496 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2013-09-20 10:15 - 2013-09-03 16:28 - 01427456 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-08-23 14:30 - 2013-08-23 14:30 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\64bit\JNIInterface.dll
2013-08-23 14:31 - 2013-08-23 14:31 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\64bit\ASFAPI.dll
2013-08-23 14:33 - 2013-08-23 14:33 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\64bit\MediaDB_Manager.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00030720 _____ () C:\Windows\system32\MediaDB64.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00908800 _____ () C:\Windows\system32\ContentDirectoryPresenter64.dll
2013-08-23 14:33 - 2013-08-23 14:33 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\64bit\DMS_Manager.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00049152 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00016896 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00058880 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00299520 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll
2012-07-04 17:11 - 2012-01-19 00:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-20 10:15 - 2013-09-03 16:28 - 00043520 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2013-12-03 21:46 - 2014-04-05 12:45 - 00764096 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2012-10-16 10:39 - 2012-10-16 10:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2014-03-01 17:55 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2013-10-01 17:56 - 2014-12-21 17:39 - 00374840 _____ () C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-12-17 18:08 - 2014-12-17 18:08 - 00535160 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\ProgramData\Temp:95D421DF
AlternateDataStreams: C:\ProgramData\Temp:AD022376
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2980980110-3536347163-1446437705-500 - Administrator - Disabled)
Gast (S-1-5-21-2980980110-3536347163-1446437705-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2980980110-3536347163-1446437705-1000 - Limited - Enabled) => C:\Users\UpdatusUser
USer (S-1-5-21-2980980110-3536347163-1446437705-1001 - Administrator - Enabled) => C:\Users\USer
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/24/2014 09:28:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (12/24/2014 09:27:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (12/24/2014 09:27:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/24/2014 01:08:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bca54
Name des fehlerhaften Moduls: igdumd64.dll, Version: 8.15.10.2626, Zeitstempel: 0x4f177ec1
Ausnahmecode: 0xc000041d
Fehleroffset: 0x000000000030d136
ID des fehlerhaften Prozesses: 0x28cc
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3
Error: (12/24/2014 01:08:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bca54
Name des fehlerhaften Moduls: igdumd64.dll, Version: 8.15.10.2626, Zeitstempel: 0x4f177ec1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000030d136
ID des fehlerhaften Prozesses: 0x28cc
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3
Error: (12/24/2014 01:04:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bca54
Name des fehlerhaften Moduls: igdumd64.dll, Version: 8.15.10.2626, Zeitstempel: 0x4f177ec1
Ausnahmecode: 0xc000041d
Fehleroffset: 0x000000000030d136
ID des fehlerhaften Prozesses: 0x20bc
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3
Error: (12/24/2014 01:04:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bca54
Name des fehlerhaften Moduls: igdumd64.dll, Version: 8.15.10.2626, Zeitstempel: 0x4f177ec1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000030d136
ID des fehlerhaften Prozesses: 0x20bc
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3
Error: (12/24/2014 01:03:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bca54
Name des fehlerhaften Moduls: igdumd64.dll, Version: 8.15.10.2626, Zeitstempel: 0x4f177ec1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000030d136
ID des fehlerhaften Prozesses: 0x28e8
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3
Error: (12/24/2014 01:03:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bca54
Name des fehlerhaften Moduls: igdumd64.dll, Version: 8.15.10.2626, Zeitstempel: 0x4f177ec1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000030d136
ID des fehlerhaften Prozesses: 0x2bac
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3
Error: (12/24/2014 01:01:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (12/24/2014 09:32:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Adobe Active File Monitor V10 erreicht.
Error: (12/24/2014 09:29:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
Error: (12/24/2014 09:28:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/24/2014 09:27:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Easybits Services for Windows" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (12/24/2014 09:27:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wacom Consumer Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/24/2014 09:27:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Wacom Consumer Service erreicht.
Error: (12/24/2014 09:27:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.12.2014 um 20:30:19 unerwartet heruntergefahren.
Error: (12/24/2014 00:50:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Adobe Active File Monitor V10 erreicht.
Error: (12/24/2014 00:47:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {14286318-B6CF-49A1-81FC-D74AD94902F9}
Error: (12/24/2014 00:46:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (12/24/2014 09:28:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\USer\AppData\Local\Pokki\Engine\HostAppService.exe
Error: (12/24/2014 09:27:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\USer\AppData\Local\Pokki\Engine\HostAppService.exe
Error: (12/24/2014 09:27:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/24/2014 01:08:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54igdumd64.dll8.15.10.26264f177ec1c000041d000000000030d13628cc01d01f725167a053C:\Windows\system32\DllHost.exeC:\Windows\system32\igdumd64.dll98936635-8b65-11e4-907c-08edb990d442
Error: (12/24/2014 01:08:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54igdumd64.dll8.15.10.26264f177ec1c0000005000000000030d13628cc01d01f725167a053C:\Windows\system32\DllHost.exeC:\Windows\system32\igdumd64.dll97d01359-8b65-11e4-907c-08edb990d442
Error: (12/24/2014 01:04:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54igdumd64.dll8.15.10.26264f177ec1c000041d000000000030d13620bc01d01f71c59bc06eC:\Windows\system32\DllHost.exeC:\Windows\system32\igdumd64.dll0517f1a1-8b65-11e4-907c-08edb990d442
Error: (12/24/2014 01:04:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54igdumd64.dll8.15.10.26264f177ec1c0000005000000000030d13620bc01d01f71c59bc06eC:\Windows\system32\DllHost.exeC:\Windows\system32\igdumd64.dll044ab390-8b65-11e4-907c-08edb990d442
Error: (12/24/2014 01:03:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54igdumd64.dll8.15.10.26264f177ec1c0000005000000000030d13628e801d01f71a22663a4C:\Windows\system32\DllHost.exeC:\Windows\system32\igdumd64.dllec891da3-8b64-11e4-907c-08edb990d442
Error: (12/24/2014 01:03:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bca54igdumd64.dll8.15.10.26264f177ec1c0000005000000000030d1362bac01d01f719d1b930eC:\Windows\system32\DllHost.exeC:\Windows\system32\igdumd64.dllde714620-8b64-11e4-907c-08edb990d442
Error: (12/24/2014 01:01:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 8091.31 MB
Available physical RAM: 4744.37 MB
Total Pagefile: 16180.81 MB
Available Pagefile: 11919.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:909.03 GB) (Free:599.45 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:22.19 GB) (Free:2.36 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 12E059A3)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=909 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=102 MB) - (Type=0C)
==================== End Of Log ============================
|
|
24.12.2014, 22:30
| #32 |
 | Weißer Bildschirm nach Laptopstart Schritt 1
__________________Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4 Bitte starte  FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.Bitte poste mir die Inhalte der Logs von Adwarecleaner, MBAM, JRT und FRST hier in den Thread.
__________________ |
|
25.12.2014, 20:34
| #33 |
| | Weißer Bildschirm nach Laptopstart Log vom AdwCleaner:
__________________Code:
ATTFilter # AdwCleaner v4.106 - Bericht erstellt am 25/12/2014 um 20:19:12
# Aktualisiert 21/12/2014 von Xplode
# Database : 2014-12-21.4 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : USer - USER-HP
# Gestartet von : C:\Users\USer\Downloads\AdwCleaner_4.106.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : CltMngSvc
Dienst Gelöscht : SPPD
Dienst Gelöscht : vToolbarUpdater17.0.12
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\SearchProtect
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\AVG Nation toolbar
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\ProgramData\Fighters
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Ordner Gelöscht : C:\Program Files (x86)\1clickmoviedownloader.com
Ordner Gelöscht : C:\Program Files (x86)\AVG Nation toolbar
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\HDvidCodec.com
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files (x86)\IminentToolbar
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\PriceGong
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Program Files (x86)\sweetpacks bundle uninstaller
Ordner Gelöscht : C:\Program Files (x86)\Yontoo
Ordner Gelöscht : C:\Program Files (x86)\TubeSaver-1
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Users\USer\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\USer\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\USer\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Fighters
Ordner Gelöscht : C:\USers\USer\AppData\Local\apn
Ordner Gelöscht : C:\USers\USer\AppData\Local\AVG Nation toolbar
Ordner Gelöscht : C:\USers\USer\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\USers\USer\AppData\Local\BeamriseUninstall
Ordner Gelöscht : C:\USers\USer\AppData\Local\cool_mirage
Ordner Gelöscht : C:\USers\USer\AppData\Local\LPT
Ordner Gelöscht : C:\USers\USer\AppData\Local\Mobogenie
Ordner Gelöscht : C:\USers\USer\AppData\Local\onlysearch
Ordner Gelöscht : C:\USers\USer\AppData\Local\SearchProtect
Ordner Gelöscht : C:\USers\USer\AppData\Local\Smartbar
Ordner Gelöscht : C:\USers\USer\AppData\LocalLow\AVG Nation toolbar
Ordner Gelöscht : C:\USers\USer\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\USers\USer\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\USers\USer\AppData\LocalLow\Claro LTD
Ordner Gelöscht : C:\USers\USer\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\USers\USer\AppData\LocalLow\Funmoods
Ordner Gelöscht : C:\USers\USer\AppData\LocalLow\IminentToolbar
Ordner Gelöscht : C:\USers\USer\AppData\LocalLow\mixidj
Ordner Gelöscht : C:\USers\USer\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\USers\USer\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Babylon
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\DealPly
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Funmoods
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\IminentToolbar
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Solvusoft
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Fighters
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1clickmoviedownloader.com
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Ordner Gelöscht : C:\USers\USer\Documents\Mobogenie
Ordner Gelöscht : C:\USers\USer\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}
Ordner Gelöscht : C:\USers\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\951bb5c8-a6ed-4af6-a53c-1d3eec03d6dd@b61ef5da-5b52-4500-a9b4-273eca044964.com
Ordner Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Ordner Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Ordner Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp
Ordner Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Ordner Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Ordner Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo
Ordner Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb
Ordner Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
[/!\] Nicht Gelöscht ( Junction ) : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo
[/!\] Nicht Gelöscht ( Junction ) : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\USer\Favorites\Startfenster.lnk
Datei Gelöscht : C:\Windows\Reimage.ini
Datei Gelöscht : C:\Users\USer\AppData\Local\Temp\ReimageRepair.exe
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\USers\USer\daemonprocess.txt
Datei Gelöscht : C:\USers\USer\AppData\Local\funmoods.crx
Datei Gelöscht : C:\USers\USer\AppData\Local\funmoods-speeddial_sf.crx
Datei Gelöscht : C:\USers\USer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
Datei Gelöscht : C:\USers\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : C:\USers\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
Datei Gelöscht : C:\USers\USer\Documents\Startfenster.lnk
Datei Gelöscht : C:\USers\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\USers\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\bprotector_prefs.js
Datei Gelöscht : C:\USers\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\invalidprefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\USers\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\searchplugins\trovi-search.xml
Datei Gelöscht : C:\USers\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\USers\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\user.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\user.js
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_api.ciuvo.com_0.localstorage-journal
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.livelyrics00.live-lyrics.com_0.localstorage
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.livelyrics00.live-lyrics.com_0.localstorage-journal
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.azlyrics.com_0.localstorage
Datei Gelöscht : C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
Datei Gelöscht : C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.wajam.com_0.localstorage
Datei Gelöscht : C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_www.wajam.com_0.localstorage-journal
Datei Gelöscht : C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_static.olark.com_0.localstorage-journal
***** [ Tasks ] *****
Task Gelöscht : Dealply
Task Gelöscht : Funmoods
Task Gelöscht : LaunchSignup
Task Gelöscht : Software Updater Ui
Task Gelöscht : Software Updater
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller\FileParade bundle uninstaller.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKCU\Software\Classes\keepmysearch
Schlüssel Gelöscht : HKCU\Software\53538f8fbc3eeb43
Schlüssel Gelöscht : HKLM\SOFTWARE\53538f8fbc3eeb43
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3279453
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5555CC4C-FA2B-4D69-8296-B6AE5E95C0B7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422592267}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455155560}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455595567}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466156660}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596667}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{63BEF061-5EFC-4753-9806-ED0573BC7C4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440444594467}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0E44BB13-2523-468B-BF51-58D5F52A84F6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455155560}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550455595567}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466156660}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660466596667}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AVG Nation toolbar
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\Ciuvo
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\Funmoods
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\IminentToolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\Reimage
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Plus-HD-2.2
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\TubeSaver-1
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Nation toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Plus-HD-2.2
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\SweetIM
Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\TubeSaver-1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Funmoods
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileParade bundle uninstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TubeSaver-1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\trovi.com
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16421
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v17.0 (en-US)
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.1000082.isDisplayHidden", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.1000082.isDisplayHidden", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.1000082.isDisplayHidden", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.1000082.isDisplayHidden", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.1000082.isDisplayHidden", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.129181467798530017.isToggled_item0_12", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.2625848a129894023611240511000000paramsGK1.enc", "eyJ1cGRhdGVSZXFUaW1lIjoxMzU3NTk0NDAwMzMyLCJ1cGRhdGVSZXNwVGltZSI6MTM1NzU5NDQwMDYyOSwiZGF0YSI6eyJzZXR0aW5ncyI6eyJpY29uIjoiaHR0cDovL3[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.CBOpenMAMSettings.enc", "MA==");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.FacebookTemplate_2625848a129894023611240511000000_lang.enc", "REU=");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.Facebook_Template_CacheTime_2625848a129894023611240511000000.enc", "MTM1NzU2NDcwNTQ5Ng==");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.Facebook_Template_Events_2625848a129894023611240511000000.enc", "JTdCJTIyZXJyb3IlMjIlM0ElN0IlMjJtZXNzYWdlJTIyJTNBJTIyQW4lMjBhY2Nlc3MlMjB0b2tlbiUyMGlzJTIwcmVxdWlyZWQlMjB0byUyMHJlcX[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.Facebook_Template_Last_Visit_Tab_2625848a129894023611240511000000.enc", "d2FsbA==");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.Facebook_Template_Likes_2625848a129894023611240511000000.enc", "bnVsbA==");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.Facebook_Template_Photos_2625848a129894023611240511000000.enc", "JTVCJTVE");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.Facebook_Template_Video_2625848a129894023611240511000000.enc", "bnVsbA==");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.Facebook_Template_Wall_2625848a129894023611240511000000.enc", "JTdCJTIyZXJyb3IlMjIlM0ElN0IlMjJtZXNzYWdlJTIyJTNBJTIyQW4lMjBhY2Nlc3MlMjB0b2tlbiUyMGlzJTIwcmVxdWlyZWQlMjB0byUyMHJlcXVl[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.FirstTime", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.FirstTimeFF3", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.LoginRevertSettingsEnabled", true);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.SearchAppState.enc", "Mw==");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.SearchAppTracking.enc", "MQ==");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.UserID", "UN39727268790285854");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.autoDisableScopes", -1);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.browser.search.defaultthis.engineName", true);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.cachedprofile2625848a129894023611240511000000.enc", "RFZEVmlkZW9Tb2Z0LmRl");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.cb_experience_000.enc", "MQ==");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.cb_firstuse0100.enc", "MQ==");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.cb_user_id_000.enc", "Q0I5ODAyMTU2NDQ2ODBfMTM1NzQxNTk0MTMyNl9GaXJlZm94");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.cbcountry_001.enc", "REU=");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.cbfirsttime.enc", "RnJpIEphbiAwNCAyMDEzIDE0OjQ5OjM0IEdNVCswMTAw");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.defaultSearch", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.embeddedsData", "[{\"appId\":\"129181467799155027\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.enableAlerts", "false");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.enableFix404ByUser", "TRUE");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.enableSearchFromAddressBar", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.firstTimeDialogOpened", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundError", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorByUser", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.fixUrls", true);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES.enc", "b3BlbnBvc2l0aW9uPW9mZnNldDo1MDs1MCxzYXZlbG9jYXRpb249MCxyZXNpemFibGU9bm8sc2Nyb2xsYmFycz1ubyx0aXRsZW[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.installId", "conduitnsisintegration");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.installType", "conduitnsisintegration");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.isCheckedStartAsHidden", true);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.isFirstTimeToolbarLoading", "false");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.isNewTabEnabled", true);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.isPerformedSmartBarTransition", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.keyword", true);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2625848&octid=CT2625848&SearchSource=15&CUI=UN39727268790285854&SSPV=EB_SSPV&Lay=1&UM=U[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.lastVersion", "10.14.42.7");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.migrateAppsAndComponents", true);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://DVDVideoSoftTBDE.OurToolbar.com/\",\"E[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.notFirstTime.enc", "dHJ1ZQ==");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.openThankYouPage", "false");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.openUninstallPage", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\\"01\\\\/04\\\\/2013 21\\\"}\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.price-gong.isManagedApp", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.revertSettingsEnabled", "false");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.search.searchAppId", "129181467799155027");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.search.searchCount", "2");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledByUser", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledInHidden", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2625848\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DVDVideoSoftTBDE.OurToolbar.com//xpi\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DVDVideoSoftTB DE\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1359899372114");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1360258051961");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1359760041197");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.13.40.15_lastUpdate", "1358702051942");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.14.40.128_lastUpdate", "1359462836479");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.14.42.7_lastUpdate", "1360255103279");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1359760041349");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1360172501099");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_serviceMap_lastUpdate", "1360172500936");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1359760041112");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1360258052155");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_translation_lastUpdate", "1360172501448");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_userApps1ec55dac-8dca-406b-9697-5d68893c1c0c_lastUpdate", "1361209207188");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_userApps_lastUpdate", "1361209207202");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.settingsINI", true);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.shouldFirstTimeDialog", "false");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.smartbar.CTID", "CT2625848");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.smartbar.Uninstall", "0");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.smartbar.homepage", true);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.smartbar.toolbarName", "DVDVideoSoftTB DE ");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.toolbarBornServerTime", "4-1-2013");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.toolbarCurrentServerTime", "7-2-2013");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848.url_history0001.enc", "aHR0cDovL3d3dy5mYWNlYm9vay5jb20vP3JlZj10bl90bm1uOjo6Y2xpY2toYW5kbGVyOjo6MTM1NzU5NDYwMDM5OCwsLGh0dHA6Ly93d3cuZmFjZWJvb2suY29tLz9yZWY9dG5fdG5tbjo6OmNsaWNraGFu[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1361209204902,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT3279453.FF19Solved", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT3279453.UserID", "UN19188290642656514");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT3279453.addressUrlXPETakeover", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT3279453.autoDisableScopes", -1);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT3279453.browser.search.defaultthis.engineName", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT3279453.defaultSearchXPETakeover", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT3279453.installDate", "9/4/2013 18:56:45");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT3279453.installerVersion", "1.3.7.3");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT3279453.keyword", "true");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2625848&SearchSource=13&CUI=SB_CUI");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://isearch.avg.com/search?cid={DCBFCBE2-2EF6-48B7-8B45-753F73D9CAD3}&mid=5fbcd407481347d08fd371fa8aa0410e-35acecdb3d388c47f596939c7f8adc5829ea07[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2625848");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "DVDvideoSoft 2.0 Customized Web Search");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Trovi search");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=55&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.admin", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.aflt", "babsst");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.autoRvrt", "false");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.dfltLng", "en");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.excTlbr", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.id", "8eaf8272000000000000e006e689dd71");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.instlDay", "15709");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.instlRef", "sst");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.prdct", "claro");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.prtnrId", "claro");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.rvrt", "false");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.tlbrId", "claro");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.tlbrSrchUrl", "");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.vrsn", "1.8.8.5");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro.vrsni", "1.8.8.5");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro_i.excTlbr", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro_i.newTab", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro_i.smplGrp", "none");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.claro_i.vrsnTs", "1.8.8.53:45:29");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.crossrider.bic", "1417ec815cedd144b4f1f150b9ff9624");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.dynconff.cache.stupidfruity.tumblr.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1500_1520_1164_1524_1146_1169_1263_1348_1482_1493_1521_1675\"><content id=\"us810_[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.dynconff.cache.www.golsearch.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1500_1520_1164_1524_1146_1169_1263_1348_1482_1493_1521_1675\"><content id=\"us810_common[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.dynconff.cache.www.tumblr.com.content", "<package expire=\"3600\" es=\"914\" pcdids=\"_1500_1520_1164_1524_1146_1169_1263_1348_1482_1493_1521_1675\"><content id=\"us810_commonScr[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.engineVerified", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.firstTbRun", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.geolastmodified", 1385059363);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.icqgeo", 49);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.installTime", "1382906956");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.previousFFVersion", "24.0");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.showPc", false);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.uniqueID", "136017249513602409351380811545194");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1385059366);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.version", "1.5.0");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("iminent.enabledAds", "false");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2625848&SearchSource=13&CUI=SB_CUI,hxxp://search.conduit.com/?ctid=CT3279453&octid=CT3279453&SearchSource=61&CUI=UN19188290[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=,hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&CU[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.machineId", "YHY3MKLWTACGJSEIH+MBHR5QQVLNK+FJVWNTNSO3BNAJUCQX8LYO94WQASVQ3JY8XEOBPE9ORAPXFMC99/MXIA");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.originalHomepage", "hxxp://www.claro-search.com/?affID=114506&tt=0113_5&babsrc=HP_clro&mntrId=8eaf8272000000000000e006e689dd71");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.originalSearchAddressUrl", "hxxp://isearch.avg.com/search?cid={DCBFCBE2-2EF6-48B7-8B45-753F73D9CAD3}&mid=5fbcd407481347d08fd371fa8aa0410e-35acecdb3d388c47f596939c7f8adc5829ea0750&l[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("smartbar.originalSearchEngine", "Claro Search");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SPD482EFD0-C100-4AF7[...]
[imzs51c8.default\prefs.js] - Zeile gelöscht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbNYs3FtjPDQ0_dIzmvu2aFpHO5YtKzATUToBYuI2BS7y7HdVH1tzp6QMCOqynXuKFdDGXMUCAOzgfEifhoP[...]
-\\ Google Chrome v39.0.2171.95
[C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=58&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB&q={searchTerms}&SSPV=
[C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=58&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB&q={searchTerms}&SSPV=
[C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Startup_URLs] : hxxp://www.trovi.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=55&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB&SSPV=
[C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Startup_URLs] : hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=hp&installDate=
[C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Startup_URLs] : hxxp://www.trovi.com/?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=55&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB&SSPV=
-\\ Opera v26.0.1656.60
[C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=58&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB&q={searchTerms}&SSPV=
[C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323737&octid=EB_ORIGINAL_CTID&ISID=BA01C5D0-7F58-4AA8-BBD3-F13F7C4D9289&SearchSource=58&CUI=&UM=6&UP=SPD482EFD0-C100-4AF7-A61D-0CF1303D02FB&q={searchTerms}&SSPV=
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : aaipilfmheplbcghignccoiiebekkdhe
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : ffhfoagmjcnkolneahbpagjcjjaeofbg
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : hjghiofiijcepdnocbgefbdlbckjfheg
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : iklgpchfbohgmghgfagediakopecfmbm
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : kfgaibfbmkjgmimhbbaikfnpkkjkpoan
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : lmnbobhffedhdhfpcjkjphcfpeeiocdn
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : kjpifmjicccpbkfjdkehimhgklfkbanh
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : hoidflomjnnnbiemmkjdjkkialmhbago
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : ekpibplnnkfdcafdpoekhoffegcajene
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : ipljmghelflfikejmgkmlmpjmehfjodc
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : ejddjnilmdncjilbfjgameihlklfpohp
[C:\Users\USer\AppData\Roaming\Opera Software\Opera Stable\preferences] - Gelöscht [Extension] : eagomcfjiefffhpaejnlpjccikpipdoe
*************************
AdwCleaner[R0].txt - [71048 octets] - [25/12/2014 20:15:28]
AdwCleaner[S0].txt - [68939 octets] - [25/12/2014 20:19:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [69000 octets] ##########
Die anderen folgen. |
|
25.12.2014, 21:18
| #34 |
| | Weißer Bildschirm nach Laptopstart Jesus, hast Du viel Adware drauf. oO
__________________ Proud member of Unite |
|
25.12.2014, 22:41
| #35 |
| | Weißer Bildschirm nach Laptopstart Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 25.12.2014 20:30:07, SYSTEM, USER-HP, Manual, Rootkit Database, 2014.11.18.1, 2014.12.23.2, Update, 25.12.2014 20:30:07, SYSTEM, USER-HP, Manual, Remediation Database, 2013.10.16.1, 2014.12.6.1, Error, 25.12.2014 20:30:57, SYSTEM, USER-HP, Manual, 0, Error, 25.12.2014 20:30:57, SYSTEM, USER-HP, Manual, 0, (end) Junkware Removal Tool: Code:
ATTFilter ~~~ Files
Successfully deleted: [File] "C:\Users\USer\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
Successfully deleted: [File] "C:\Users\USer\favorites\links\startfenster.lnk"
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\USer\music\qtrax media library"
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{16949566-7C88-4DCF-98EF-60AC89A678EC}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{1AF06E1E-5010-4F4F-9966-7EEAE044EC12}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{1CF85278-B4B3-4392-9A1A-5FE03408220E}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{3BD4DC8D-28C0-4F3F-A216-C04CBE11C3AB}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{4B184884-E423-4AA0-8B6B-4BD4F70E09C5}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{53179EA0-966B-4701-A6FE-232AC8039C86}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{5365D1E0-8E8F-4B7A-985B-F6EABF815E73}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{5AE1F115-17F9-42D4-8DF2-8DE755BF8A1E}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{63CDF602-C9AA-48BE-84C7-9201F32CEA94}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{91641AAC-7D99-4326-807A-E8656AA1F2F4}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{BB96D6C6-CC87-4180-AC50-55FF5AAF3632}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{C278E783-A6FD-47E2-9E84-4F9A7D7137B3}
Successfully deleted: [Empty Folder] C:\Users\USer\appdata\local\{C55C36AB-62E8-4307-9993-C5B82B9C34C3}
~~~ FireFox
Successfully deleted: [Folder] C:\Users\USer\AppData\Roaming\mozilla\firefox\profiles\imzs51c8.default\smartbar
Successfully deleted: [Folder] C:\Users\USer\AppData\Roaming\mozilla\firefox\profiles\imzs51c8.default\extensions\staged
Successfully deleted the following from C:\Users\USer\AppData\Roaming\mozilla\firefox\profiles\imzs51c8.default\prefs.js
user_pref("extensions.dynconff.cache.www.golsearch.com.expires", "1385063108808");
Emptied folder: C:\Users\USer\AppData\Roaming\mozilla\firefox\profiles\imzs51c8.default\minidumps [35 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.12.2014 at 22:31:26,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-12-2014 Ran by USer (administrator) on USER-HP on 25-12-2014 22:35:05 Running from C:\Users\USer\Desktop Loaded Profiles: UpdatusUser & USer & (Available profiles: UpdatusUser & USer) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkManagerDMS.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkDMS.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Microsoft Corporation) C:\Windows\vVX3000.exe (ManyCam LLC) C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe (Spotify Ltd) C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Spotify Ltd) C:\Users\USer\AppData\Roaming\Spotify\spotify.exe (Akamai Technologies, Inc.) C:\Users\USer\AppData\Local\Akamai\netsession_win.exe (Microsoft Corporation) C:\Users\USer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe (Akamai Technologies, Inc.) C:\Users\USer\AppData\Local\Akamai\netsession_win.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (GoPro) C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe () C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe () C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe (Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe (Pokki) C:\Users\USer\AppData\Local\Pokki\Engine\HostAppService.exe (Pokki) C:\Users\USer\AppData\Local\Pokki\Engine\HostAppService.exe (Opera Software) C:\Program Files (x86)\Opera\26.0.1656.60\opera.exe (Thisisu) C:\Users\USer\Downloads\JRT.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe (HP) C:\Program Files (x86)\HP SimplePass\BioMonitor.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-01-04] (IDT, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated) HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [597576 2013-09-03] (Copyright 2013 SAMSUNG) HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291096 2011-12-05] (Intel Corporation) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [576568 2011-11-29] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] () HKLM-x32\...\Run: [YouCam Service6] => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [504792 2014-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.) HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SearchProtect] => \SearchProtect\bin\cltmng.exe HKU\S-1-5-21-2980980110-3536347163-1446437705-1000\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB HKU\S-1-5-21-2980980110-3536347163-1446437705-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [5379472 2012-12-05] (ManyCam LLC) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [Spotify Web Helper] => C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-21] (Spotify Ltd) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [HP ENVY 110 series (NET)] => C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-19] (Hewlett-Packard Co.) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [Spotify] => C:\Users\USer\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-21] (Spotify Ltd) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [Akamai NetSession Interface] => C:\Users\USer\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [SkyDrive] => C:\Users\USer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\MountPoints2: {f9b5f5dd-8aa3-11e3-b66a-08edb990d442} - F:\Startme.exe HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [5379472 2012-12-05] (ManyCam LLC) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-21] (Spotify Ltd) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP ENVY 110 series (NET)] => C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-19] (Hewlett-Packard Co.) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\USer\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-21] (Spotify Ltd) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\USer\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SkyDrive] => C:\Users\USer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation) HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f9b5f5dd-8aa3-11e3-b66a-08edb990d442} - F:\Startme.exe AppInit_DLLs: c:\windows\system32\nvinitx.dll => c:\windows\system32\nvinitx.dll [260928 2012-02-02] (NVIDIA Corporation) AppInit_DLLs-x32: 0 => "0" File Not Found Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 HKU\S-1-5-21-2980980110-3536347163-1446437705-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=hp&installDate=07/08/2013 HKU\S-1-5-21-2980980110-3536347163-1446437705-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=ds&q={searchTerms}&installDate=07/08/2013 HKU\S-1-5-21-2980980110-3536347163-1446437705-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=ds&q={searchTerms}&installDate=07/08/2013 HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046} URLSearchHook: HKLM-x32 - (No Name) - {04a8dd1a-4754-48fe-a703-99846646ef04} - No File StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM -> {C660B190-4D7B-4859-91B0-5F18ED7AC738} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2980980110-3536347163-1446437705-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2980980110-3536347163-1446437705-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2980980110-3536347163-1446437705-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=VertiTechnologyYB&dpid=VertiTechnologyYB&co=DE&userid=8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad&searchtype=ds&q={searchTerms}&installDate=07/08/2013 BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: HP SimplePass Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP) Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP) Toolbar: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001 -> No Name - {434D452D-5637-006A-76A7-7A786E7484D7} - No File Toolbar: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {434D452D-5637-006A-76A7-7A786E7484D7} - No File DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-07-04] (EasyBits Software Corp.) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default FF SearchEngineOrder.3: Bing FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll () FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Extension: Snap.Do - C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\{8b5711fd-a765-6dd4-5aea-3b2dfbfc38ad} [2014-06-16] FF Extension: ICQ Sparberater - C:\Users\USer\AppData\Roaming\Mozilla\Firefox\Profiles\imzs51c8.default\Extensions\ciuvo-extension@icq.de.xpi [2013-10-07] FF Extension: ICQ Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013-03-08] FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2012-11-26] FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-11-28] FF HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] FF HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi Chrome: ======= CHR Profile: C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-01] CHR Extension: (Google Drive) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-01] CHR Extension: (YouTube) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-01] CHR Extension: (Adblock Plus) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-05-04] CHR Extension: (Google Search) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-01] CHR Extension: (Website Logon) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfgjjhcgfbfkkoelpepohanhmbhdanh [2014-05-01] CHR Extension: (Google Wallet) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-01] CHR Extension: (Gmail) - C:\Users\USer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-01] CHR HKLM-x32\...\Chrome\Extension: [jpfgjjhcgfbfkkoelpepohanhmbhdanh] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2011-12-09] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AllShareFrameworkManagerDMS.exe [404360 2013-08-23] (Samsung) [File not signed] R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG) S3 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2012-12-16] (BOONTY) [File not signed] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation) R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.) S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed] S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed] R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [605768 2013-09-03] (Copyright 2013 SAMSUNG) S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.) S2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.) S2 ezSharedSvc; No ImagePath ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-21] (Avira Operations GmbH & Co. KG) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-09-30] (AVG Technologies) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-21] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG) R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2011-11-03] (Broadcom Corporation.) R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-05-21] (Broadcom Corporation.) R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation) U0 lpukbufx; C:\Windows\System32\drivers\gpks.sys [79064 2014-12-25] (Malwarebytes Corporation) R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-25] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-10-11] (ManyCam LLC) S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.) S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [20016 2011-10-14] (Synaptics Incorporated) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] S3 clwvd; system32\DRIVERS\clwvd.sys [X] S3 cpuz134; \??\C:\Users\USer\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-25 22:35 - 2014-12-25 22:35 - 00034410 _____ () C:\Users\USer\Desktop\FRST.txt 2014-12-25 22:31 - 2014-12-25 22:31 - 00002896 _____ () C:\Users\USer\Desktop\JRT.txt 2014-12-25 22:22 - 2014-12-25 22:22 - 00000000 ____D () C:\Windows\ERUNT 2014-12-25 22:21 - 2014-12-25 22:22 - 01707646 _____ (Thisisu) C:\Users\USer\Downloads\JRT.exe 2014-12-25 22:19 - 2014-12-25 22:19 - 00000383 _____ () C:\Users\USer\Desktop\mban.txt 2014-12-25 22:18 - 2014-12-25 22:18 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\gpks.sys 2014-12-25 20:30 - 2014-12-25 20:30 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-12-25 20:29 - 2014-12-25 20:29 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-12-25 20:29 - 2014-12-25 20:29 - 00001106 _____ () C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk 2014-12-25 20:29 - 2014-12-25 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-12-25 20:29 - 2014-12-25 20:29 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-12-25 20:29 - 2014-12-25 20:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-12-25 20:29 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-12-25 20:29 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-12-25 20:29 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-12-25 20:28 - 2014-12-25 20:28 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\USer\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-25 20:12 - 2014-12-25 20:21 - 00000000 ____D () C:\AdwCleaner 2014-12-25 20:12 - 2014-12-25 20:12 - 02173952 _____ () C:\Users\USer\Downloads\AdwCleaner_4.106.exe 2014-12-24 21:43 - 2014-12-24 21:43 - 00049456 _____ () C:\Users\USer\Downloads\Addition.txt 2014-12-24 21:41 - 2014-12-24 21:43 - 00056813 _____ () C:\Users\USer\Downloads\FRST.txt 2014-12-24 21:40 - 2014-12-24 21:41 - 02122240 _____ (Farbar) C:\Users\USer\Desktop\FRST64.exe 2014-12-24 04:45 - 2014-12-25 22:35 - 00000000 ____D () C:\FRST 2014-12-21 18:03 - 2014-12-21 18:03 - 00000000 ____D () C:\Users\USer\AppData\Roaming\WTablet 2014-12-21 17:46 - 2014-12-21 17:46 - 03894696 _____ (solvusoft Corporation ) C:\Users\USer\Downloads\Libxml2.dll-Reparaturprogramm-WinThruster.exe 2014-12-21 17:45 - 2014-12-21 17:49 - 05344984 _____ (Dll-Files.com ) C:\Users\USer\Downloads\dffsetup-libxml2.exe 2014-12-21 17:44 - 2014-12-25 21:05 - 00000273 _____ () C:\Users\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk 2014-12-21 17:40 - 2014-12-25 20:49 - 00005126 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for USer-HP-USer USer-HP 2014-12-21 17:34 - 2014-12-24 06:11 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom 2014-12-21 17:34 - 2014-12-24 06:10 - 00000000 ____D () C:\Program Files\TabletPlugins 2014-12-21 17:34 - 2014-12-24 06:10 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins 2014-12-21 17:34 - 2014-08-19 20:12 - 02006808 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll 2014-12-21 17:34 - 2014-08-19 20:12 - 01991448 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.dll 2014-12-21 17:34 - 2014-08-19 20:12 - 01984792 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Touch_Tablet.dll 2014-12-21 17:34 - 2014-08-19 20:12 - 01858328 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll 2014-12-21 17:34 - 2014-08-19 20:12 - 01610008 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll 2014-12-21 17:34 - 2014-08-19 20:12 - 01607448 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Touch_Tablet.dll 2014-12-21 17:34 - 2014-08-06 19:15 - 00102200 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys 2014-12-21 17:32 - 2014-12-21 17:33 - 40103880 _____ () C:\Users\USer\Downloads\PenTablet_5.3.5-3 (9).exe 2014-12-18 17:16 - 2014-12-18 17:21 - 40103880 _____ () C:\Users\USer\Downloads\PenTablet_5.3.5-3 (8).exe 2014-12-18 15:22 - 2014-12-18 15:22 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-12-18 15:22 - 2014-12-18 15:22 - 00001137 _____ () C:\ProgramData\Desktop\Avira.lnk 2014-12-18 13:03 - 2014-12-18 13:06 - 40103880 _____ () C:\Users\USer\Downloads\PenTablet_5.3.5-3 (7).exe 2014-12-18 12:59 - 2014-08-19 20:12 - 01614104 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dln 2014-12-18 12:54 - 2014-12-18 12:57 - 40103880 _____ () C:\Users\USer\Downloads\PenTablet_5.3.5-3 (6).exe 2014-12-18 12:48 - 2014-08-19 20:12 - 01614104 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dlm 2014-12-18 12:43 - 2014-12-18 12:47 - 40103880 _____ () C:\Users\USer\Downloads\PenTablet_5.3.5-3 (5).exe 2014-12-15 15:13 - 2014-12-15 15:13 - 00001258 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk 2014-12-15 15:13 - 2014-12-15 15:13 - 00001258 _____ () C:\ProgramData\Desktop\World of Warcraft.lnk 2014-12-15 15:13 - 2014-12-15 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft 2014-12-15 15:08 - 2014-12-18 13:06 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft 2014-12-15 15:07 - 2014-12-21 17:33 - 00000000 ____D () C:\Users\USer\AppData\Local\Battle.net 2014-12-15 15:07 - 2014-12-15 15:08 - 00000000 ____D () C:\Users\USer\AppData\Roaming\Battle.net 2014-12-15 15:07 - 2014-12-15 15:07 - 00001122 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-12-15 15:07 - 2014-12-15 15:07 - 00001122 _____ () C:\ProgramData\Desktop\Battle.net.lnk 2014-12-15 15:07 - 2014-12-15 15:07 - 00000000 ____D () C:\Users\USer\AppData\Local\Blizzard Entertainment 2014-12-15 15:06 - 2014-12-15 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-12-15 15:06 - 2014-12-15 15:07 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment 2014-12-15 15:06 - 2014-12-15 15:07 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-12-15 15:05 - 2014-12-15 15:05 - 02942368 _____ (Blizzard Entertainment) C:\Users\USer\Downloads\World-of-Warcraft-Setup-deDE.exe 2014-12-15 15:05 - 2014-12-15 15:05 - 00000000 ____D () C:\ProgramData\Battle.net 2014-12-15 14:44 - 2014-12-15 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2014-12-15 14:44 - 2014-12-15 14:44 - 00000000 ____D () C:\Program Files\McAfee Security Scan 2014-12-04 20:33 - 2014-12-15 14:44 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2014-12-04 20:33 - 2014-12-15 14:44 - 00001931 _____ () C:\ProgramData\Desktop\McAfee Security Scan Plus.lnk 2014-12-04 20:33 - 2014-12-15 14:44 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-12-04 20:25 - 2014-12-04 20:25 - 00002026 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2014-12-04 20:25 - 2014-12-04 20:25 - 00002026 _____ () C:\ProgramData\Desktop\Sony PC Companion 2.1.lnk 2014-11-29 19:19 - 2014-11-29 19:19 - 00000000 ____D () C:\Users\USer\Downloads\TubeStar v1.6.5.10 2014-11-29 19:18 - 2014-11-29 19:18 - 01870350 _____ () C:\Users\USer\Downloads\TubeStar v1.6.5.10.zip ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-25 22:33 - 2013-02-17 22:15 - 00000000 ____D () C:\Users\USer\AppData\Roaming\Spotify 2014-12-25 22:33 - 2012-02-24 18:55 - 00698926 _____ () C:\Windows\system32\perfh007.dat 2014-12-25 22:33 - 2012-02-24 18:55 - 00149034 _____ () C:\Windows\system32\perfc007.dat 2014-12-25 22:33 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-25 22:32 - 2012-09-12 13:54 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6B68E1B9-7268-4935-94D5-F8D93E608BCA} 2014-12-25 22:30 - 2012-09-12 13:25 - 01683535 _____ () C:\Windows\WindowsUpdate.log 2014-12-25 22:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security 2014-12-25 22:01 - 2012-11-28 17:02 - 00000254 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job 2014-12-25 21:45 - 2014-05-01 22:39 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-25 21:43 - 2013-03-09 13:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-25 20:32 - 2009-07-14 05:45 - 00031248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-25 20:32 - 2009-07-14 05:45 - 00031248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-25 20:25 - 2013-02-17 22:16 - 00000000 ____D () C:\Users\USer\AppData\Local\Spotify 2014-12-25 20:23 - 2014-05-30 18:51 - 00000000 ___RD () C:\Users\USer\OneDrive 2014-12-25 20:23 - 2014-05-01 22:39 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-25 20:23 - 2013-06-03 13:28 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2014-12-25 20:22 - 2014-03-31 12:38 - 00292062 _____ () C:\Windows\PFRO.log 2014-12-25 20:22 - 2014-03-31 12:38 - 00017192 _____ () C:\Windows\setupact.log 2014-12-25 20:22 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-25 20:21 - 2012-11-24 22:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-12-25 20:19 - 2013-03-08 21:54 - 00000000 ____D () C:\ProgramData\ICQ 2014-12-25 20:11 - 2013-08-07 12:02 - 00000000 ____D () C:\Users\USer\AppData\Local\Pokki 2014-12-24 21:55 - 2012-11-24 16:36 - 00000000 ____D () C:\Users\USer\AppData\Roaming\.minecraft 2014-12-24 13:08 - 2012-11-24 22:47 - 00000000 ____D () C:\Users\USer\AppData\Local\CrashDumps 2014-12-24 13:00 - 2014-05-30 18:38 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-12-24 06:11 - 2014-05-29 15:41 - 00000000 ____D () C:\Users\USer\AppData\Local\Akamai 2014-12-24 06:10 - 2014-10-01 18:18 - 00000000 ____D () C:\Program Files\Tablet 2014-12-24 06:10 - 2012-07-05 02:00 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-12-24 06:10 - 2012-02-24 10:32 - 00000000 ____D () C:\ProgramData\Hewlett-Packard 2014-12-24 06:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-12-21 17:44 - 2013-11-18 18:23 - 00002263 _____ () C:\Users\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2014-12-21 17:41 - 2012-10-13 12:49 - 00000000 ____D () C:\Users\USer\Documents\Youcam 2014-12-21 17:35 - 2014-09-16 15:02 - 00000000 ____D () C:\Users\USer\Desktop\Easy Paint Tool SAI 2014-12-21 17:32 - 2012-09-22 08:18 - 00000166 _____ () C:\Windows\SysWOW64\DOErrors.log 2014-12-18 18:02 - 2013-08-16 20:49 - 00000000 ____D () C:\Users\USer\AppData\Roaming\TS3Client 2014-12-18 15:22 - 2014-05-30 18:29 - 00000000 ____D () C:\ProgramData\Package Cache 2014-12-18 15:22 - 2014-05-30 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-12-18 15:22 - 2014-05-30 18:29 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-12-17 18:08 - 2014-07-26 16:42 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1399201204 2014-12-17 18:08 - 2013-02-07 18:29 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-12-15 18:12 - 2013-03-09 13:49 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-12-15 18:12 - 2013-03-08 20:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-12-15 18:12 - 2013-02-07 16:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-12-15 14:49 - 2014-05-01 22:40 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-12-15 14:49 - 2014-05-01 22:40 - 00002175 _____ () C:\ProgramData\Desktop\Google Chrome.lnk 2014-12-04 20:34 - 2012-11-28 20:45 - 00000000 ____D () C:\Users\USer\AppData\Local\Adobe 2014-12-04 20:25 - 2014-03-26 16:30 - 00097958 _____ () C:\Windows\DPINST.LOG 2014-12-04 20:25 - 2014-03-01 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2014-12-04 20:24 - 2012-02-24 10:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-11-29 15:57 - 2014-09-16 15:02 - 00000000 ____D () C:\Users\USer\Downloads\Easy Paint Tool SAI Some content of TEMP: ==================== C:\Users\USer\AppData\Local\Temp\avgnt.exe C:\Users\USer\AppData\Local\Temp\drm_dyndata_7330014.dll C:\Users\USer\AppData\Local\Temp\drm_dyndata_7400009.dll C:\Users\USer\AppData\Local\Temp\Helper.dll C:\Users\USer\AppData\Local\Temp\i4jdel0.exe C:\Users\USer\AppData\Local\Temp\oct6AF2.tmp.exe C:\Users\USer\AppData\Local\Temp\Quarantine.exe C:\Users\USer\AppData\Local\Temp\ReimagePackage.exe C:\Users\USer\AppData\Local\Temp\SkypeSetup.exe C:\Users\USer\AppData\Local\Temp\speedupmypc.exe C:\Users\USer\AppData\Local\Temp\sqlite3.dll C:\Users\USer\AppData\Local\Temp\SymCCIS.dll C:\Users\USer\AppData\Local\Temp\uninst1.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-17 15:14 ==================== End Of Log ============================ --- --- --- FRST Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-12-2014
Ran by USer at 2014-12-25 22:36:12
Running from C:\Users\USer\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.240 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version: - Akamai Technologies, Inc)
AllShare Framework DMS (HKLM\...\{C34E2E6F-6A24-40B8-8902-9960A4D42884}) (Version: 1.3.17 - Samsung)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
AuthenTec TrueAPI 64-bit (Version: 1.5.0.165 - AuthenTec, Inc.) Hidden
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Bamboo Tablets Tutorial (x32 Version: 3.0.20 - Wacom) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.3300 - Broadcom Corporation)
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Celtx (2.9) (HKLM-x32\...\Celtx (2.9)) (Version: 2.9 (de) - Greyfirst)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2728.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims Deluxe (HKLM-x32\...\{10798AE3-DCBB-43C3-9C93-C23512427E25}) (Version: - )
Die Sims™ 2 Deluxe (HKLM-x32\...\{9C244239-ED8E-40f1-937F-51C706CD2160}) (Version: - )
Die Sims™ 2 Gute Reise (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
Die Sims™ 2 H&M®-Fashion-Accessoires (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
Die Sims™ 2 IKEA® Home-Accessoires (HKLM-x32\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version: - Electronic Arts)
Die Sims™ 2 Teen Style-Accessoires (HKLM-x32\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version: - Electronic Arts)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Movie-Accessoires (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.797.20 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
Download & Install Packages (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Download & Install Packages) (Version: - ) <==== ATTENTION
Download & Install Packages (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Download & Install Packages) (Version: - ) <==== ATTENTION
DVDVideoSoftTB DE Toolbar (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\CT2625848) (Version: 10.14.0.127 - DVDVideoSoftTB DE)
DVDVideoSoftTB DE Toolbar (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CT2625848) (Version: 10.14.0.127 - DVDVideoSoftTB DE)
Elements 10 Organizer (x32 Version: 10.0 - Ihr Firmenname) Hidden
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{768A6276-5822-489C-8A2B-67190F745655}) (Version: 4.1.2 - Hewlett-Packard)
EverQuest Free-to-Play (HKLM-x32\...\Steam App 205710) (Version: - Sony Online Entertainment)
expert Bildschirmschoner (HKLM-x32\...\expert Bildschirmschoner_is1) (Version: 1.0 - expert AG)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
FreeOCR v4.2 (HKLM-x32\...\freeocr_is1) (Version: - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{8F258628-2E18-4C2E-8127-EF4EFAF5F75C}) (Version: 4.1.10.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{B288E426-9954-451C-B811-B0F234CF0EDD}) (Version: 1.3.0.0 - Hewlett-Packard)
HP ENVY 110 series - Grundlegende Software für das Gerät (HKLM\...\{DC8A4058-3798-4B37-8D78-62624D2E1585}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
HP ENVY 110 series Hilfe (HKLM-x32\...\{D4444B31-E9E9-4389-B35D-41B5BCA5E9FB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{C61FCEC2-3ED4-496E-B4B4-1CED423824B9}) (Version: 2.6.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{F9DF0B5D-554B-45D2-8698-7C467FAF4BCA}) (Version: 2.0.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15109.3899 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP SimplePass (HKLM-x32\...\{880B5A98-B242-4B53-BD6F-41EA17495EAD}) (Version: 5.4.0.402 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{99195D46-6173-4695-B7F5-4C1E6EB83475}) (Version: 4.5.4.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6381.0 - IDT)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2626 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.0.199 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live 8.2.1 (HKLM-x32\...\Live 8.2.1) (Version: - )
Live 8.2.2 (HKLM-x32\...\Live 8.2.2) (Version: - )
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManyCam 3.1.21 (HKLM-x32\...\ManyCam) (Version: 3.1.21 - ManyCam LLC)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MinecraftAlpha (HKLM-x32\...\MinecraftAlpha) (Version: - )
Mozilla Firefox 17.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 17.0 (x86 en-US)) (Version: 17.0 - Mozilla)
Mozilla Firefox 24.0 (x86 en-US) (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla)
Mozilla Firefox 24.0 (x86 en-US) (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla)
Mozilla Firefox Packages (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Mozilla Firefox Packages) (Version: - ) <==== ATTENTION
Mozilla Firefox Packages (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mozilla Firefox Packages) (Version: - ) <==== ATTENTION
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
NVIDIA Grafiktreiber 295.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 295.55 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Opera Stable 26.0.1656.60 (HKLM-x32\...\Opera 26.0.1656.60) (Version: 26.0.1656.60 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Qtrax Player (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\4264672968.portal.qtrax.com) (Version: - portal.qtrax.com)
Qtrax Player (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\4264672968.portal.qtrax.com) (Version: - portal.qtrax.com)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Samsung Link 1.7.0.1309031728 (HKLM\...\8474-7877-9059-0204) (Version: 1.7.0.1309031728 - Copyright 2013 SAMSUNG)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Snap.Do (HKLM-x32\...\{D5E50D52-C658-4C16-9722-9F9B057B5F0F}) (Version: 11.74.1.17518 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\{42adf490-1571-4c29-a90c-65b78d81a2b2}) (Version: 10.200.1.13712 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{42adf490-1571-4c29-a90c-65b78d81a2b2}) (Version: 10.200.1.13712 - ReSoft Ltd.) <==== ATTENTION
Sony PC Companion 2.10.236 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.236 - Sony)
Spotify (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Spotify (HKU\S-1-5-21-2980980110-3536347163-1446437705-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP ENVY 110 series Produkten (HKLM\...\{FC87C2FD-540E-4AB5-807B-D4A172129C73}) (Version: 25.0.622.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Validity WBF DDK (HKLM\...\{DA83578A-7DB2-4CF6-9453-CF24C7917AB8}) (Version: 4.3.301.0 - Validity Sensors, Inc.)
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2980980110-3536347163-1446437705-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
20-11-2014 13:40:28 DirectX wurde installiert
21-12-2014 17:53:29 WinThruster So, Dez 21, 14 17:53
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {077C6D66-754E-4F5C-8CBE-0D50AA6C8599} - System32\Tasks\{B6ED1E97-8608-425E-8427-72D95CFCF7F0} => c:\program files (x86)\opera\opera.exe
Task: {14E02ADE-9F2B-4D06-9EB7-DE89DEE0CE49} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06] (Adobe Systems Incorporated)
Task: {29D840C3-3A93-4CDD-A322-561616D49A51} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-03-24] (Hewlett-Packard)
Task: {342D2A49-9625-4381-8606-53EC85B59E5A} - System32\Tasks\{00FEC30B-876A-4B57-A659-7227FFF7423C} => E:\start.exe
Task: {35793514-2E5A-41EA-969C-3CB584082C77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01] (Google Inc.)
Task: {3591EF04-9736-426F-A5F4-7A8C7CFDC8A6} - System32\Tasks\{7F50E79C-FE24-4ADA-8F82-75FC46603378} => pcalua.exe -a C:\PROGRA~2\Ableton\LIVE82~1.1\Redist\VCREDI~1.EXE -d C:\Users\USer\AppData\Local\Temp\Rar$EXa0.100 -c /q:a
Task: {374D680B-5908-4870-BC34-37EF468E9F60} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-01] (Google Inc.)
Task: {37DDF6F5-3A3C-42B9-9573-491CC9017199} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {43B5D3A5-2E0B-4D1E-BE53-E2C454188481} - System32\Tasks\{1553568B-4557-472A-A335-03B4DAFB0DFF} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {452A0EE5-2ABB-450A-BB8E-17E6C716B917} - System32\Tasks\{ECC7B677-A528-47B1-B307-11560B9458CE} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {5A87CE46-DB97-4F5A-8CC1-C9E64C1CEB8E} - System32\Tasks\{FCAFAE04-31B2-419F-87F3-7E199589CF22} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsMain
Task: {5A947360-B034-4BF1-921D-502365599F41} - System32\Tasks\AdobeAAMUpdater-1.0-USer-HP-USer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {6E8DBF50-6C5D-4160-896E-27153A937C3B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7397E59C-0768-4C6B-89B0-C5B4FDE1EA61} - System32\Tasks\Microsoft Office 15 Sync Maintenance for USer-HP-USer USer-HP => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {744731F4-D32F-4233-80DD-9607A119BF7A} - System32\Tasks\{7B3EE811-CF05-4075-8BE6-D56A9D78ED52} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {77BA7823-3279-4BC8-AC81-8DE21AAE8F26} - System32\Tasks\HPCustParticipation HP ENVY 110 series => C:\Program Files\HP\HP ENVY 110 series\Bin\HPCustPartic.exe [2011-09-19] (Hewlett-Packard Co.)
Task: {780FEF2B-D5A7-459A-8DE6-DDA164FAC922} - System32\Tasks\{755891D9-18AE-4B40-8AA6-2927F13325D4} => C:\Users\USer\Desktop\MinecraftSP.exe
Task: {78673BCA-2571-445C-84E5-48A9E73F6FEE} - System32\Tasks\{DFC2FB6E-FFC4-4E67-BA1B-FB9912421B00} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {79BA169C-72CD-4F51-BE5D-1695E268955E} - System32\Tasks\{BAD026AD-6E5E-4F60-9D2B-AE919246835B} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {7B3F91CC-A3C1-4204-AC28-C88CD8AC7B7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {7B845F95-CB6A-4C67-A90F-D8BBCBA34DAD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {81957A16-5BA8-4434-BF2C-5F09E4C76A5C} - System32\Tasks\Opera scheduled Autoupdate 1399201204 => C:\Program Files (x86)\Opera\launcher.exe [2014-12-17] (Opera Software)
Task: {854C6F50-2E1D-485F-8540-5F83EFD83850} - System32\Tasks\{B92CC125-2EE8-415C-B947-CA089A98FEE2} => E:\Setup\Setup.exe
Task: {86857CBA-25D3-4266-A133-3C453A0166E3} - System32\Tasks\{17532C65-95A7-49F7-820D-7AF3A252BECA} => pcalua.exe -a "C:\Program Files (x86)\AVS4YOU\Uninstall.exe" -d "C:\Users\USer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU"
Task: {91956F09-CB0F-483B-B1A0-4674D6CA7DD9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {9375D4BD-082D-4ABE-A350-7C6A71A7797A} - System32\Tasks\{65E53754-2178-4427-887F-47F589BE0876} => E:\start.exe
Task: {A0FBF65C-B947-428B-B49E-058BE16A099A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {A82F9F33-5E1C-44C0-B3A0-69FBFA80F393} - System32\Tasks\{C8C4602E-5420-4DC4-ADCF-18B207CCE92C} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {A9AD3BE8-22B2-4AB2-A390-D757976DB5C3} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{37CF5E9F-01E5-4160-948D-51E69078783F}.exe
Task: {BAD19340-5A1F-4EB7-AD88-F5F1F84179AC} - System32\Tasks\{F3A8EE98-6F99-477E-AB15-37E6C9073035} => E:\start.exe
Task: {C762635E-9CEA-4C1F-BB1D-4A081E48EC40} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15] (Adobe Systems Incorporated)
Task: {E0512DBE-0325-4D21-ADFF-C281A9C7695E} - System32\Tasks\{E001A8EF-A3EA-4737-B886-705343C8413D} => E:\start.exe
Task: {E3201B06-6F2D-441F-BE06-C441E865CF51} - System32\Tasks\{C9178D7B-CD5C-4112-98DC-203C05807D21} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {E721A169-0EAF-4EC2-849B-D7B7A3E8F947} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {F0F35D59-CDFD-4B92-84F0-3D8D03D1F7D1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {F4788C8B-5AEE-43BC-86D5-FBC17D050300} - System32\Tasks\{526A12A7-D86A-407B-95EE-7EF5632D7D6E} => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
Task: {F7CBA215-0270-491A-8F39-B9B98B729EB0} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {F9BF9E5F-679E-4C52-AC60-FCA7DB6D7514} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{37CF5E9F-01E5-4160-948D-51E69078783F}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2014-05-30 18:38 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-07-04 17:11 - 2011-12-16 21:37 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2013-09-20 10:15 - 2013-09-03 16:28 - 00012800 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2013-09-20 10:16 - 2013-09-20 10:16 - 00515584 _____ () C:\Windows\Temp\sqlite-3.7.2-sqlitejdbc.dll
2013-09-20 10:15 - 2013-09-03 16:28 - 01386496 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2013-09-20 10:15 - 2013-09-03 16:28 - 01427456 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-08-23 14:30 - 2013-08-23 14:30 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\64bit\JNIInterface.dll
2013-08-23 14:31 - 2013-08-23 14:31 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\64bit\ASFAPI.dll
2013-08-23 14:33 - 2013-08-23 14:33 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\64bit\MediaDB_Manager.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00030720 _____ () C:\Windows\system32\MediaDB64.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00908800 _____ () C:\Windows\system32\ContentDirectoryPresenter64.dll
2013-08-23 14:33 - 2013-08-23 14:33 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\64bit\DMS_Manager.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00049152 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00016896 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00058880 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00299520 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll
2012-07-04 17:11 - 2012-01-19 00:48 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-20 10:15 - 2013-09-03 16:28 - 00043520 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2012-10-16 10:39 - 2012-10-16 10:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2014-03-01 17:55 - 2014-06-23 08:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2013-10-01 17:56 - 2014-12-21 17:39 - 00374840 _____ () C:\Users\USer\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-12-17 18:08 - 2014-12-17 18:08 - 00535160 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\opera_crashreporter.exe
2013-08-23 13:34 - 2013-08-23 13:34 - 01112576 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\DMSManager.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00706560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ContentDirectoryPresenter.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\DCMCDP.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\FolderCDP.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\MetadataFramework.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\sqlite3.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\MoodExtractor.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\DCMImgExtractor.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AutoChaptering.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\libexpat.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\VideoThumb.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\avcodec-52.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\avutil-50.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\avformat-52.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\swscale-0.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\AudioExtractor.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ID3Driver.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\tag.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\libThumbnail.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\RichInfoDriver.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\VideoExtractor.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ThumbnailMaker.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 01033216 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ImageMagickWrapper.dll
2013-08-23 13:34 - 2013-08-23 13:34 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\VideoMetadataDriver.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\libKeyFrame.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\SECMetaDriver.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\ImageExtractor.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\photoDriver.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\libexif-12.dll.dll
2013-08-14 07:29 - 2013-08-14 07:29 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\TextExtractor.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\Autobackup.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\RosettaAllShare.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\boost_serialization-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\boost_system-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\boost_thread-vc90-mt-1_47.dll
2013-07-23 18:30 - 2013-07-23 18:30 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.17\us.dll
2012-12-05 07:33 - 2012-12-05 07:33 - 02010624 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
2012-12-05 07:33 - 2012-12-05 07:33 - 01241088 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
2012-12-05 07:33 - 2012-12-05 07:33 - 00201216 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_video220.dll
2012-12-05 07:33 - 2012-12-05 07:33 - 00241152 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_objdetect220.dll
2012-12-05 07:33 - 2012-12-05 07:33 - 00775680 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_highgui220.dll
2014-12-25 20:23 - 2014-12-25 20:23 - 00075776 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM34C5.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00056320 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM34D7.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00055296 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM34D9.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00068608 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM34EA.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00075776 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM37F8.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00075776 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3839.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00075776 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM384A.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00056832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM385C.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00075776 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM389C.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00075776 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3979.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00075776 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM397B.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00056320 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM398C.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00075776 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3A2A.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00075776 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3A2C.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00053760 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3A3E.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00064000 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3A40.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00053760 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3A52.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00057344 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3A54.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00072192 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3B11.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00072704 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3B22.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00072192 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3B44.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00072192 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3B55.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3B96.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3C06.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3C56.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00033792 _____ () C:\Users\USer\AppData\Local\Temp\YTMP7MC8AA\TAA3C58.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3CB7.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3D17.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3D48.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3E43.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3E93.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3EC4.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3EE5.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM3FB2.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM4002.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM4052.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM4093.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM41EC.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM424B.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM427C.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM4339.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM436A.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00120832 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM439B.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00086016 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM4554.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00086016 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM4565.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00086016 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM4567.tmp
2014-12-25 20:23 - 2014-12-25 20:23 - 00086016 _____ () C:\Users\USer\AppData\Local\Temp\XTMP1MC3VE\DEM4579.tmp
2014-03-01 17:55 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-03-01 17:55 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2013-02-17 22:16 - 2014-12-21 17:40 - 36966968 _____ () C:\Users\USer\AppData\Roaming\Spotify\Data\libcef.dll
2014-09-25 19:04 - 2014-09-25 19:04 - 00081056 _____ () C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-11-15 18:16 - 2014-11-15 18:16 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-11-15 18:18 - 2014-11-15 18:18 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-07-11 10:36 - 2014-12-21 17:39 - 00867896 _____ () C:\Users\USer\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-09-25 19:04 - 2014-09-25 19:04 - 00081056 _____ () C:\Users\USer\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
2013-10-01 17:56 - 2014-12-21 17:40 - 00886840 _____ () C:\Users\USer\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-10-01 17:56 - 2014-12-21 17:40 - 00108600 _____ () C:\Users\USer\AppData\Roaming\Spotify\Data\libegl.dll
2014-12-17 18:08 - 2014-12-17 18:08 - 01358456 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\libglesv2.dll
2014-12-17 18:08 - 2014-12-17 18:08 - 00219256 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\libegl.dll
2014-12-17 18:08 - 2014-12-17 18:08 - 09312888 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\pdf.dll
2014-12-17 18:08 - 2014-12-17 18:08 - 00991352 _____ () C:\Program Files (x86)\Opera\26.0.1656.60\ffmpegsumo.dll
2012-07-04 17:20 - 2012-07-04 17:20 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a21ece5c049c9f429756fd1a3fe55ccd\IsdiInterop.ni.dll
2012-07-04 17:17 - 2011-11-30 05:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-07-04 17:11 - 2011-12-16 19:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-09-24 15:35 - 2014-09-24 15:35 - 00569856 _____ () C:\Users\USer\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2014-09-24 15:35 - 2014-09-24 15:35 - 01400846 _____ () C:\Users\USer\AppData\Local\Pokki\Engine\avcodec-54.dll
2014-09-24 15:35 - 2014-09-24 15:35 - 00151054 _____ () C:\Users\USer\AppData\Local\Pokki\Engine\avutil-51.dll
2014-09-24 15:35 - 2014-09-24 15:35 - 00222734 _____ () C:\Users\USer\AppData\Local\Pokki\Engine\avformat-54.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\ProgramData\Temp:95D421DF
AlternateDataStreams: C:\ProgramData\Temp:AD022376
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-2980980110-3536347163-1446437705-500 - Administrator - Disabled)
Gast (S-1-5-21-2980980110-3536347163-1446437705-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2980980110-3536347163-1446437705-1000 - Limited - Enabled) => C:\Users\UpdatusUser
USer (S-1-5-21-2980980110-3536347163-1446437705-1001 - Administrator - Enabled) => C:\Users\USer
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 40%
Total physical RAM: 8091.31 MB
Available physical RAM: 4812.61 MB
Total Pagefile: 16180.81 MB
Available Pagefile: 11921.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:909.03 GB) (Free:598.94 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:22.19 GB) (Free:2.36 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 12E059A3)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=909 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=102 MB) - (Type=0C)
==================== End Of Log ============================
|
|
26.12.2014, 10:27
| #36 |
| | Weißer Bildschirm nach Laptopstart Falsches MBAM Log.   MBAM-Funde posten: So gehts...Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden. Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.
__________________ --> Weißer Bildschirm nach Laptopstart |
|
26.12.2014, 22:22
| #37 |
| | Weißer Bildschirm nach Laptopstart Das MBAN Log ist zu lang um es zu posten, die maximale Zeichenlänge reicht leider nicht aus. Werde ab morgen übrigens mindestens 4 Tage nichts mehr schreiben können, nur damit Sie Bescheid wissen. |
|
27.12.2014, 11:06
| #38 |
| | Weißer Bildschirm nach Laptopstart In Foren ist es üblich sich zu dutzen.  Hänge das Log beim nächsten Post an.
__________________ Proud member of Unite |
|
| Themen zu Weißer Bildschirm nach Laptopstart |
| andere, anmelde, anmelden, beiträge, bildschirm, bildschirm bleibt weiß, compu, computer, computern, einfach, erklären, laptop, laptops, melde, melden, starte, vertraut, weißer, weißer bildschirm |
Linear-Darstellung
