Code:
Alles auswählen Aufklappen ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Mealnie Eisel (administrator) on MELANIEEISEL-HP on 21-02-2015 17:58:16
Running from C:\Users\Mealnie Eisel\Downloads
Loaded Profiles: Mealnie Eisel (Available profiles: Mealnie Eisel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
(Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2007592 2014-11-27] (Trend Micro Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [A1Webassistent] => C:\Program Files (x86)\A1\A1 Webassistent\A1Webassistent.exe /auto
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-04] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {2ba5caa5-8189-11e2-81c0-3cd92b58676f} - I:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {9a8fbf65-8dba-11e3-bd0d-3cd92b58676f} - G:\iLinker.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WNA1100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about :blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about :blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about :blank
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
URLSearchHook: HKLM-x32 - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPDTDF
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.doko-search.com/?q={searchTerms}&affID=119776&tt=070313_9105&babsrc=SP_ss_mib2&mntrId=e4c07025000000000000e0469aa51a07
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll ()
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-20] (EasyBits Software Corp.)
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: General Crawler - C:\Users\Mealnie Eisel\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-05-28]
FF Extension: |$EXTENSION_NAME$| - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-04-02]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: No Name - C:\Program Files\Web Assistant\Firefox [2012-05-22]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-22]
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-03]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-25]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Mealnie Eisel\AppData\Roaming\Mozilla\Firefox\Profiles\o5mrdlun.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
FF Extension: Trend Micro Password Manager Firefox Extension - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2015-02-03]
FF HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "https://www.google.at/", "hxxp://www.facebook.com/", "hxxp://user.webnode.com/servers/auth/?is_logged=1&domain=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Flogin%2F&project_id=9657061&refurl=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Fadmin%2F"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Google Docs) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-08]
CHR Extension: (Google Drive) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-08]
CHR Extension: (Speedial) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2013-10-24]
CHR Extension: (TV) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10]
CHR Extension: (iWebar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2013-12-16]
CHR Extension: (Google Search) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10]
CHR Extension: (General Crawler) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel [2012-11-10]
CHR Extension: (Google Sheets) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (SweetIM for Facebook) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-01-06]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-09-08]
CHR Extension: (New tab for Chrome™) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-11-10]
CHR Extension: (wxDownload) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbajjgcocbjldbjjkbjpialgnmkfbobp [2013-09-08]
CHR Extension: (entrusted) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk [2013-07-25]
CHR Extension: (BitAccelerator) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl [2013-09-08]
CHR Extension: (Google Wallet) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Trend Micro Toolbar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-02-03]
CHR Extension: (Gmail) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\MEALNI~1\AppData\Local\newhb2.crx [2013-10-24]
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Mealnie Eisel\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx [2013-07-17]
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Mealnie Eisel\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-26]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Mealnie Eisel\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-05-28]
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-08-22]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-07-03]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-08-24]
CHR HKLM-x32\...\Chrome\Extension: [kbajjgcocbjldbjjkbjpialgnmkfbobp] - C:\ProgramData\wxDownload\kbajjgcocbjldbjjkbjpialgnmkfbobp.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Mealnie Eisel\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx [2013-07-17]
CHR HKLM-x32\...\Chrome\Extension: [kngjfmklipimnkegmcilmbhchklgjgfl] - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl.crx [2012-10-30]
CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mkcaingkodcbhcaaaeopicigkejmgknj] - C:\ProgramData\ADDICT-THING\mkcaingkodcbhcaaaeopicigkejmgknj.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-05-30] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [325656 2014-11-27] (Trend Micro Inc.)
R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [209920 2011-10-21] (Solid Documents, LLC) [File not signed]
S2 WebOptimizer; C:\Windows\system32\dmwu.exe [436344 2012-08-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed]
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.)
S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [67408 2014-11-27] (Trend Micro Inc.)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 17:58 - 2015-02-21 18:00 - 00038544 _____ () C:\Users\Mealnie Eisel\Downloads\FRST.txt
2015-02-21 17:57 - 2015-02-21 17:58 - 00000000 ___DC () C:\FRST
2015-02-21 17:56 - 2015-02-21 17:56 - 02086912 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64.exe
2015-02-21 17:56 - 2015-02-21 17:56 - 02086912 _____ (Farbar) C:\Users\Mealnie Eisel\Downloads\FRST64 (1).exe
2015-02-21 17:19 - 2015-02-21 17:34 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Musik Mimi 2015
2015-02-21 14:05 - 2015-02-21 14:05 - 00003370 _____ () C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3101752624-4108848433-446223082-1000
2015-02-21 14:05 - 2015-02-21 14:05 - 00003252 _____ () C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3101752624-4108848433-446223082-1000
2015-02-20 23:00 - 2015-02-20 23:00 - 00023011 _____ () C:\Users\Mealnie Eisel\Downloads\GermanTOP100SingleCharts02022015-NoGroup - ThePirateBay.TO.torrent
2015-02-20 21:46 - 2015-02-20 21:46 - 00000000 __SHD () C:\Users\Mealnie Eisel\AppData\Local\EmieBrowserModeList
2015-02-20 18:50 - 2015-02-20 18:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2015-02-20 18:48 - 2011-12-12 17:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
2015-02-20 18:48 - 2011-04-19 17:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2015-02-20 18:47 - 2015-02-20 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNA3100 Genie
2015-02-20 18:47 - 2011-04-19 17:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2015-02-20 18:47 - 2011-04-19 17:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll
2015-02-20 18:47 - 2010-02-03 11:21 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2015-02-20 17:23 - 2015-02-20 17:23 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\NETGEAR
2015-02-19 19:16 - 2015-02-19 19:25 - 00007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg
2015-02-19 10:32 - 2015-02-19 23:13 - 00000000 ____D () C:\Users\Mealnie Eisel\Desktop\Tagesordner
2015-02-14 22:02 - 2015-02-14 22:02 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\{802CCBBE-BF78-4BCE-94FA-9BBB6141099B}
2015-02-13 13:39 - 2015-02-13 13:39 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Passwörter
2015-02-12 22:33 - 2015-02-12 22:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BEWERBUNGEN
2015-02-12 22:16 - 2015-02-12 22:16 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\VERKAUF - BESTELLUNGEN
2015-02-12 22:13 - 2015-02-21 17:38 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Outlook-Dateien
2015-02-12 22:12 - 2015-02-12 22:27 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\ANTRÄGE - Verträge
2015-02-12 22:11 - 2015-02-12 22:31 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\DOKUMENTE Urkunden
2015-02-12 22:03 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FRANZ
2015-02-12 21:59 - 2015-02-12 22:01 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kündigung Verträge
2015-02-12 21:54 - 2015-02-12 22:30 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\OPA Wilfling
2015-02-12 21:54 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Kredite - Finanzierungen
2015-02-12 21:53 - 2015-02-12 22:28 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Unterschriften
2015-02-12 13:05 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 13:05 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 13:05 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 13:05 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-11 11:19 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 11:19 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 11:19 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-11 11:19 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-11 11:19 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-11 11:19 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 11:19 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-11 11:19 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-11 11:19 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-11 11:19 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-11 11:19 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-11 11:19 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-11 11:19 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 11:19 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-11 11:19 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-11 11:19 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 11:19 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 11:19 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 11:19 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 11:19 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-11 11:19 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-11 11:19 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 11:19 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-11 11:19 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 11:19 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-11 11:19 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-11 11:19 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-11 11:19 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-11 11:19 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 11:19 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 11:19 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 11:19 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-11 11:19 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 11:19 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 11:19 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 11:19 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-11 11:19 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-11 11:19 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-11 11:19 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 11:19 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 11:19 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-11 11:19 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 11:19 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 11:19 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 11:19 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 11:19 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 11:19 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 11:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 11:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 11:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 11:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-11 11:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-11 11:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-11 11:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-11 11:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-11 11:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 11:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-11 11:17 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-11 11:17 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-11 11:10 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 11:10 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-11 11:10 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 11:10 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-11 11:10 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-11 11:10 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-11 11:10 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-11 11:10 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-11 11:10 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 11:10 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-11 11:10 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 11:10 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-11 11:10 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-11 11:10 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-11 11:10 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 11:10 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-11 11:10 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 11:10 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 11:08 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-11 11:08 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-11 11:08 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-11 11:08 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-11 11:08 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-11 11:08 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-11 11:07 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 11:07 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 11:07 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-11 11:07 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-11 11:07 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-11 11:06 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 11:06 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 11:04 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 11:04 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-11 11:04 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-11 11:04 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-11 11:04 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-11 11:04 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-11 11:04 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-11 10:55 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 22:35 - 2015-02-12 22:21 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Meldezettel
2015-02-10 20:02 - 2015-02-10 20:02 - 00000089 _____ () C:\Users\Mealnie Eisel\Desktop\Index C-D.url
2015-02-03 07:36 - 2015-02-03 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro Password Manager
2015-02-03 07:26 - 2015-02-03 07:27 - 00236080 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 ____C (Trend Micro Inc.) C:\kbfilter.sys
2015-02-03 07:23 - 2014-11-27 11:03 - 00067408 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\kbfilter.sys
2015-02-03 07:23 - 2014-11-27 11:03 - 00007799 ____C () C:\kbfilter.cat
2015-02-03 07:23 - 2014-11-27 11:03 - 00000098 ____C () C:\install.bat
2015-02-03 07:23 - 2014-11-27 11:03 - 00000081 ____C () C:\uninstall.bat
2015-02-03 07:06 - 2015-02-03 07:06 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\Trend Micro
2015-02-03 07:05 - 2015-02-03 07:05 - 00000000 __HDC () C:\TMRescueDisk
2015-02-03 07:04 - 2015-02-03 07:36 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2015-02-03 07:03 - 2015-02-03 07:03 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Maximum Security
2015-02-03 07:01 - 2014-07-14 08:39 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-02-03 07:01 - 2014-07-14 08:39 - 00121944 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2015-02-03 07:01 - 2014-07-14 08:39 - 00093664 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2015-02-03 07:01 - 2014-07-09 17:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2015-02-03 07:01 - 2014-07-09 17:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2015-02-03 07:00 - 2014-07-09 17:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2015-02-03 07:00 - 2014-06-30 12:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2015-02-03 06:57 - 2015-02-03 06:57 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2015-02-03 06:55 - 2015-02-20 18:38 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-02-03 06:55 - 2015-02-03 07:04 - 00000000 ____D () C:\Program Files\Trend Micro
2015-02-03 06:46 - 2015-02-03 06:46 - 00000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache
2015-02-02 23:08 - 2015-02-02 23:09 - 06630832 _____ (Trend Micro Inc.) C:\Users\Mealnie Eisel\Downloads\Trend_Micro_Maximum_Security_2015.exe
2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015.zip
2015-02-02 22:57 - 2015-02-02 22:57 - 03691688 _____ () C:\Users\Mealnie Eisel\Downloads\AVG_Remover_2015 (1).zip
2015-02-02 19:39 - 2015-02-16 18:07 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Referat Michelle und Jana
2015-02-01 18:42 - 2015-02-01 18:42 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Lightshot
2015-01-30 15:34 - 2015-01-30 15:34 - 00004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel
2015-01-29 23:40 - 2015-02-21 15:11 - 00000404 _____ () C:\Windows\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000.job
2015-01-29 23:40 - 2015-01-29 23:40 - 00003300 _____ () C:\Windows\System32\Tasks\update-sys
2015-01-29 23:40 - 2015-01-29 23:40 - 00003294 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-3101752624-4108848433-446223082-1000
2015-01-29 23:40 - 2015-01-29 23:40 - 00000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml
2015-01-29 23:39 - 2015-02-21 16:48 - 00000404 _____ () C:\Windows\Tasks\update-sys.job
2015-01-29 23:39 - 2015-01-29 23:39 - 00000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log
2015-01-29 23:39 - 2015-01-29 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2015-01-29 23:39 - 2015-01-29 23:39 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2015-01-29 23:38 - 2015-01-29 23:38 - 02452808 _____ (Skillbrains ) C:\Users\Mealnie Eisel\Downloads\setup-lightshot.exe
2015-01-28 21:46 - 2015-01-28 21:46 - 00113059 _____ () C:\Users\Mealnie Eisel\Downloads\25wn71_862086b525448qc2bh519c.ged
2015-01-28 21:46 - 2015-01-28 21:46 - 00113059 _____ () C:\Users\Mealnie Eisel\Downloads\25wn71_862086b525448qc2bh519c (1).ged
2015-01-27 18:51 - 2015-01-27 18:52 - 04071424 _____ () C:\Users\Mealnie Eisel\Downloads\Prisonniers index.xls
2015-01-25 18:24 - 2015-01-25 18:24 - 00000000 ____D () C:\Users\Mealnie Eisel\Downloads\Punkt
2015-01-25 18:20 - 2015-01-25 18:20 - 00030543 _____ () C:\Users\Mealnie Eisel\Downloads\Punkt.zip
2015-01-24 21:12 - 2015-02-13 15:31 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\StPrsSW
2015-01-24 21:12 - 2015-01-24 21:12 - 00003692 _____ () C:\Windows\System32\Tasks\StPrsSW
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-21 17:26 - 2014-03-20 17:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 17:24 - 2012-04-18 19:57 - 01589901 _____ () C:\Windows\WindowsUpdate.log
2015-02-21 17:14 - 2012-11-27 20:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 17:08 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 17:08 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 16:39 - 2012-09-23 20:41 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AB65BFAC-209A-4527-8F2B-815F00D69B53}
2015-02-21 14:10 - 2011-09-20 12:45 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-02-21 14:10 - 2011-09-20 12:45 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-02-21 14:10 - 2009-07-14 06:13 - 00844356 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-21 14:04 - 2012-12-29 11:50 - 00000000 ____D () C:\Program Files (x86)\SmartTools
2015-02-21 14:04 - 2012-11-27 20:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-21 14:03 - 2011-09-20 13:51 - 00000000 ____D () C:\ProgramData\PDFC
2015-02-21 14:03 - 2010-11-21 04:47 - 00749188 _____ () C:\Windows\PFRO.log
2015-02-21 14:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-21 14:03 - 2009-07-14 05:51 - 00150140 _____ () C:\Windows\setupact.log
2015-02-21 00:37 - 2012-09-15 16:17 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Azureus
2015-02-20 23:46 - 2012-11-01 13:05 - 00000000 ____D () C:\Windows\pss
2015-02-20 21:52 - 2012-12-29 11:50 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTools
2015-02-20 21:51 - 2015-01-17 22:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Add-in Express
2015-02-20 21:31 - 2014-08-21 19:59 - 00000000 ____D () C:\Program Files\Saturn
2015-02-20 18:53 - 2012-10-28 09:31 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Computerprogramme
2015-02-20 18:47 - 2012-04-19 18:35 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
2015-02-20 18:47 - 2011-09-20 13:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-20 18:40 - 2012-04-18 20:00 - 00000000 ____D () C:\Users\Mealnie Eisel
2015-02-20 18:38 - 2013-09-08 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-20 18:38 - 2012-04-22 19:59 - 00000000 ____D () C:\ProgramData\HP
2015-02-20 18:38 - 2012-04-21 19:20 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\PhotoScape
2015-02-20 18:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-02-20 18:34 - 2012-07-03 18:43 - 00000000 ____D () C:\ProgramData\Real
2015-02-19 19:54 - 2013-09-08 13:46 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-18 20:17 - 2015-01-12 19:03 - 00000000 ____D () C:\Users\Mealnie Eisel\Nintendo Spiele
2015-02-18 10:24 - 2013-02-13 19:27 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Ahnenforschung
2015-02-16 11:30 - 2013-10-13 20:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Bücher & Zeitschriften 2
2015-02-15 18:40 - 2014-05-14 18:17 - 00000000 ____D () C:\Program Files (x86)\SupTab
2015-02-14 20:55 - 2014-05-14 18:17 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\SupTab
2015-02-13 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-12 22:44 - 2012-08-25 19:26 - 00000000 ___RD () C:\Users\Mealnie Eisel\Desktop\Bibliothek
2015-02-12 22:32 - 2013-02-11 18:11 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Versicherung
2015-02-12 22:30 - 2012-08-25 19:33 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Schriftverkehr
2015-02-12 22:30 - 2012-05-21 18:26 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Sabrina
2015-02-12 22:28 - 2012-08-28 21:36 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\BANK
2015-02-12 22:24 - 2013-02-11 17:50 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\FINANZAMT
2015-02-12 22:23 - 2014-10-15 15:58 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Rechnungen1
2015-02-12 22:17 - 2012-05-30 14:55 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Melanie
2015-02-12 19:23 - 2014-08-21 20:15 - 00000000 ____D () C:\ProgramData\tmp
2015-02-12 18:41 - 2013-02-02 13:10 - 00000000 ____D () C:\Users\Mealnie Eisel\BANK
2015-02-12 12:24 - 2009-07-14 05:45 - 05033560 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 12:21 - 2014-12-11 11:03 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-12 12:21 - 2014-05-07 06:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 23:44 - 2012-04-21 09:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-11 23:44 - 2009-07-14 03:34 - 00000513 _____ () C:\Windows\win.ini
2015-02-11 23:41 - 2013-07-24 17:54 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 23:24 - 2012-05-03 20:44 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 15:43 - 2012-04-23 20:35 - 00000000 ____D () C:\Users\Mealnie Eisel\Documents\Eigene Scans
2015-02-05 20:26 - 2014-03-20 17:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 20:26 - 2012-10-09 18:23 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 20:26 - 2012-10-09 18:23 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 13:10 - 2012-11-27 20:56 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 13:09 - 2012-11-27 20:56 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 15:06 - 2014-05-14 18:17 - 00000000 ____D () C:\ProgramData\WPM
2015-02-03 07:58 - 2013-03-17 15:51 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Video Converter Packages
2015-02-03 07:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-02-03 07:24 - 2012-10-31 22:24 - 00000000 ____D () C:\ProgramData\wxDownload
2015-02-03 07:24 - 2012-05-30 13:34 - 00000000 ____D () C:\Windows\AutoKMS
2015-02-03 07:14 - 2014-05-14 18:17 - 00000000 ____D () C:\ProgramData\IePluginService
2015-02-03 07:04 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-03 06:51 - 2013-07-27 14:46 - 00000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG
2015-02-03 06:34 - 2012-05-22 19:11 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-03 06:33 - 2012-05-22 19:12 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-03 06:25 - 2012-05-30 13:34 - 00003486 _____ () C:\Windows\System32\Tasks\AutoKMS
2015-02-02 23:04 - 2012-06-03 18:09 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-02-02 22:32 - 2014-04-02 18:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-02 22:31 - 2013-04-08 21:12 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Roaming\Norton Utilities 16
2015-02-02 22:31 - 2011-09-20 13:34 - 00000000 ____D () C:\ProgramData\Temp
2015-02-02 19:40 - 2013-04-09 18:00 - 00008058 _____ () C:\Windows\SysWOW64\AppLog.log
2015-02-02 17:01 - 2013-05-06 16:00 - 00260592 _____ () C:\Windows\SysWOW64\Engines.log
2015-01-30 15:17 - 2012-06-19 14:15 - 00000000 ____D () C:\Users\Mealnie Eisel\.gimp-2.8
2015-01-29 19:28 - 2012-05-23 21:16 - 00000000 ____D () C:\Users\Mealnie Eisel\AppData\Local\CrashDumps
==================== Files in the root of some directories =======
2012-11-01 14:53 - 2013-08-10 21:39 - 0000671 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\vso_ts_preview.xml
2013-07-27 14:46 - 2015-02-03 06:51 - 0000295 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WB.CFG
2013-06-21 14:48 - 2013-06-28 15:23 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q2-TTL.DAT
2013-12-31 15:46 - 2014-01-03 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-06-16 14:46 - 2014-01-27 15:46 - 0000005 _____ () C:\Users\Mealnie Eisel\AppData\Roaming\WBPU-TTL.DAT
2013-07-16 21:20 - 2013-07-16 21:22 - 145394418 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload
2013-07-16 21:20 - 2013-07-16 21:22 - 0001811 _____ () C:\Users\Mealnie Eisel\AppData\Local\ACCCx189.zip.aamdownload.aamd
2012-09-23 21:01 - 2012-09-23 21:08 - 0004608 _____ () C:\Users\Mealnie Eisel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-15 16:40 - 2012-09-15 16:40 - 0027520 _____ () C:\Users\Mealnie Eisel\AppData\Local\dt.dat
2015-02-03 06:46 - 2015-02-03 06:46 - 0000036 _____ () C:\Users\Mealnie Eisel\AppData\Local\housecall.guid.cache
2013-10-24 14:46 - 2013-10-24 14:46 - 0361117 _____ () C:\Users\Mealnie Eisel\AppData\Local\newhb2.crx
2015-01-30 15:34 - 2015-01-30 15:34 - 0004104 _____ () C:\Users\Mealnie Eisel\AppData\Local\recently-used.xbel
2015-02-19 19:16 - 2015-02-19 19:25 - 0007601 _____ () C:\Users\Mealnie Eisel\AppData\Local\resmon.resmoncfg
2015-01-29 23:39 - 2015-01-29 23:39 - 0000003 _____ () C:\Users\Mealnie Eisel\AppData\Local\updater.log
2015-01-29 23:40 - 2015-01-29 23:40 - 0000425 _____ () C:\Users\Mealnie Eisel\AppData\Local\UserProducts.xml
2012-08-24 21:10 - 2012-09-15 16:25 - 0000041 ___SH () C:\ProgramData\.zreglib
2012-04-22 19:59 - 2012-05-29 12:03 - 0001804 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\Users\Mealnie Eisel\jobq.dat
C:\Users\Mealnie Eisel\Vuze_4.2.0.8a_windows.exe
Some content of TEMP:
====================
C:\Users\Mealnie Eisel\AppData\Local\Temp\BackupSetup.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\BobyLyrics_1060-1090_v122.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\Extract.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\ffdshow.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\htmlayout.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel0.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\i4jdel1.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\MatroskaSplitter.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\nse1E93.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nse2806.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nseAA76.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nseC854.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj11E5.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj1407.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsj1B0A.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsjB89B.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsoB205.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsuB7EE.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsy9E08.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nsz243F.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\nszBFAC.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\SaveSenseUpdateVer.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\SmartbarExeInstaller.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\SP54699.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\sp64126.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\Sqlite3.dll
C:\Users\Mealnie Eisel\AppData\Local\Temp\toolbar46512836.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\toolbar7262907.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninst1.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall280380.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325028.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall325215.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall47038029.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\uninstall47053879.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Mealnie Eisel\AppData\Local\Temp\?odec Performer803975.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Mealnie Eisel (administrator) on MELANIEEISEL-HP on 21-02-2015 17:58:16
Running from C:\Users\Mealnie Eisel\Downloads
Loaded Profiles: Mealnie Eisel (Available profiles: Mealnie Eisel)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
(Solid Documents, LLC) C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.0.17\Lightshot.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2007592 2014-11-27] (Trend Micro Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [A1Webassistent] => C:\Program Files (x86)\A1\A1 Webassistent\A1Webassistent.exe /auto
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-04] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {2ba5caa5-8189-11e2-81c0-3cd92b58676f} - I:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\MountPoints2: {9a8fbf65-8dba-11e3-bd0d-3cd92b58676f} - G:\iLinker.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WNA1100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about :blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about :blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about :blank
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
HKU\S-1-5-21-3101752624-4108848433-446223082-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
URLSearchHook: HKLM-x32 - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CPDTDF
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=390&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5221-111072-7833-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=AT&userid=af6b9114-6085-4fab-9998-9a7ed88ca969&searchtype=ds&q={searchTerms}&installDate=21/06/2013
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3317933&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7D460086-611F-4B92-B9D6-0960507DBC10&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.doko-search.com/?q={searchTerms}&affID=119776&tt=070313_9105&babsrc=SP_ss_mib2&mntrId=e4c07025000000000000e0469aa51a07
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll ()
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.)
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File
BHO-x32: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO64.dll (Trend Micro Inc.)
Toolbar: HKLM - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - Trend Micro Password Manager Symbolleiste - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKU\S-1-5-21-3101752624-4108848433-446223082-1000 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-09-20] (EasyBits Software Corp.)
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1400087755&from=slbnew&uid=HitachiXHDS721050CLA662_JP1572JE1W6TZK1W6TZKX
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: General Crawler - C:\Users\Mealnie Eisel\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-05-28]
FF Extension: |$EXTENSION_NAME$| - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2014-04-02]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: No Name - C:\Program Files\Web Assistant\Firefox [2012-05-22]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-22]
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-07-03]
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-07-25]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Mealnie Eisel\AppData\Roaming\Mozilla\Firefox\Profiles\o5mrdlun.default\extensions\quick_start@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt
FF Extension: Trend Micro Password Manager Firefox Extension - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2015-02-03]
FF HKU\S-1-5-21-3101752624-4108848433-446223082-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.at/
CHR StartupUrls: Default -> "https://www.google.at/", "hxxp://www.facebook.com/", "hxxp://user.webnode.com/servers/auth/?is_logged=1&domain=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Flogin%2F&project_id=9657061&refurl=http%3A%2F%2Fuser.ahnenforschung-eisel-jakel.webnode.at%2Fadmin%2F"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-03]
CHR Extension: (Google Docs) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-08]
CHR Extension: (Google Drive) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-08]
CHR Extension: (Speedial) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2013-10-24]
CHR Extension: (TV) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-10]
CHR Extension: (iWebar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2013-12-16]
CHR Extension: (Google Search) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-10]
CHR Extension: (General Crawler) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel [2012-11-10]
CHR Extension: (Google Sheets) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-03]
CHR Extension: (SweetIM for Facebook) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn [2013-01-06]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2013-09-08]
CHR Extension: (New tab for Chrome™) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-11-10]
CHR Extension: (wxDownload) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbajjgcocbjldbjjkbjpialgnmkfbobp [2013-09-08]
CHR Extension: (entrusted) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfbddbdpnahdahmamlolacimfdbeckk [2013-07-25]
CHR Extension: (BitAccelerator) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl [2013-09-08]
CHR Extension: (Google Wallet) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR Extension: (Trend Micro Toolbar) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-02-03]
CHR Extension: (Gmail) - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - C:\Users\MEALNI~1\AppData\Local\newhb2.crx [2013-10-24]
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Mealnie Eisel\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx [2013-07-17]
CHR HKU\S-1-5-21-3101752624-4108848433-446223082-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Mealnie Eisel\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-26]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Mealnie Eisel\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2012-05-28]
CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-08-22]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-07-03]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-08-24]
CHR HKLM-x32\...\Chrome\Extension: [kbajjgcocbjldbjjkbjpialgnmkfbobp] - C:\ProgramData\wxDownload\kbajjgcocbjldbjjkbjpialgnmkfbobp.crx [2012-10-31]
CHR HKLM-x32\...\Chrome\Extension: [kdfbddbdpnahdahmamlolacimfdbeckk] - C:\Users\Mealnie Eisel\AppData\Local\CRE\kdfbddbdpnahdahmamlolacimfdbeckk.crx [2013-07-17]
CHR HKLM-x32\...\Chrome\Extension: [kngjfmklipimnkegmcilmbhchklgjgfl] - C:\Users\Mealnie Eisel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kngjfmklipimnkegmcilmbhchklgjgfl.crx [2012-10-30]
CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [mkcaingkodcbhcaaaeopicigkejmgknj] - C:\ProgramData\ADDICT-THING\mkcaingkodcbhcaaaeopicigkejmgknj.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-05-30] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [325656 2014-11-27] (Trend Micro Inc.)
R2 SCPDFReadSpool; C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [209920 2011-10-21] (Solid Documents, LLC) [File not signed]
S2 WebOptimizer; C:\Windows\system32\dmwu.exe [436344 2012-08-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed]
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]