Laptop extrem langsam, steckt, kann videos nicht abspielen

yass0405 · 23.01.2015, 09:17

Wie schon gesagt, mein Laptop ist extrem langsam, er steckt andauernd, videos kann ich mir auch nicht mehr anschauen weil sie immer hängen. Der Browser stürzt oft ab und es öffnet sich andauernd Werbung. Also eine Katastrophe finde ich, man kann den Laptop kaum irgendwie normal benutzen

Wäre seeehr dankbar wenn man mir helfen könnte/würde! Danke

Warlord711 · 23.01.2015, 09:28

Hallo yass0405

Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Hier findest du die Anleitung für Hilfesuchende
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.

Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8 User mit Rechtsklick "als Administrator starten".

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Cursor zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

yass0405 · 23.01.2015, 13:09

Okay erstmal vielen Dank Timo

Das ist mal der FRST.txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by User (administrator) on USER-HP on 23-01-2015 09:58:17
Running from C:\Users\User\AppData\Local\Temp\chc2nfow.tmp
Loaded Profiles: User (Available profiles: User & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AMD) C:\Windows\System32\atieclxx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
() C:\Users\User\AppData\Roaming\InetStat\inetstat.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2899216 2013-05-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-24] (IDT, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-28] (Intel Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124720 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-07] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [Window Hide Tool] => C:\Program Files (x86)\Window Hide Tool\Window Hide Tool.exe
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [148048 2014-11-04] (PC Utilities Software Limited)
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [InetStat] => C:\Users\User\AppData\Roaming\InetStat\inetstat.exe [726542 2015-01-15] ()
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\MountPoints2: {3b236d9a-ade7-11e2-853a-c01885ff4683} - F:\SETUP.EXE
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\MountPoints2: {b6a40f40-9c4d-11e2-9a03-c01885ff4683} - F:\autorun.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53947;https=127.0.0.1:53947
ProxyServer: [S-1-5-21-2210452889-935881061-1018617790-1000] => http=10.0.0.1:8080;https=10.0.0.1:8080;ftp=10.0.0.1:8080
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.trovi.com/?gd=&ctid=CT3322197&octid=EB_ORIGINAL_CTID&ISID=M3272B312-1CD6-4D31-9E78-82FF3BDBAA0E&SearchSource=55&CUI=&UM=6&UP=SP320C49E1-69C7-4968-AB0B-C7A29FD49121&SSPV=
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1414959794&from=cvs2&uid=_XXXXXXXX
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1414959794&from=cvs2&uid=_XXXXXXXX&q={searchTerms}
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=QuickOC&dpid=QuickOC&co=AT&userid=d42e56f0-5d48-4b48-a338-5709fbbe060e&searchtype=ds&q={searchTerms}&installDate=28/04/2013
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1414959794&from=cvs2&uid=_XXXXXXXX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {98F97885-AE1D-47A9-9D49-C67BF0573EE2} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {98F97885-AE1D-47A9-9D49-C67BF0573EE2} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://at.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2210452889-935881061-1018617790-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322197&octid=EB_ORIGINAL_CTID&ISID=M3272B312-1CD6-4D31-9E78-82FF3BDBAA0E&SearchSource=58&CUI=&UM=6&UP=SP320C49E1-69C7-4968-AB0B-C7A29FD49121&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2210452889-935881061-1018617790-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_46_ch&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0F0FyEyCzztAtDyC0B0DtN0D0Tzu0StCtDyEyDtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzyyB0C0E0D0F0CtG0A0CtByCtGyDtB0DyEtGzytAtCyEtGyCyCyE0A0A0CtAtB0F0B0ByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0CyEtC0DtD0FyBtG0AyBtCtDtGyEtDzztDtGzz0EyDzztGzyyDtAtD0C0D0DtD0F0E0C0E2Q&cr=310633818&ir=
SearchScopes: HKU\S-1-5-21-2210452889-935881061-1018617790-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322197&octid=EB_ORIGINAL_CTID&ISID=M3272B312-1CD6-4D31-9E78-82FF3BDBAA0E&SearchSource=58&CUI=&UM=6&UP=SP320C49E1-69C7-4968-AB0B-C7A29FD49121&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-2210452889-935881061-1018617790-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2210452889-935881061-1018617790-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://feed.helperbar.com/?publisher=QuickOC&dpid=QuickOC&co=AT&userid=d42e56f0-5d48-4b48-a338-5709fbbe060e&searchtype=ds&q={searchTerms}&installDate=28/04/2013
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO-x32: mySecureSurfer -> {52EA1989-D16E-4560-9021-F0AD247DE4D1} -> C:\Users\User\AppData\LocalLow\mySecureSurfer\IE\mySecureSurfer.dll (Soft-Ware International Ltd.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKU\S-1-5-21-2210452889-935881061-1018617790-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 07 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 08 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 20 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [523344] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn [2012-07-26]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn [2015-01-23]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-11-09]
FF HKLM-x32\...\Firefox\Extensions: [irobinhood@irobinhood.org] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\irobinhood@irobinhood.org.xpi
FF HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: Default -> https://www.google.at/
CHR StartupUrls: Default -> "https://www.google.at/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-18]
CHR Extension: (Adguard AdBlocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2014-11-23]
CHR Extension: (Avira Browserschutz) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-21]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-23]
CHR Extension: (Website Logon) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2013-05-24]
CHR Extension: (topbuyer) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpncbaigkegmkchedmmeibhbopcdophn [2014-11-11]
CHR Extension: (Norton Security Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-11-12]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-18]
CHR Extension: (night tochpc) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjmhomfflfeomeelinjbpnmomlllilom [2012-11-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path
CHR HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\User\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-25]
CHR HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]
CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersExtension12_73.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-10-21]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\Exts\Chrome.crx [2013-02-08]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-23]
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [162096 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2365792 2012-09-19] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-08] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20121030.002\BHDrvx64.sys [1385632 2012-10-05] (Symantec Corporation)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-28] (DT Soft Ltd)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-09-09] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20121106.001\IDSvia64.sys [513184 2012-09-07] (Symantec Corporation)
R3 irstrtdv; C:\Windows\system32\drivers\irstrtdv.sys [26504 2012-02-07] (Intel Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20121106.004\ENG64.SYS [126112 2012-11-06] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20121106.004\EX64.SYS [2084000 2012-11-06] (Symantec Corporation)
S3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2012-03-02] (Synaptics Incorporated)
R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27408 2013-05-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-08-15] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-05-30] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-09-19] (TuneUp Software)
S3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 09:57 - 2015-01-23 09:58 - 00000000 ____D () C:\FRST
2015-01-23 08:38 - 2015-01-23 08:38 - 00000000 ____D () C:\Users\User\AppData\Local\{87B6EF9F-66B8-435E-AE5E-684877002A66}
2015-01-23 08:25 - 2015-01-23 08:26 - 00000000 ____D () C:\Users\User\AppData\Local\{279CF56B-A741-4FA5-8523-F6669DAEEF36}
2015-01-22 13:09 - 2015-01-22 13:59 - 00000000 ____D () C:\Users\User\Desktop\Fotos 2015
2015-01-18 23:50 - 2015-01-22 12:18 - 00000000 ____D () C:\Users\User\AppData\Local\{38BB406F-4CB2-4987-90BE-EFF094715C46}
2015-01-17 23:02 - 2015-01-18 11:48 - 00000000 ____D () C:\Users\User\AppData\Local\{618340C5-31B3-44AC-9BAB-00059723A0DD}
2015-01-14 19:58 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 19:58 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 19:58 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 19:58 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 19:58 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 19:58 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 19:58 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 19:57 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 19:57 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 19:57 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 19:57 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 19:57 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 19:57 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 12:58 - 2015-01-17 11:00 - 00000000 ____D () C:\Users\User\AppData\Local\{8ACCB629-3D27-4662-9015-F5D904576408}
2015-01-13 22:47 - 2015-01-13 22:47 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe_Systems_Incorporate
2015-01-13 22:46 - 2015-01-14 21:57 - 00000000 ____D () C:\Users\User\Documents\My Digital Editions
2015-01-11 22:49 - 2015-01-13 17:19 - 00000000 ____D () C:\Users\User\AppData\Local\{D40FB02A-7057-46AD-89C6-A3E1C935E61C}
2015-01-08 22:57 - 2015-01-11 10:48 - 00000000 ____D () C:\Users\User\AppData\Local\{EF012951-D267-43D9-BDC3-9222134D93DF}
2015-01-07 02:18 - 2015-01-08 10:56 - 00000000 ____D () C:\Users\User\AppData\Local\{BFD80726-4971-425E-9933-8F81FCAB0EF8}
2015-01-06 22:02 - 2015-01-06 22:02 - 00280928 _____ () C:\Windows\Minidump\010615-42011-01.dmp
2015-01-05 12:05 - 2015-01-06 14:17 - 00000000 ____D () C:\Users\User\AppData\Local\{BEEAB25B-163D-4A16-AFC7-1F88D072E85E}
2015-01-04 16:53 - 2015-01-05 22:53 - 00024575 ____H () C:\Users\User\Desktop\~WRL2241.tmp
2014-12-31 00:01 - 2015-01-04 15:44 - 00000000 ____D () C:\Users\User\AppData\Local\{196493D7-6516-4C31-BF2C-468B330832B7}
2014-12-28 14:05 - 2014-12-28 14:05 - 00000000 ____D () C:\Users\User\AppData\OICE_15_974FA576_32C1D314_AA2

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 09:57 - 2012-07-26 12:33 - 01462731 _____ () C:\Windows\WindowsUpdate.log
2015-01-23 09:54 - 2012-09-08 19:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 09:47 - 2012-10-24 19:20 - 00000000 ___RD () C:\Users\User\Desktop\Dropbox
2015-01-23 09:47 - 2012-10-24 19:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2015-01-23 09:45 - 2012-10-16 17:52 - 00000000 ____D () C:\Users\User\Tracing
2015-01-23 09:44 - 2012-09-08 19:11 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 09:41 - 2014-11-23 14:12 - 00004001 _____ () C:\Windows\setupact.log
2015-01-23 09:41 - 2014-11-11 08:16 - 00000000 ____D () C:\ProgramData\DiscountLocator
2015-01-23 09:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 09:38 - 2012-03-24 20:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 09:01 - 2012-09-09 10:47 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2015-01-23 08:45 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 08:45 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-22 21:38 - 2012-03-24 20:46 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-22 21:38 - 2012-03-24 20:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 21:38 - 2012-03-24 20:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-22 13:28 - 2014-09-18 20:50 - 00000000 ____D () C:\Users\User\Desktop\Schule 2014-2015
2015-01-22 12:45 - 2012-07-26 12:32 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F365B19-0723-4163-8DAE-03439FF5A742}
2015-01-21 20:30 - 2012-09-17 21:49 - 00005632 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-21 20:07 - 2013-09-22 11:37 - 00000000 ____D () C:\Users\User\Desktop\LIE
2015-01-21 19:49 - 2014-06-08 11:49 - 00000000 ____D () C:\Users\User\Desktop\So Zeug
2015-01-19 17:22 - 2013-09-16 19:11 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForUser.job
2015-01-18 14:11 - 2012-03-25 05:06 - 02223242 _____ () C:\Windows\system32\perfh007.dat
2015-01-18 14:11 - 2012-03-25 05:06 - 00637582 _____ () C:\Windows\system32\perfc007.dat
2015-01-18 14:11 - 2009-07-14 06:13 - 00006256 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-17 11:21 - 2013-07-27 00:35 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-17 11:05 - 2012-09-19 11:53 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-16 15:13 - 2012-09-14 12:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-16 15:11 - 2012-12-07 17:14 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-15 19:25 - 2014-11-11 00:54 - 00000000 ____D () C:\Users\User\AppData\Roaming\InetStat
2015-01-14 21:57 - 2012-03-24 20:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-13 22:47 - 2012-09-08 17:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2015-01-13 21:39 - 2012-09-09 17:01 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2015-01-13 21:34 - 2012-03-24 20:59 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-06 22:02 - 2014-11-23 14:12 - 743475733 _____ () C:\Windows\MEMORY.DMP
2015-01-06 22:02 - 2012-11-01 10:42 - 00000000 ____D () C:\Users\Gast
2015-01-06 22:02 - 2012-09-14 15:27 - 00000000 ____D () C:\Windows\Minidump
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 20:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-04 16:50 - 2014-07-18 10:20 - 00000000 ____D () C:\Users\User\Desktop\VWA
2014-12-25 11:18 - 2014-12-21 11:21 - 00000000 ____D () C:\Users\User\AppData\Local\{69575676-5896-4F70-A887-3837474FA2A6}

==================== Files in the root of some directories =======
2014-11-23 13:02 - 2014-11-23 13:02 - 0000004 _____ () C:\Users\User\AppData\Roaming\appdataFr2.bin
2012-09-17 21:49 - 2015-01-21 20:30 - 0005632 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-22 10:32 - 2014-10-22 10:32 - 0000836 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2012-10-21 19:26 - 2012-10-21 19:26 - 0000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2013-11-09 00:49 - 2013-11-09 10:46 - 0007760 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvvaxni.dll
C:\Users\User\AppData\Local\Temp\ose00000.exe
C:\Users\User\AppData\Local\Temp\ose00001.exe
C:\Users\User\AppData\Local\Temp\ose00002.exe
C:\Users\User\AppData\Local\Temp\ose00003.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\nsprs.dll
C:\Windows\SysWOW64\serauth1.dll
C:\Windows\SysWOW64\serauth2.dll
C:\Windows\SysWOW64\ssprs.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 22:53

==================== End Of Log ===========================

--- --- ---

Und das ist der Addition.txt

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by User at 2015-01-23 13:07:25
Running from C:\Users\User\AppData\Local\Temp\chc2nfow.tmp
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29342 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
ActiveState ActivePython 2.6.4.8 (32-bit) (HKLM-x32\...\{A1D14FC8-FF6E-4700-A501-BCAFD22B7D15}) (Version: 2.6.4.8 - ActiveState Software Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
AuthenTec TrueAPI 64-bit (Version: 1.6.0.87 - AuthenTec, Inc.) Hidden
AVG 2015 (Version: 15.0.4223 - AVG Technologies) Hidden
Avira (HKLM-x32\...\{905d3ded-fe60-432c-b56e-7cd19f2899ac}) (Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c4100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CouponFactor (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version:  - CouponFactor) <==== ATTENTION
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.3.5010 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}) (Version: 5.1.3 - Hewlett-Packard)
Evernote v. 4.5.8 (HKLM-x32\...\{DED01768-E634-11E1-AEB0-984BE15F174E}) (Version: 4.5.8.7356 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)
GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.60.0 - International GeoGebra Institute)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.122 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{AB5BCC55-18E2-46C7-9405-FF61CB888F05}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Documentation (HKLM-x32\...\{DF2D7B73-3E53-4241-B6B5-64D8344AEF6B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{A34CC51D-C2FF-4E0E-9F27-28B0249A15DD}) (Version: 11.15.0007 - HP)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{42719DC3-4982-47DD-B025-B21C4BDD504D}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP SimplePass (HKLM-x32\...\{34C821CA-6B55-44A0-8A9B-2EF471D6019E}) (Version: 6.0.100.272 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
hp_ENVY_Ultrabook_4_and_6_Screensaver_DE (HKLM-x32\...\hp_ENVY_Ultrabook_4_and_6_Screensaver_DE) (Version:  - )
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6395.0 - IDT)
InetStat (HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\InetStat) (Version: 0.5b - InetStat) <==== ATTENTION!
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 1.0.0.1021 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.670 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Macromedia Extension Manager (HKLM-x32\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname)
Macromedia Flash 8 (HKLM-x32\...\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}) (Version: 8.00.0000 - Macromedia)
Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia)
Macromedia Flash Player 8 (HKLM-x32\...\{885A63EA-382B-4DD4-A755-14809B8557D6}) (Version: 8.0.22.0 - Macromedia)
Macromedia Flash Player 8 Plugin (HKLM-x32\...\{91057632-CA70-413C-B628-2D3CDBBB906B}) (Version: 8.0.22.0 - Macromedia)
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - Deutsch (HKLM\...\{90150000-00BD-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.2.0.3 - PC Utilities Software Limited) <==== ATTENTION
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27012 - Realtek Semiconductor Corp.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SPSS 15.0 für Windows [Auswertung Version] (HKLM-x32\...\{6D9B9CF3-1E9C-45B6-B41E-5CF568605556}) (Version: 15.0.1 - SPSS Inc.)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
StormFall (HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\StormFall) (Version:  - StormFall) <==== ATTENTION!
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.5.1 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.2020.4 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2210452889-935881061-1018617790-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2210452889-935881061-1018617790-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2210452889-935881061-1018617790-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2210452889-935881061-1018617790-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2210452889-935881061-1018617790-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2210452889-935881061-1018617790-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2210452889-935881061-1018617790-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2210452889-935881061-1018617790-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2210452889-935881061-1018617790-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\User\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

31-12-2014 00:14:55 Windows Update
06-01-2015 14:29:50 Windows Update
11-01-2015 11:03:01 Windows Update
14-01-2015 19:52:39 Windows Update
17-01-2015 11:00:53 Windows Update
21-01-2015 00:41:33 Windows Update
23-01-2015 09:37:32 Windows Defender Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C646557-EEE0-4030-84B6-26E9BB8188C1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {120A40B0-2A66-495E-8E7C-7F97DB3B4B7E} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-02-17] ()
Task: {2D56F970-5756-4C2A-AE35-B3A14C1AA19E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {337B35F8-4038-4D22-AB52-223F17F6C1B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {4DDCDECE-F95F-4536-BAF4-635D68F934F7} - System32\Tasks\{6E0433AD-1EFC-476B-A0D1-EF3000203C9A} => pcalua.exe -a C:\Users\User\Downloads\sp54762.exe -d C:\Users\User\Downloads
Task: {4E90DDB8-4826-4174-BF90-16DD80A1C045} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {57444CDA-C208-4BC1-8894-26F913418B0A} - System32\Tasks\{90FDB896-B043-4BDD-9C4A-11657F7A9223} => pcalua.exe -a C:\Users\User\Downloads\sp45183.exe -d C:\Users\User\Downloads
Task: {59A6D75D-6AD8-47E3-B838-53F5FC35064F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-22] (Adobe Systems Incorporated)
Task: {5A41DF5B-50B6-464D-BFBD-3950A7CA4748} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-09-19] (TuneUp Software)
Task: {6B0C8BA8-D111-4E97-A772-5CF18212D96E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {6F03ED89-D21F-433B-82B1-227587A1B5C6} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {73A3C8B1-8F30-45DF-85B5-C36A1027FCE5} - System32\Tasks\{C073B84A-F9B3-421E-87A4-052891E33DBB} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {77CFAD4B-D741-46DE-8867-B8A9799C8677} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {7CB7C149-5665-45E8-996B-D3E6059CC03C} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION
Task: {89B3A905-FB3B-4DF6-9B14-ABDE774629CC} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {8C4411BF-0C88-4CBE-828B-8DF5E7950EB4} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-10] (CyberLink)
Task: {8DB55D90-F5B0-458A-894C-528766061E9F} - System32\Tasks\{E276B691-1507-4F74-8332-B79F089C8D28} => pcalua.exe -a C:\Users\User\Downloads\sp57107.exe -d C:\Users\User\Downloads
Task: {AE136507-1BB0-4757-9901-8E3FE7A7602C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {AFAF01CE-DBAB-48AE-AC77-307BE75F9E36} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BDD4F47F-5109-401E-B58B-B90044D203BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {BE0EC48C-3658-4530-BEAB-AF8EC8C2A2A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {C321DCDB-1FE1-4C71-8C48-FB76B0D72650} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)
Task: {C8F17D58-3F12-4D2A-81E3-5BBD8EB87494} - System32\Tasks\{445EE4DE-497B-412F-BA52-5F3338220E90} => pcalua.exe -a "C:\Program Files (x86)\Claro LTD\claro\1.8.8.5\GUninstaller.exe" -c -uprtc -key "claro"
Task: {C917E71C-8ABD-4110-902C-588BE333A693} - System32\Tasks\HPCeeScheduleForUser => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {CD72308C-7E6C-4E71-B984-85738B6F0455} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E881E1C1-1F18-4DEC-ABAF-C3E28C2E8297} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {F90FE2BA-C20E-444E-B7EA-8B00061A5325} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForUser.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-02-07 08:19 - 2013-02-07 08:19 - 04073768 _____ () C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
2012-02-28 10:07 - 2012-02-28 10:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-12-19 22:34 - 2011-12-19 22:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2014-11-11 00:54 - 2015-01-15 19:26 - 00726542 _____ () C:\Users\User\AppData\Roaming\InetStat\inetstat.exe
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-23 09:46 - 2015-01-23 09:46 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvvaxni.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-03-16 14:42 - 2012-03-16 14:42 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-03-16 14:42 - 2012-03-16 14:42 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2012-04-24 19:18 - 2012-04-24 19:18 - 00087912 _____ () C:\Program Files (x86)\Safari\Apple Application Support\zlib1.dll
2012-04-24 19:18 - 2012-04-24 19:18 - 01242472 _____ () C:\Program Files (x86)\Safari\Apple Application Support\libxml2.dll
2014-10-14 23:28 - 2014-10-14 23:28 - 08897696 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-05-30 03:52 - 2012-02-08 18:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2210452889-935881061-1018617790-500 - Administrator - Disabled)
Gast (S-1-5-21-2210452889-935881061-1018617790-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2210452889-935881061-1018617790-1003 - Limited - Enabled)
User (S-1-5-21-2210452889-935881061-1018617790-1000 - Administrator - Enabled) => C:\Users\User

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/23/2015 10:44:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5445

Error: (01/23/2015 10:44:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5445

Error: (01/23/2015 10:44:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2015 10:44:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2403

Error: (01/23/2015 10:44:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2403

Error: (01/23/2015 10:44:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2015 10:09:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18127

Error: (01/23/2015 10:09:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18127

Error: (01/23/2015 10:09:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2015 10:09:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16443


System errors:
=============
Error: (01/23/2015 01:04:59 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (01/23/2015 09:52:19 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (01/23/2015 09:47:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Software Protection" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/23/2015 09:47:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Protection erreicht.

Error: (01/23/2015 09:46:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/23/2015 09:46:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) Rapid Storage Technology erreicht.

Error: (01/23/2015 09:45:33 AM) (Source: iaStor) (EventID: 9) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (01/23/2015 09:42:59 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Avgloga

Error: (01/23/2015 09:39:12 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (01/23/2015 09:39:12 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}


Microsoft Office Sessions:
=========================
Error: (01/23/2015 10:44:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5445

Error: (01/23/2015 10:44:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5445

Error: (01/23/2015 10:44:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2015 10:44:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2403

Error: (01/23/2015 10:44:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2403

Error: (01/23/2015 10:44:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2015 10:09:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18127

Error: (01/23/2015 10:09:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18127

Error: (01/23/2015 10:09:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/23/2015 10:09:05 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 16443


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz
Percentage of memory in use: 53%
Total physical RAM: 3998.31 MB
Available physical RAM: 1878.88 MB
Total Pagefile: 7994.81 MB
Available Pagefile: 5255.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:277.96 GB) (Free:60.45 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.83 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (15.0.4420.1017) (CDROM) (Total:0.66 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: B8BF4AF5)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=278 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=19.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=101 MB) - (Type=0C)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 4 GB) (Disk ID: 35C56675)
Partition 1: (Not Active) - (Size=4 GB) - (Type=84)

==================== End Of Log ============================

--- --- ---

Warlord711 · 25.01.2015, 17:32

Hinweis: Registry Cleaner

Ich sehe, dass du sogenannte Registry Cleaner installiert hast.
In deinem Fall TuneUp 2013.

Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab.

Der Grund ist ganz einfach:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler.
Zerstörst du die Registry, zerstörst du Windows.

Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich.

Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über

Start --> Systemsteuerung --> Software (bei Windows XP)
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)

zu deinstallieren.

Schritt 1
Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

CouponFactor
InetStat
Optimizer Pro v3.2
StormFall
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 5
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

yass0405 · 25.01.2015, 22:58

Okay alles erledigt !!

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v4.109 - Bericht erstellt am 25/01/2015 um 18:01:22
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-25.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : User - USER-HP
# Gestartet von : C:\Users\User\Downloads\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\DiscounTLoCatOr
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\c069dca1de150c91
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
Ordner Gelöscht : C:\Program Files (x86)\iRobinHood
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\Users\User\AppData\Local\Gameo
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\Claro LTD
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\iRobinHood
Ordner Gelöscht : C:\Users\User\AppData\LocalLow\mySecureSurfer
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\User\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\User\AppData\Roaming\ExpressFiles
Ordner Gelöscht : C:\Users\User\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\User\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpncbaigkegmkchedmmeibhbopcdophn
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovi.com_0.localstorage
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.trovi.com_0.localstorage-journal
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
Datei Gelöscht : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : Express FilesUpdate

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\iidmoehhpbghchkaogkhmcckhlhebekn
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm
Schlüssel Gelöscht : HKCU\Software\855d88ab43abe15
Schlüssel Gelöscht : HKLM\SOFTWARE\855d88ab43abe15
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{52EA1989-D16E-4560-9021-F0AD247DE4D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52EA1989-D16E-4560-9021-F0AD247DE4D1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\ExpressFiles
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\gameo
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\ExpressFiles
Schlüssel Gelöscht : HKLM\SOFTWARE\IePlugin
Schlüssel Gelöscht : HKLM\SOFTWARE\SweetIM
Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\webssearchesSoftware
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\B696D3C37BD0D6C33A65D38BEC459181
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\B696D3C37BD0D6C33A65D38BEC459181
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B696D3C37BD0D6C33A65D38BEC459181
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;<local>
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=10.0.0.1:8080;hxxps=10.0.0.1:8080;ftp=10.0.0.1:8080

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Google Chrome v38.0.2125.122

[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1414959794&from=cvs2&uid=_XXXXXXXX&q={searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1414959794&from=cvs2&uid=_XXXXXXXX&q={searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_46_ch&cd=2XzuyEtN2Y1L1Qzu0CtDtCzzzzyD0F0FyEyCzztAtDyC0B0DtN0D0Tzu0StCtDyEyDtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyCzyyB0C0E0D0F0CtG0A0CtByCtGyDtB0DyEtGzytAtCyEtGyCyCyE0A0A0CtAtB0F0B0ByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0CyEtC0DtD0FyBtG0AyBtCtDtGyEtDzztDtGzz0EyDzztGzyyDtAtD0C0D0DtD0F0E0C0E2Q&cr=310633818&ir=
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322197&octid=EB_ORIGINAL_CTID&ISID=M3272B312-1CD6-4D31-9E78-82FF3BDBAA0E&SearchSource=58&CUI=&UM=6&UP=SP320C49E1-69C7-4968-AB0B-C7A29FD49121&q={searchTerms}&SSPV=

*************************

AdwCleaner[R0].txt - [15097 octets] - [25/01/2015 17:55:40]
AdwCleaner[S0].txt - [12211 octets] - [25/01/2015 18:01:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12272 octets] ##########

--- --- ---

JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by User on 25.01.2015 at 18:12:51,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{003B33A2-E303-481F-B6F7-9F9057F16FE8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{00AE1371-80D3-417E-8872-64CB1B55EA17}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{029902DD-42F4-45A8-B0C1-433BF99F10F3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{02DE1847-7E56-48F0-9F67-69ACEC4B43EF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{02ED07FD-FC5A-41C6-B5C6-680411718EBB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{02F81D81-5ECE-4BEA-8ADC-C02ED4DA5FC4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{03286D46-50AE-481A-BD78-29A3F71ECB43}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{033532AA-5026-4435-8434-F0AC3764487A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{03ACF48A-28AB-4344-902D-2C21F44C937B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{04CE2C29-12F7-482F-8457-0E3AE7C3C880}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{05193300-28B6-4BAF-A1E1-A913D46E945F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{063EEC1D-E73B-4104-ABF4-B87397EB9CE4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{08C124A2-1B6D-409C-BF7B-784638714EF1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{08CE02A5-84C7-49D1-ACE5-62113C13DAD6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{09866843-C0BC-4CDE-AA20-DD3754F50258}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{098A656A-FEB0-47E5-B76C-43BBACC49F95}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{09BCDDD2-33FC-4D96-ADEA-92181BBB2C06}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0A32C696-8681-4C17-8AD6-C8ADEF0E4D58}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0A6F25A4-BDD2-4361-B23D-E7AA3A7CB690}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0B3C5746-92EA-4DF1-BA43-1937D58D5062}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0B4EB2BD-7C08-4645-9214-013C9CE3CD95}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0BA39880-787D-47DF-B0BB-78BF6CFBBE5A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0DF26622-E2FD-4042-9C78-F27ECD0A00B0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0DF365BB-C212-43D1-A1AA-5C0776BDEC3D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0DF4572D-60E7-4D73-ABE4-355340B259D6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0E4B9F4A-60D4-497E-8B9C-E7CB31702B47}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0EAA68C6-F6D4-4067-AC93-4B35DA350E91}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0ED77F78-0BD8-419F-9435-CEB6AF269034}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0F0D85E7-D433-41B3-B626-DF43E54354F8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{0F34A95E-F937-4E28-898B-3F2FBFEAB3E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{10814DA5-8326-4D23-83B4-2D92345E6BE1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1092434A-4892-4147-9234-945D0161A51F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1287B512-BB6E-4F39-95BD-24CCC00B3570}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{12FAD9E1-8B08-4959-89F5-5E55933E1D4E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{139E4423-82C6-4351-8C36-4932A1849334}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{13E0B1AD-8A0E-44DD-8C48-2C0E21D93EBE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{14889B10-496A-4339-BE75-5CF0BA8FDF14}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{14B767A3-2789-4AAB-92EC-8B3F5614D00D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{153A5DFE-1270-4148-928A-431C78562C5E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{155B1896-5F34-4A16-8BE4-29F3D8790ABD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{156E06FC-94E1-4592-9CD9-7E7F761B4006}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1577F86C-075E-4916-B5E2-03A25793C1E7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{159F6E0E-7BB6-4ACC-B894-73EBA667B75E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{17060BBB-46A2-49A2-853E-E7BCB016539C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1729F5B4-47E0-4C9C-A6C3-71E2E3DCFA17}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{175B5871-E437-4B53-81C1-6D099C9E7C51}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{184A80DB-3D0E-4F21-8F89-585439E1DD10}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{18C39DD8-6B80-4D29-BB7F-77B990FCB641}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{196493D7-6516-4C31-BF2C-468B330832B7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{19DED7A2-F25B-4434-AFAD-3CCFFFB4AC2E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1A972A08-DEBA-4154-8611-816A67BEE5AA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1AC8A045-F1EA-443E-8584-18CCA4A39257}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1CA12455-BF78-4595-87FA-DF3FABBB2794}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1CB148AB-A7DF-4B81-A242-4F7FFCF67BA8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1E68AFBC-B510-4886-B61F-2A6191B5A6A5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1F0E8F9B-BC8F-475B-96E6-97D5B1484266}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{1F98DC94-A61A-4141-BAC3-E41EED494F68}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{20313755-EE99-41EF-8566-429753829FB0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{21F788DF-DCAD-442C-A82B-3324F72C8A71}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{227A46CE-CA5A-4537-89C1-916D1D1026A5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{22C40FF3-32F3-4DF8-B3F4-28607150745A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{22C86C43-AE32-4F29-A878-F67C7ABE50E6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2310C358-21E5-4443-BA2E-B81E1F259A47}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{235E0013-96C3-4D44-B303-DA1BC197D70A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{23D0C54F-64C8-47B8-B254-83F09F03DECF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{241349EC-C78D-4964-A183-B5B13E972EE0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{243E3B5E-AA3C-4DDE-BB51-4EDC27D4DF1D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{24CF946B-B4F7-4EC0-8FF2-3258E6B51EB6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{254A40EE-2B82-48BB-B733-87CA4AFEAF87}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{25ECAE93-7895-4930-B451-513CDAB63403}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{26CB1FED-9B7A-48E0-8776-64A17FB7AFD0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2711AC70-4F7D-4459-BA8E-AC900DBDBF35}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{279CF56B-A741-4FA5-8523-F6669DAEEF36}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{27DD1F1B-EAC0-4015-8770-1FC17642C7C3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{29525909-948E-4FBF-99BB-BECBBFC6999D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{29C91B27-97B7-4318-BF93-7B2757B992BB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2B1B3A29-DFE9-4E27-8321-4FF8F2B21743}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2BF1B6A9-3FEF-4C45-9A19-8743A3894C16}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2C4D3CE7-8B63-44A0-A450-EC2BC53C88BF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2D5F09F5-CFA3-463B-B122-D01236D0C6DF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2D9E9BFC-B4F8-4962-B662-B3F61D25911C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2DA2B2F3-7C0E-4653-B0F7-31B1DDAAC8C4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2E444A57-1A96-4914-BDA1-503E1CF5BB92}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2E9B8EFF-0C71-414E-80F3-3EE25C5E758C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2F006C8D-DC13-4D00-9443-035B7AC4CAAC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{2F4512E6-613F-4E65-8BA8-767742D51759}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3113FBDC-4764-4BF8-93B6-B5A87CE52023}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3199AE72-1B29-49BC-BEB6-5916D97EC28B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{31AA250F-72CE-4F3E-99A5-5DA267F72075}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{32497AFB-66F1-458A-A650-BEE03CB8F832}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{32D3B235-4029-405B-B611-5E9C78C0B49A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{338CB1D2-BB7C-4250-AE42-C9FC2C0C3AE8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{33FD3355-9996-4965-AE09-97739C391625}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{34563183-4D54-4884-8356-F0DF3195CAA5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3523767F-546C-4BF5-95BC-32428A45D728}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{36639C65-9C67-4DA4-86A9-C7AF797B32F7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{367CD150-FBE9-4E2C-8883-E50FEE8A2814}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{367E6AD8-AD48-40A7-B51C-E88410F567DF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{381DBDA5-8285-44CF-9884-81E4248573FE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{38BB406F-4CB2-4987-90BE-EFF094715C46}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{391B1813-FCF9-4C7F-A035-ECE07D86B7DC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{39D147C1-7993-4C59-8CED-EEAEB2A0498C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3A2E5CC9-4520-4946-97A4-FC077A095042}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3A57A921-506C-4850-9033-49D0D4234D99}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3B6AD293-FD8A-40EF-8E1A-BBEC9CCC7591}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3BF9AD3E-3B83-4501-BE02-C718232129F8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3C3A0A2F-162D-40FC-AC8B-1DA328F375AC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3C6B2480-BB71-4F16-B0DA-18C3AEAF38FC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3CE7CFDC-4C1D-4622-A4A2-050117B8275C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3DD8170F-DD88-4600-B9A1-05DB0DCCA433}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3E0B64F4-1F47-48B2-B9F1-24AC94388616}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3E0DFB6B-B006-49C6-BD4A-97DA30C380AA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{3FB2EE9B-96E1-461E-98E4-54E49D9A7848}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{40060348-ECC1-49B0-A154-FB719165E104}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{40EDEA20-B940-4C4D-9C85-54A70F2C7C40}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4101C52F-C8A7-48B8-BEFB-F9A8CDE40A3B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{416969B2-5FE7-41BF-81A0-92380E63F6C6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4274E01D-B3A5-4095-97A2-9EA490DCF884}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4283A458-051C-41A8-B634-711AE11DD9B8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{434A66D8-C29A-48A7-9031-687F0A10F215}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{43FF3B41-E6DE-451F-BE88-AAA2EF4382CD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{44B52CB5-A952-4A66-A1A7-058F7ABD0003}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{44CB0D9D-70E8-4605-9244-6A7BF9EC2B6B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{45486FC6-B3EF-4EFE-932D-F25C7B6E1B00}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{45A45866-4B63-4362-99B4-CC0DBBAF3608}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4663E6A3-2048-4B4E-8999-C337A8629E69}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{46D4C25E-9468-4E70-B815-C5E657EF073E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{493DB309-2D6B-4976-BA7F-F06FD4C8D54A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{496B00B5-FDF4-4740-B21A-3357DD476DE0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{497E9F5E-D5A8-4113-AE4A-14B1C566EB3F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4998088F-A1EC-46E3-A457-C61B14A00463}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4B1CFF10-FBB5-4AAD-8772-AF96775B4201}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4B5417A5-60C9-489A-8A19-B04EFA0ACFC6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4B6C9B51-E379-42BE-8499-D03A861F5A34}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4C94362D-9C7E-42FD-9703-DC9A898F85FB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4CDDDD98-1A17-47E8-B836-6A18F65E3C66}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4CFC0AB9-B30A-4CC2-B787-F9EFDEC6C368}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4E4C4A8F-DAB3-4E21-8165-C68EFF138FB4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{4F38A51A-6377-40AB-AD51-DAFDECC1BC9A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{50F7618C-4633-41AD-9060-DBA2FA9B9552}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{513A1D01-4998-4783-8ACA-B263B51BEEA2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5190E60B-E30B-4ACD-93F8-55CAE05D0EE4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{524A53A6-C5F3-413F-9314-143A0CDAE925}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{528ABF69-3521-4805-B7D6-28E856CB04FB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{52B950F5-F704-4247-940F-BF338FA90183}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{52ECF73F-33F8-4883-9C70-855F7E7C7D63}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{53947F67-F3BB-4F58-8C93-5C5E3F8C5C82}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5460B081-D44F-46A1-86AC-23A1B2ABC895}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{549D1CDA-ACE9-49A0-96CC-140DAA35A2B7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{55AF3E4A-5BF7-4CC8-B6CB-0DF7BC8C9CE8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5794FC64-FC94-4200-A547-E25F7806440F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{58642027-7FB2-488D-9952-E8ECD7B913FB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{587DCF4D-B6D2-41DD-883A-C46B500D24E7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{58E94B79-D0F5-41EA-8D3E-C57805DBBB75}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{598A9143-4C97-4236-AAA5-04240F34442A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5A17EC82-4AA6-40C3-AD6C-AF1C80CF8D07}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5A4380BA-C777-4ECC-A6A0-D975E8A0BBDC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5B0757FD-4E33-4893-B088-9EE9A4821BD1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5B5655FE-0E0A-4910-8CB4-901E15D7688E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5B807970-3168-444D-B7DA-200D25D4F2CA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5C0DA7BC-8CAA-48FE-A6C7-275E4935D46F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5C82E257-23A6-4417-BDCC-31D194A7F106}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5CA60C99-90E4-4C72-959D-F1C63E75EBC8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5D0360FC-CF49-4735-AD9B-35F2D230E35F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5F1BFFFC-8B06-45B0-B3A5-5515F1B0B2CD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5F883CF7-9096-4D24-8B50-E20B42DDCAA6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5FD7E473-2619-4A0C-9483-1E9CDEDFD876}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5FDF5EDF-3F0C-4194-A2CD-0A3817D5F7FE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{5FEFE4E3-E39B-4AB8-A6D2-6B03C3D72DE6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{606C694C-FA18-4725-B9F2-4376B40249CA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{607BEE04-7D6D-4D6F-B1BA-98B8AF8FC207}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{60CE4CC4-3ACE-46E2-BE3A-89DC490EA269}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{614CB9D3-E43E-482C-866A-05632D66B848}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{618340C5-31B3-44AC-9BAB-00059723A0DD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{61DB1908-F9D0-4B8D-BBC1-FD7999BA2D7C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{61EA91B8-6FF2-447C-9ACB-9868596036A8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{61F00937-9B37-47DB-8988-98556E105FD8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6225D1A2-53BC-4943-A53B-392D6DCDEA08}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{623B1693-8F8A-4DBF-B6EB-8E06034944A1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6308A34F-D1EF-4C76-A6E8-F7AE38CFBFD7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{63E64823-BCFD-4072-B2FB-9AFF550CBBED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{64777B90-89ED-4844-8FA4-FB8EDEEDCB6C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{64D98A41-03B6-4F73-A395-7421E8AADDDA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6552C4C5-17A2-417D-B11C-2BFE5FB4D3E3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6793983E-9B57-4E43-AB6F-DC631732C3D9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{680FBEEF-F870-4EEB-B39D-F40F8F967B25}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{681D26BB-AC3F-4FFA-8345-8A91A24DE247}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{691E11D1-C23C-4F8B-8F61-6ADEEC20D38A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{69575676-5896-4F70-A887-3837474FA2A6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{69DA451D-6EED-40BF-8972-5D99E65727C7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{69DAC722-14A0-4C61-91AC-5EA6C4079B27}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6B12D7C6-3FC1-459F-A3E7-5C661D04BA6C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6B16107F-445A-4E91-9ADF-C35444FD58BD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6B90DFD7-8EFB-4DA8-9749-6B90F0696AA7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6BD8C873-EF2C-4CBC-B21F-678BFFF5BAAA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6CED3799-79EC-4414-93C2-207B727B3D1D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{6EF9F335-FC0D-4861-976A-C55D03EBE8E3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7057721C-B2AA-4A7E-8188-1B7EDACDA252}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{70D3DB38-0F91-4DC6-AEE4-07D63AFDE817}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{713C2D68-D616-455E-98E4-95945CA99A0C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7255C13D-A36B-4568-9A75-91E2D1512958}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{72F7EA19-4F12-4963-BA2D-C75BBB7A675B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{738317E7-BA83-411C-83F1-A923E489369E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{73C256DD-7875-48B9-832B-6C0C833DE364}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{74CB91D6-38C8-4FDD-BA0D-B8E9ADFD84D9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7509D038-ADED-4FE2-A43C-1B28173A094A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{75202B26-0CA2-47B7-91A9-5BE52F0C7980}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{75746D9A-DA61-437E-A42E-28152ACFC457}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{762657FE-31B0-4E8F-8349-F3E365F7D343}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{77D7B76B-8792-4B10-8598-D6B789148D54}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{780BFB26-AFE0-4FEC-B319-132F7A4590E5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{78102255-9886-488D-8C03-7AB1EB6F4296}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{790F7D10-F006-4A93-A5B9-147E37115435}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{79D9B8F6-87F9-4E55-AC41-DC834361D09D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7AACCE21-03D6-4081-8BD9-77140D4D34D6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7ACCF59B-C02A-4400-A547-AB368E68BE66}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7B76E8A0-1C68-4007-96A1-0B418FA2BB7C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7C113550-BEF9-4CA2-BD1F-598B6AA2E126}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7D5AF4B1-D084-4609-BACA-920C9FBEF33A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{7DCF868F-6BCE-495A-88F3-B0477014E3C5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{80230864-8073-4B11-AC7B-E451B51C6137}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{807583D6-951B-4B4C-922B-B86020573586}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{809B5DE2-3B84-4AC2-AD23-ECFAB56E6824}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{830494B8-AF43-442A-9690-F61CBB32F63B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8364C1A3-AA29-41AF-BD5F-D49A51814CF2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{83DA0657-999E-4DA8-93B8-B2DF8C3449E3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{84346D73-676B-4277-B61D-00D8D7CD744F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8435F6BE-D5F7-457D-8724-4B147573F0D0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{84F85030-0172-43D8-BB9C-97A5154E4FE1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8599E3AC-7251-4049-8651-EC67306318D5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{85AE79C0-EC11-43EA-854E-DEAB0BFF9141}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{85F67420-1724-4AC4-A60F-B8BC71853122}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{86E5599B-524B-48CC-A23A-F465012ED686}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{87B6EF9F-66B8-435E-AE5E-684877002A66}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{87FA2A19-2AA3-4C90-A152-3D706444050E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8868653D-FED5-49FA-8A84-64336979E1A5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8919FF1A-E24F-45DD-8BA8-879820E62B59}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{89ECACBE-27E9-46CC-BC4C-39B958A4380C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8A17679B-9AC6-4C87-98E1-121634A9526B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8A55E0DC-88FF-49EB-8A0E-2A0F55C0CD24}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8ACCB629-3D27-4662-9015-F5D904576408}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8ADB19D5-8F69-4DEF-B262-E7968FE3E6F0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8C2CA3A1-2E92-4670-83CD-E0C9F96FACCD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8CFF1057-10DA-410D-A9B5-FC7E4BF95320}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8D064DB2-4866-48FC-ADDB-C5EB1802BCCE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8D082C38-9A8A-4A94-8B10-6C1603DF95E8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8D22E541-5830-48CB-838A-6703D9D27D31}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8E76A346-F7F6-4C08-9E96-0C87A3AFBFEC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8E9BACF7-B04F-4600-A682-080396AF33FF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8EFF4714-AC80-42C3-8005-953AFE8D9382}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8FAF1918-9317-4DB3-9F13-6D4BC2A76EDB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{8FFCD8B4-98CB-4777-8491-785FE664F598}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{900B1269-DB7D-4D1F-9AF9-558302E694A2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{903FC021-67E4-4E68-805A-C9937DF5AC39}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{904735FD-2733-4851-AB94-3DDC72B88F88}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{911E63D3-B21B-4B7C-ADB5-B478A8DE436A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9142C3D5-23FA-46D0-8276-5C1EB2BE1333}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{91EA956A-9525-46B2-AEED-57A5E69897BC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{91F59DDF-7F16-4832-99D2-76D03B83BDC0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{92842186-8B1E-4C76-81C5-174505AE979F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{93883EE3-D07F-4F8C-95B9-C1EFF2CE65B7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{93D71F86-4FEF-4368-868F-B1D93E3AEA4B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{93FA3895-C02B-4B60-A646-5ECF3EF1E77D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{943DFDF0-3079-4F5B-8617-6F242860DB22}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{948C73B5-B266-454B-9F10-AA5CFEDD4F4C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{94947B90-320A-4784-A2FB-1FCBA16124CD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{94B6D72C-40EC-4F6E-8997-9E0D0A8857A7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{95633C60-C959-42DD-BC61-8CAC8A3571E9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{95C62FEB-F0E0-4609-B293-1310F127275D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{97A88825-EDA8-49B4-9717-A416E84F9748}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{982E34AB-C1D8-45B4-961C-31ABEDD42BB4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{98508692-ABC2-496A-BB72-BD117E2AC9C0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{985F9FFB-5B56-4D91-A07F-B8CA1EF5B8D2}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{98A061AB-6B3E-4C29-B521-83F00D809BD1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{98FB7913-67C8-447C-AE37-CE25BA97A3AA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9918E996-1C56-4735-AE8F-7655A962646D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{99EF0AC2-28BA-4963-A3E2-DDDA00978C2E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9A16B0BA-4177-49D2-A4A7-70B338939A18}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9A60FA02-2C64-4549-A2E6-81B580818A6D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9BA15925-91A0-4D18-81FA-17BF8A62DAFE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C1DEDB5-765D-4DE7-9518-254A9F3DBA14}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9C286569-4621-498E-B61E-7F15C762E813}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9E36EA33-BF9F-4C03-ACBC-17DECA41F84F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9E9D4192-8A65-4835-8C4B-072D7785073E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9EB6B65B-5B99-4E97-8280-5E037D8E8F9B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9ECFDE39-E5F6-4D5D-BA9E-06327E44DE1E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9ED9BB13-E7B1-4958-AB44-3026D7F7CAEE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{9EF677E3-BE96-4672-90A5-04DD69A33909}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A04A272B-88C9-4E4E-B3A4-B6B42516F567}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A0651908-0E6D-4DE5-ADEF-833C0943A743}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A06D04FC-C12E-43F7-9913-57F7C4CE352E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A096EA1C-ECEC-48B0-8D1B-FFD3612316DC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A16363B7-6BE7-4D67-AFE0-657C4EB27556}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A2B3EA63-D96C-4142-B700-0191DF7436E8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A306E390-D672-407A-92F2-9AD62B9D1844}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A32394CA-4C14-45D1-9480-80F6D130705A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A38B976B-175C-4068-94C6-52DF89028D46}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A513BA06-2806-4194-A2E6-958392A4CAB9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A536B810-7D50-41EF-BE11-555B1441D3AE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A56F59BA-293A-434A-8EB9-B16DAAE81C6C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A57F89D0-2C61-448A-88FC-3F75BFCE1CAA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A6E6A7D0-8EA6-4CB5-A6C1-9347552025DE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A71461DA-CF4A-4E6A-9B7B-026B3DA24601}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A8971355-E249-4DD5-A973-6F1884E2F497}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{A9CA772D-F9D4-4FED-936E-B70B5EBB1225}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AA8BD1A5-A766-4E1E-AF62-03B51F8C44FF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AAFA6E59-CD7F-4A37-A2F1-CF63126CBA46}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AB21A8D9-B0AC-4A58-B5C9-9858BAA6A40A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AB294228-4C59-45FF-AA32-C5F38837B9FC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AB4DFC6E-43D9-4B39-94C6-D61F5A0CE1F8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AB675C12-5C25-496B-843B-30C93D774563}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AB821760-0A16-46F5-AD68-5E3D64C10C79}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AC60FD4E-7918-44C5-AFAD-8F14A801BEF6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AC6D0266-E772-4339-91B1-5827EF203DC3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AD4D811D-637B-4E85-8A13-ABD65CD99B6C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AE3DCBE8-0B80-4BE1-929E-BE47146BB6D6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AE3E6DA8-32E0-49F0-A545-5A15B1343313}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{AF9B3DDA-F5E6-41E4-8D49-B6CB920C9EE9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B08FBDEA-AD1D-4082-BCC7-ED442080B81C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B093853A-B71F-4F47-8E51-542246A4CE55}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B16EF1DF-0DF4-4CBE-9272-80DD627FAC99}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B18B3990-20B4-4619-908B-7A3C405504F1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B1BAC24A-95A5-4D45-A0E4-01B15CA0D94A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B2680452-7827-405F-BAD4-A2A2C4574FB4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B2C06E66-B9F5-45E5-950A-9ADAB12A89FD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B3125006-9528-4B30-9FAF-7B8F814B8F1A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B40106CC-BFBE-4716-9FD1-1FA109112F70}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B43C8DEE-23FD-47C2-9CF9-A1FB31D229BE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B4CB71A7-A627-44AB-BAFA-07EA69874635}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B4EF5624-8029-4871-9DD9-E53517499EB3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B5F3D24B-5821-4049-AFAF-EE1CB222D232}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B672E7F2-EE8C-4E18-942E-F2526C2D34C1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B6731F9D-2DB6-4333-8BCC-E392E094C972}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B72F17B7-600E-4062-9B26-A92DC84BF6C3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B8092021-4BAC-4486-867B-4725CA552848}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B82C456D-AD76-470D-B15E-B22BB035A23E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B89B17FE-D925-491E-8198-86DFFA885E69}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B98E408C-1A02-4B24-B32D-939127FF5EF6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B99EA01B-6077-471B-B5B7-26A2A5FADA50}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{B9CB5E9D-EC84-4113-BD04-9F71B361AFD0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BB0E2D0F-EB66-4147-AC37-1A59FDE7F636}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BB6A9660-B64B-49C4-9C0A-D47D0C40BF40}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BB871FB9-7B67-444A-9728-D4F648EB561A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BD6BFE2C-3272-4687-9B55-B8DD89161031}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BDC59941-6A19-477D-8964-007083965E01}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BE4E2D34-A4EB-48DC-8ADD-862E3DDD39E7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BE765E2D-E173-4378-9710-83F507321205}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BE796BFB-1473-4092-87E9-C8681451DE16}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BEEAB25B-163D-4A16-AFC7-1F88D072E85E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BF6BAA74-A818-4607-93F1-705EE100CD93}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BFB4BC55-A04D-4DFF-89AA-AA54E36C470C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{BFD80726-4971-425E-9933-8F81FCAB0EF8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C00D609D-C943-4172-8072-6DB9EE7BFF9F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C08F25E9-F197-4C04-9E66-8B9C38EB1710}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C0DE462D-E88A-4CF8-A571-8CA43F0BD699}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C1089C2B-6343-4159-A054-9EE3C71E6080}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C11EAB1F-C5C2-4611-982C-E5B9961760B0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C12C795F-62AA-47BE-B72E-465C18928CF7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C17B5983-EF5B-40DE-AC8D-04CE3EB420A9}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C1BEDD70-592C-4E31-AC15-542462DB1882}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C1D623CB-FD80-4EB1-97B8-853B96154CEA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C2C36B72-B65E-4D57-B8B0-E8292B4B3B4E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C30A3226-D166-48FD-84E8-7F743A8F48D4}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C48CB54B-1C5C-46C7-8EAA-21B49E93FFA0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C49A92F2-6100-45AF-91C3-87687F8E0A0E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C64EF3C3-0982-4665-916A-2EB6926EC2F0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C6574439-1BCC-4EF8-9611-03955B6DDC6C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C72E07B9-9519-43EE-9299-C194E10AD831}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C82B24DE-28E9-46AA-9C7F-14DC78A6A5DD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C9AD29EF-E787-488C-AB95-13F06080F50B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{C9B43907-2751-448F-8444-6EDFE989A827}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CA145437-E03C-42A5-8988-C0D291CBFBE3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CBF3A8C1-C3A0-4D68-9BE0-FB2935B3B216}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CCB2FA5F-DC1F-4C53-A9BC-9F10BFF0A1C3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CDF383CC-2230-4BDB-BDAF-E17752711758}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CDFF7B7C-E16A-4026-B014-2DB044722EEA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CE1B467C-8A28-46BC-9812-17646324B0BF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CE2A47A8-3846-40BC-BAAA-BD4E817FFD94}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CF3D75FF-B6CB-4C4B-896A-E12AB10D8FAC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{CFFFEA3E-4A0E-4083-A6B4-CB4EB756746A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D02A58E3-44E5-46D6-B9E4-2F8090230B4F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D0F780B5-2FF2-45C8-8DC1-42F15D157278}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D23D1DA6-FF12-49D3-AE0F-F644AC369825}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D250C392-86E9-484E-90E6-E2D6AA94FD42}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D254CA56-8207-4B4B-850E-B66B2A39E39B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D40FB02A-7057-46AD-89C6-A3E1C935E61C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D5762E66-6F3C-4A6A-8C64-BDF47CB33332}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D6D3E74F-6974-486B-8197-41D7085ABF95}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D80C5334-EB51-4982-AC8C-278255940100}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D82B0515-2A2D-4FC5-B1C9-23EFE66741B0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D8412894-BDF1-4935-9EA0-1EC0E151A84D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D8E0BD4E-F9ED-4E03-9A9F-9ED460B7D5BE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{D99AF802-A1F7-4D57-BDDD-4181EF9832BC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DA92CB3F-0DD1-47B7-9332-BB8AC17DE4E3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DB3E7323-5448-409C-9A51-9C8A55309EDB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DB70B60B-7E4C-43AE-A57A-F67A4A8CC728}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DC2C2CD9-A401-4D2E-9BA9-D502857AFEAF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DC80A576-61F1-4273-A768-3BC051C186C6}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DCEDB7B5-1D04-42AD-ADE5-08322DAB3D5D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DD31042A-A413-4FD3-8E50-DCAB47A25439}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DD77BCDA-A2B7-44BE-BB41-7E81F3108358}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DE024C3F-7FB3-4AB4-9E23-8F84A335F08D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DE126D1F-162E-4957-B3D8-447873FD9000}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DE1BDA6F-0A4C-4644-8818-C00DBFD38E4A}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DE20B532-69AF-446A-BC08-CDC931ABBDEA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{DED85A72-B950-4153-B75C-061EC7760FF7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E07473F6-6225-4CD7-BA8F-E260B46DE9ED}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E0C314C4-C368-4107-88CF-C15A0A021F23}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E10D9AF7-C121-4FA3-A104-4C4E1F8A714C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E19890BE-D51B-444D-8009-B84641262DE8}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E35723FB-13E7-46E2-9E72-83AA33D4DB35}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E3AA617B-33D2-4691-A7CB-339CC062E51F}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E441ACD9-04E8-4A8C-BC09-0FA30E53D75D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E44D734E-266F-4119-99C1-68FD3052DCFB}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E493E715-B8B7-45F5-ABD3-AE3E7C40986E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E550A4F5-CC17-429E-8621-417A14F6C8C0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E58598A7-F75E-4D40-9FA4-2DC899EBABC0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E6169F90-9721-4CA3-B2E4-73D3915E46B1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E6CB809D-3D8D-4A40-B346-27A12DE69320}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E72E39F6-1B80-46E4-84A4-267E5E1D49AF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E7303001-29EE-4D83-A1C7-804EAB5ADCEA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E8C067AB-ED3E-46ED-AABE-C553BA7A5F0B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E9141363-888E-4064-BCE0-D4B51373D804}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{E9E105F0-5755-41B6-A1D0-41AF9FF525F3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EA25CCBC-904E-44B9-A2C1-B7749E826133}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EA9378D4-7AC0-49B3-B67A-690A068AADDA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ECC6C3A8-D8CD-4EBB-BEB8-A9EA2F9DC4F7}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{ED66A451-AF47-4BBE-B581-6C1BBF7AB663}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EE00A418-3133-4D8D-8B94-0A61629E2FAE}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EE9F92AA-2B8C-4B17-9019-B50DB5447CAA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{EF012951-D267-43D9-BDC3-9222134D93DF}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F06F0ED2-0E96-4615-8267-A71AE582694C}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F0D4B396-244C-49B0-9E8D-ED908CF7D0E1}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F20399D7-ABD6-4C04-955E-614EA2F56877}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F297DA08-F8A3-470F-9530-7FDC3AF88F0D}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F2AB1630-4ACD-437A-8E5D-EC402711C898}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F31BFF11-22AF-4E07-8662-D785D9E355BD}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F3E51C91-7F8F-478F-B4C1-9E5C54EA1672}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F48F09C7-F1EA-45BB-B734-FD63A02B58DC}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F4B8E612-C5D7-4A44-B64D-DF57E3986820}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F58D353F-6B87-46D0-9536-37810E5CAF3B}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F6347D35-BF0B-4270-A2DD-60DB99525E26}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F6E1BDB0-F0E9-4F21-A8A2-3C0E4934A769}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F83F6108-3F51-4829-AF52-F9113B1835D3}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F89EFBBE-768B-48EF-B8F5-87D644E2B0A5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F8E2BEC3-2533-4D14-852B-1E5DF5BF96E0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{F9C1DB7B-B45D-4061-BE87-BDD7B9C5B5F5}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FA0062A3-C1A1-4F32-B177-DB5B4CB2361E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FA214BEA-366F-473E-B340-19AAAB45745E}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FABA31E5-F6E4-4803-BCC6-3A66136E1D10}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FBA68243-BD88-4047-9FDF-9DD221A54ACA}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FCCD8FFC-64D0-4904-B0CD-FD6BCB5090A0}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FE716386-59B0-42FC-A116-D314BB3AF906}
Successfully deleted: [Empty Folder] C:\Users\User\appdata\local\{FED68303-703E-44B2-9E75-EAB9B31FE631}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.01.2015 at 18:17:12,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.01.2015
Suchlauf-Zeit: 18:20:09
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.25.08
Rootkit Datenbank: v2015.01.14.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: User

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 405189
Verstrichene Zeit: 41 Min, 49 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.RobinHood.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{54E67346-EE5A-45B6-82AA-4F0BB28C79C2}, In Quarantäne, [0e8e27d4494039fdad640fe7020025db], 

Registrierungswerte: 1
PUP.Optional.iRobinHood.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|irobinhood@irobinhood.org, C:\Program Files (x86)\iRobinHood\iRobinHood Addon\irobinhood@irobinhood.org.xpi, In Quarantäne, [5d3ff10a3e4b2d099c8ec7e38380d42c]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 7
PUP.Optional.ClickYes, C:\Users\User\AppData\Local\Temp\mi93sey4.tmp\go5u55vd.tmp, In Quarantäne, [1c807c7fdeab58defd28b35e867cd52b], 
PUP.Optional.OpenCandy, C:\Users\User\Downloads\PhotoScape_V3-6-5.exe, In Quarantäne, [1f7d6b905c2d5bdb77ec0bc06a9b51af], 
PUP.Optional.OpenCandy, C:\Users\User\Downloads\DTLite4471-0333.exe, In Quarantäne, [f4a8db20b5d4b680580ba922df261de3], 
PUP.Optional.Solimba, C:\Users\User\Downloads\GarageBand.exe, In Quarantäne, [3468fefddaaf53e305b29848976afc04], 
PUP.Optional.Vittalia, C:\Users\User\Downloads\installer_microsoft_excel_English.exe, In Quarantäne, [9903a853d0b9a09634a2d3a6f110857b], 
PUP.Optional.Claro.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dcillohgikpecbmgioknapdpcjofaafl_0.localstorage, In Quarantäne, [4f4ddb205c2d5fd7049b16773ac9857b], 
PUP.Optional.Claro.A, C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dcillohgikpecbmgioknapdpcjofaafl_0.localstorage-journal, In Quarantäne, [1e7ec239474278beced1127bb74cdd23], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by User (administrator) on USER-HP on 25-01-2015 21:15:33
Running from C:\Users\User\AppData\Local\Temp\chc2nfow.tmp
Loaded Profiles: User (Available profiles: User & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2899216 2013-05-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2013-05-24] (IDT, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-28] (Intel Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124720 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-07] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [Window Hide Tool] => C:\Program Files (x86)\Window Hide Tool\Window Hide Tool.exe
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\MountPoints2: {3b236d9a-ade7-11e2-853a-c01885ff4683} - F:\SETUP.EXE
HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\MountPoints2: {b6a40f40-9c4d-11e2-9a03-c01885ff4683} - F:\autorun.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53947;https=127.0.0.1:53947
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {98F97885-AE1D-47A9-9D49-C67BF0573EE2} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {98F97885-AE1D-47A9-9D49-C67BF0573EE2} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-3/4?mpre=hxxp://www.ebay.at/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-2210452889-935881061-1018617790-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll ( HP)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-11-09]
FF HKU\S-1-5-21-2210452889-935881061-1018617790-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: Default -> https://www.google.at/
CHR StartupUrls: Default -> "https://www.google.at/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-18]
CHR Extension: (Adguard AdBlocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2014-11-23]
CHR Extension: (Avira Browserschutz) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-21]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-23]
CHR Extension: (Website Logon) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmbkhknacohfhbmmpnmbkgdffdbildof [2013-05-24]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-18]
CHR Extension: (night tochpc) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjmhomfflfeomeelinjbpnmomlllilom [2012-11-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [hmbkhknacohfhbmmpnmbkgdffdbildof] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-09] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [162096 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641768 2013-02-07] (HP)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193536 2012-02-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401856 2013-01-07] (AuthenTec, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-08] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [134696 2012-02-02] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-28] (DT Soft Ltd)
R3 irstrtdv; C:\Windows\system32\drivers\irstrtdv.sys [26504 2012-02-07] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-25] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2012-03-02] (Synaptics Incorporated)
R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27408 2013-05-24] (Synaptics Incorporated)
S3 ALSysIO; \??\C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 19:27 - 2015-01-25 19:27 - 00002585 _____ () C:\Users\User\Desktop\mbam.txt
2015-01-25 18:47 - 2015-01-25 18:47 - 00012413 _____ () C:\Users\User\Desktop\AdwCleaner[S0].txt
2015-01-25 18:19 - 2015-01-25 19:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-25 18:19 - 2015-01-25 18:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-25 18:19 - 2015-01-25 18:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-25 18:19 - 2015-01-25 18:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-25 18:19 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-25 18:19 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-25 18:19 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-25 18:17 - 2015-01-25 18:17 - 00048598 _____ () C:\Users\User\Desktop\JRT.txt
2015-01-25 18:12 - 2015-01-25 18:12 - 00000000 ____D () C:\Windows\ERUNT
2015-01-25 17:55 - 2015-01-25 18:01 - 00000000 ____D () C:\AdwCleaner
2015-01-25 17:39 - 2015-01-25 17:40 - 02194432 _____ () C:\Users\User\Downloads\AdwCleaner_4.109.exe
2015-01-25 17:36 - 2015-01-25 17:36 - 00001266 _____ () C:\Users\User\Desktop\Revo Uninstaller.lnk
2015-01-25 17:36 - 2015-01-25 17:36 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-23 09:57 - 2015-01-25 21:15 - 00000000 ____D () C:\FRST
2015-01-22 13:09 - 2015-01-22 13:59 - 00000000 ____D () C:\Users\User\Desktop\Fotos 2015
2015-01-14 19:58 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 19:58 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 19:58 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 19:58 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 19:58 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 19:58 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 19:58 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 19:57 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 19:57 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 19:57 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 19:57 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 19:57 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 19:57 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 22:47 - 2015-01-13 22:47 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe_Systems_Incorporate
2015-01-13 22:46 - 2015-01-14 21:57 - 00000000 ____D () C:\Users\User\Documents\My Digital Editions
2015-01-06 22:02 - 2015-01-06 22:02 - 00280928 _____ () C:\Windows\Minidump\010615-42011-01.dmp
2015-01-04 16:53 - 2015-01-05 22:53 - 00024575 ____H () C:\Users\User\Desktop\~WRL2241.tmp
2014-12-28 14:05 - 2014-12-28 14:05 - 00000000 ____D () C:\Users\User\AppData\OICE_15_974FA576_32C1D314_AA2

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 20:54 - 2012-09-08 19:11 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-25 20:38 - 2012-03-24 20:46 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-25 19:54 - 2012-09-08 19:11 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-25 19:18 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 19:18 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 19:14 - 2012-10-24 19:20 - 00000000 ___RD () C:\Users\User\Desktop\Dropbox
2015-01-25 19:14 - 2012-10-24 19:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox
2015-01-25 19:13 - 2012-10-16 17:52 - 00000000 ____D () C:\Users\User\Tracing
2015-01-25 19:09 - 2014-11-23 14:12 - 00004169 _____ () C:\Windows\setupact.log
2015-01-25 19:09 - 2010-11-21 04:47 - 01003144 _____ () C:\Windows\PFRO.log
2015-01-25 19:09 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-25 19:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-25 19:08 - 2012-07-26 12:33 - 01646888 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 17:50 - 2014-11-10 21:59 - 00000000 ____D () C:\Users\User\AppData\Local\StormFall
2015-01-25 17:50 - 2012-09-08 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-25 15:28 - 2012-09-09 10:47 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2015-01-25 14:52 - 2012-07-26 12:32 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0F365B19-0723-4163-8DAE-03439FF5A742}
2015-01-23 21:33 - 2012-05-30 03:58 - 00000000 ____D () C:\ProgramData\Norton
2015-01-23 17:22 - 2013-09-16 19:11 - 00000328 _____ () C:\Windows\Tasks\HPCeeScheduleForUser.job
2015-01-23 13:46 - 2012-09-14 12:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-23 13:44 - 2012-12-07 17:14 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-22 21:38 - 2012-03-24 20:46 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-22 21:38 - 2012-03-24 20:46 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 21:38 - 2012-03-24 20:46 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-22 13:28 - 2014-09-18 20:50 - 00000000 ____D () C:\Users\User\Desktop\Schule 2014-2015
2015-01-21 20:30 - 2012-09-17 21:49 - 00005632 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-21 20:07 - 2013-09-22 11:37 - 00000000 ____D () C:\Users\User\Desktop\LIE
2015-01-21 19:49 - 2014-06-08 11:49 - 00000000 ____D () C:\Users\User\Desktop\So Zeug
2015-01-18 14:11 - 2012-03-25 05:06 - 02223242 _____ () C:\Windows\system32\perfh007.dat
2015-01-18 14:11 - 2012-03-25 05:06 - 00637582 _____ () C:\Windows\system32\perfc007.dat
2015-01-18 14:11 - 2009-07-14 06:13 - 00006256 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-17 11:21 - 2013-07-27 00:35 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-17 11:05 - 2012-09-19 11:53 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 21:57 - 2012-03-24 20:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-13 22:47 - 2012-09-08 17:57 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2015-01-13 21:39 - 2012-09-09 17:01 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2015-01-13 21:34 - 2012-03-24 20:59 - 00000000 ____D () C:\ProgramData\Adobe
2015-01-06 22:02 - 2014-11-23 14:12 - 743475733 _____ () C:\Windows\MEMORY.DMP
2015-01-06 22:02 - 2012-11-01 10:42 - 00000000 ____D () C:\Users\Gast
2015-01-06 22:02 - 2012-09-14 15:27 - 00000000 ____D () C:\Windows\Minidump
2015-01-06 04:36 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-05 20:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-01-04 16:50 - 2014-07-18 10:20 - 00000000 ____D () C:\Users\User\Desktop\VWA

==================== Files in the root of some directories =======

2014-11-23 13:02 - 2014-11-23 13:02 - 0000004 _____ () C:\Users\User\AppData\Roaming\appdataFr2.bin
2012-09-17 21:49 - 2015-01-21 20:30 - 0005632 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-22 10:32 - 2014-10-22 10:32 - 0000836 _____ () C:\Users\User\AppData\Local\recently-used.xbel
2012-10-21 19:26 - 2012-10-21 19:26 - 0000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2013-11-09 00:49 - 2013-11-09 10:46 - 0007760 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\avgnt.exe
C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz_ru6m.dll
C:\Users\User\AppData\Local\Temp\ose00000.exe
C:\Users\User\AppData\Local\Temp\ose00001.exe
C:\Users\User\AppData\Local\Temp\ose00002.exe
C:\Users\User\AppData\Local\Temp\ose00003.exe
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll
C:\Users\User\AppData\Local\Temp\TUUUninstallHelper.exe


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\nsprs.dll
C:\Windows\SysWOW64\serauth1.dll
C:\Windows\SysWOW64\serauth2.dll
C:\Windows\SysWOW64\ssprs.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 11:27

==================== End Of Log ============================

--- --- ---

Warlord711 · 26.01.2015, 09:22

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:53947;https=127.0.0.1:53947
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.

Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür

verwende für jede Anwendung und jeden Account ein anderes Passwort
ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist dieses sehr wichtig
speichere keine Passwörter auf deinem PC, gib diese nicht an dritte weiter
ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen und Sonderzeichen
benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster
verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben

Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7 / 8 : Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti-Viren-Programm und zusätzlicher Schutz

Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist!
MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
AdwCleaner
Dieses Tool erkennt eine Vielzahl von Werbeprogrammen (Adware) und unerwümschten Programmen (PUPs).
Starte das Tool einmal die Woche und lass es laufen. Sollte eine neue Version verfügbar sein, so wird dies angezeigt und du kannst dir die neueste Version direkt auf den Desktop downloaden.
SpywareBlaster
Eine kurze Einführung findest du Hier
WOT (Web of trust)
Dieses AddOn warnt dich, bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Mozilla Firefox

Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
NoScript
Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
AdblockPlus
Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
Es spart außerdem Downloadkapazität.

Performance

Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von Registry Cleanern.
Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
Miekemoes Blogspot ( MVP )

Was du vermeiden solltest:

Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.
Lade keine Software von Softonic oder Chip herunter, da diese Installer oft mit Adware oder unerünschter Software versehen sind!

Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen?

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Laptop extrem langsam, steckt, kann videos nicht abspielen

Plagegeister aller Art und deren Bekämpfung: Laptop extrem langsam, steckt, kann videos nicht abspielen