Das hat gut geklappt!
Herzlichen dank!
Hier meine files: Code:
# AdwCleaner v3.001 - Report created 01/09/2013 at 12:02:19
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : johannes.gottlieb - TOSH1
# Running from : C:\Users\Johannes.Gottlieb\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : BrowserDefendert
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\Program Files (x86)\file scout
Folder Deleted : C:\Program Files (x86)\LyriXeeker
Folder Deleted : C:\Program Files (x86)\openit
Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\LocalLow\delta
Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\DSite
Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\SpecialSavings
Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\Extensions\{5A95A9E0-59DD-4314-BD84-4D18CA83A0E2}
Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\Extensions\ffxtlbr@delta.com
Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
[!] Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
[!] Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
[!] Folder Deleted : C:\Users\Johannes.Gottlieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\Extensions\firefox@webconnect.co.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\searchplugins\askcomsearch.xml
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\searchplugins\Babylon.xml
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\searchplugins\delta.xml
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\bprotector_prefs.js
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\\invalidprefs.js
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\user.js
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
File Deleted : C:\Users\Johannes.Gottlieb\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Windows\System32\Tasks\EPUpdater
File Deleted : C:\Windows\System32\Tasks\QtraxPlayer
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5A95A9E0-59DD-4314-BD84-4D18CA83A0E2}]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamUpdater_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKCU\Software\5b48cdee63fee43
Key Deleted : HKLM\SOFTWARE\5b48cdee63fee43
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\AppDataLow\Software\lyrixeeker
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.7600.17267
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]
-\\ Mozilla Firefox v23.0.1 (de)
[ File : C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\prefs.js ]
Line Deleted : user_pref("browser.newtab.url", "hxxp://www2.delta-search.com/?babsrc=NT_ss&mntrId=02B74CEDDE2C9948&affID=119357&tt=280813_ctrl1&tsp=4990");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com Search");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.bbDpng", "1");
Line Deleted : user_pref("extensions.delta.cntry", "DE");
Line Deleted : user_pref("extensions.delta.dfltLng", "de");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.hdrMd5", "5AC0143689A2D0DC378DEA751100BE7B");
Line Deleted : user_pref("extensions.delta.id", "02b7b3220000000000004cedde2c9948");
Line Deleted : user_pref("extensions.delta.instlDay", "15947");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.lastVrsnTs", "1.8.24.621:49:09");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.sg", "azb");
Line Deleted : user_pref("extensions.delta.smplGrp", "azb");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.621:49:09");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119357&tt=280813_ctrl1&tsp=4990");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.enabledAddons", "%7B5a95a9e0-59dd-4314-bd84-4d18ca83a0e2%7D:1.26,ffxtlbr%40delta.com:1.5.0,firefox%40webconnect.co:1.0.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Nuance\\\\NaturallySpeaki[...]
Line Deleted : user_pref("extensions.wajam.affiliate_id", "6447");
Line Deleted : user_pref("extensions.wajam.firstrun", "false");
Line Deleted : user_pref("extensions.wajam.log_send_info", "false");
Line Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"update_interval\":1235,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\/www.wajam.com\\/addon\\/[...]
Line Deleted : user_pref("extensions.wajam.no_trace", "false");
Line Deleted : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Line Deleted : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...]
Line Deleted : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Line Deleted : user_pref("extensions.wajam.supported_sites.myshopping.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';win[...]
Line Deleted : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';wind[...]
Line Deleted : user_pref("extensions.wajam.trace_log", "1377939440761 - processInstallationUpgrade - versionActual: 1.26\n1377939440761 - processInstallationUpgrade - isFirstTimeInstallation: false\n1377939440762 - [...]
Line Deleted : user_pref("extensions.wajam.unique_id", "5A786F596ECD51D89E2F48B8BAEA377A");
Line Deleted : user_pref("extensions.wajam.user_current_mapping_version", "0");
Line Deleted : user_pref("extensions.wajam.version", "1.26");
[ File : C:\Users\JoGo\AppData\Roaming\Mozilla\Firefox\Profiles\1gopu0hl.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Johannes.Gottlieb\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Johannes.Gottlieb\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [14971 octets] - [01/09/2013 11:28:27]
AdwCleaner[S0].txt - [13831 octets] - [01/09/2013 12:02:19]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13892 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.6 (08.30.2013:1)
OS: Windows 7 Ultimate x64
Ran by johannes.gottlieb on 01.09.2013 at 12:08:38,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta ltd
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EA981843-89BD-4961-9F90-F9E6C948F964}
~~~ Files
Successfully deleted: [File] C:\Windows\Tasks\Lyrics Seeker Update.job
Successfully deleted: [File] "C:\Users\Johannes.Gottlieb\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!"
Successfully deleted: [Folder] "C:\Users\Johannes.Gottlieb\music\qtrax media library"
~~~ FireFox
Emptied folder: C:\Users\Johannes.Gottlieb\AppData\Roaming\mozilla\firefox\profiles\jrujsnqu.default\minidumps [282 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.09.2013 at 12:14:49,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-09-2013
Ran by johannes.gottlieb (administrator) on TOSH1 on 01-09-2013 12:22:48
Running from C:\Users\Johannes.Gottlieb\Desktop\Scannen von Schadsoftware
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nero AG) c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\system32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\XSManager\WTGService.exe
(4G Systems GmbH & Co. KG) C:\Windows\service4g.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(4G Systems GmbH & Co. KG) C:\Windows\starter4g.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Tobit Software) C:\Program Files (x86)\Tobit InfoCenter\David\Apps\Replica\CODE\replica.exe
(Tobit Software) C:\Program Files (x86)\Tobit InfoCenter\David\Code\SL.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Toshiba Europe GmbH) C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Tobit.Software) C:\Windows\SysWOW64\DV4TS.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe
() C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] - C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050072 2010-05-11] (Toshiba Europe GmbH)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-11] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505768 2010-05-25] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1504608 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] - C:\Windows\system32\thpsrv /logon [x]
HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705432 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] - C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [136136 2010-04-19] (Toshiba Europe GmbH)
HKLM\...\Run: [HP Color LaserJet CM2320 MFP Series Fax] - C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKCU\...\Run: [updateMgr] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe [313472 2006-03-30] (Adobe Systems Incorporated)
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
MountPoints2: {2c5b5c17-2248-11e1-bdcc-002318949294} - F:\autorun.exe
MountPoints2: {fb37b720-f8bf-11e1-8193-002318949294} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKLM-x32\...\Run: [NBAgent] - c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-09] (Nero AG)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [TOSDCR] - C:\Program Files (x86)\TOSHIBA\PasswordUtility\TOSDCR.exe [169296 2007-08-28] ()
HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSleepSrv] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252728 2010-04-01] (TOSHIBA)
HKLM-x32\...\Run: [starter4g] - C:\Windows\starter4g.exe [160424 2010-04-30] (4G Systems GmbH & Co. KG)
HKLM-x32\...\Run: [DV4TS.EXE] - c:\windows\system32\DV4TS.EXE [x]
HKLM-x32\...\Run: [HPUsageTracking] - C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe [24576 2009-05-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2008-04-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKU\administrator\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\Default\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\JoGo\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
HKU\JoGo\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe [256280 2010-01-27] (Adobe Systems, Inc.)
HKU\User\...\Run: [TOSHIBA Online Product Information] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)
Startup: C:\Users\administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Verbindungsmanager.lnk
ShortcutTarget: Verbindungsmanager.lnk -> C:\Program Files (x86)\HP Wireless Printer Adapter\ConnectMgr.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Johannes.Gottlieb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {4118306C-A499-4736-B8ED-C7B1AEA899BB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKCU - {043AF010-D3A0-4A79-BDD9-5EA978BE943D} URL = hxxp://rover.ebay.com/rover/1/707-44556-9400-9/4?satitle={searchTerms}
SearchScopes: HKCU - {4118306C-A499-4736-B8ED-C7B1AEA899BB} URL =
SearchScopes: HKCU - {7BB8434F-BF7C-4CF0-8685-81632CA75039} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibade-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKCU - {E8DEF850-8D47-475F-9A8A-EF430DD2F1A1} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 83.169.185.97 83.169.185.33
Tcpip\..\Interfaces\{89A696DF-2554-4373-B5B9-4CC709836F0D}: [NameServer]192.168.1.1,192.168.1.254
Tcpip\..\Interfaces\{FF0CBC07-64D7-4841-B6C9-E10BAB31C86D}: [NameServer]192.168.1.1,192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://montanes.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.15.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.15.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Lyrics Seeker - C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\Extensions\131
FF Extension: WebConnect - C:\Users\Johannes.Gottlieb\AppData\Roaming\Mozilla\Firefox\Profiles\jrujsnqu.default\Extensions\firefox@webconnect.co
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: No Name - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF HKCU\...\Firefox\Extensions: [{450ef4aa-3d18-4b12-8d9f-ecc17330b054}] C:\Program Files (x86)\LyricsSeeker\131.xpi
FF Extension: No Name - C:\Program Files (x86)\LyricsSeeker\131.xpi
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Google Drive) - C:\Users\JOHANN~1.GOT\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: () - C:\Users\JOHANN~1.GOT\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfcpnihmbfoaeoakalclfalkdepgiaje\2.0.0.1
CHR Extension: (YouTube) - C:\Users\JOHANN~1.GOT\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\JOHANN~1.GOT\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (\x4cy\x72i\x63\x73\x20Se\x65\x6ber) - C:\Users\JOHANN~1.GOT\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgoiojnjnacbjngolldkokokgpcjbgjj\1.131
CHR Extension: (Gmail) - C:\Users\JOHANN~1.GOT\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [bfcpnihmbfoaeoakalclfalkdepgiaje] - C:\Users\Johannes.Gottlieb\AppData\Roaming\SpecialSavings\SpecialSavings.crx
CHR HKLM-x32\...\Chrome\Extension: [lgoiojnjnacbjngolldkokokgpcjbgjj] - C:\Program Files (x86)\LyricsSeeker\131.crx
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 DavidReplica; C:\Program Files (x86)\Tobit InfoCenter\David\Apps\Replica\CODE\replica.exe [1665536 2010-06-06] (Tobit Software)
R2 DavidServiceLayer; C:\Program Files (x86)\Tobit InfoCenter\David\Code\SL.EXE [2493272 2012-03-05] (Tobit Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)
R2 WTGService; C:\Program Files (x86)\XSManager\WTGService.exe [329168 2010-04-12] ()
R2 XS Stick Service; C:\Windows\service4g.exe [145064 2010-04-30] (4G Systems GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-31] (Avira Operations GmbH & Co. KG)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [117888 2011-12-13] (Mobile Connector)
R3 hpnuhst; C:\Windows\System32\DRIVERS\hpnuhst.sys [16384 2007-03-27] (Hewlett-Packard Development Company)
R3 HPNUHUB; C:\Windows\System32\DRIVERS\hpnuhub.sys [40448 2007-10-30] (Hewlett-Packard Development Company)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-01 12:08 - 2013-09-01 12:08 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 11:28 - 2013-09-01 12:02 - 00000000 ____D C:\AdwCleaner
2013-09-01 10:48 - 2013-09-01 10:48 - 00000000 _____ C:\Users\Johannes.Gottlieb\defogger_reenable
2013-09-01 08:55 - 2013-09-01 08:55 - 00000000 ____D C:\FRST
2013-08-31 15:47 - 2013-08-31 15:47 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\Vorträge 2013
2013-08-30 21:58 - 2013-08-30 21:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-30 21:58 - 2013-08-30 21:58 - 00000000 ____D C:\Users\Johannes.Gottlieb\AppData\Roaming\Malwarebytes
2013-08-30 21:58 - 2013-08-30 21:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-30 21:58 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-29 13:53 - 2013-09-01 12:05 - 00000412 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-08-29 13:53 - 2013-08-31 00:35 - 00000000 ____D C:\Program Files (x86)\LyricsSeeker
2013-08-29 13:53 - 2013-08-29 13:53 - 00003084 _____ C:\Windows\System32\Tasks\Lyrics Seeker Update
2013-08-29 13:53 - 2013-08-29 13:53 - 00000000 ____D C:\Users\Johannes.Gottlieb\AppData\Local\avgchrome
2013-08-27 08:12 - 2013-08-27 08:12 - 00924672 _____ C:\Users\Johannes.Gottlieb\Desktop\VWDA Gesprächsvorlage Managementkonzept 26 08 2013_ErgaenzungDD.ppt
2013-08-26 16:10 - 2013-08-26 16:10 - 00065732 _____ C:\Users\Johannes.Gottlieb\Desktop\Kopie von Musterportfolio.xlsm
2013-08-25 22:05 - 2013-08-31 15:01 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\Word-Docs
2013-08-25 20:45 - 2013-08-25 20:45 - 00050688 _____ C:\Users\Johannes.Gottlieb\Desktop\BBbank.xls
2013-08-25 11:11 - 2013-08-25 20:42 - 00806400 _____ C:\Users\Johannes.Gottlieb\Desktop\VWDA Gesprächsvorlage Managementkonzept 25.08.2013.ppt
2013-08-24 12:45 - 2013-08-24 12:45 - 00000057 _____ C:\ProgramData\Ament.ini
2013-08-24 11:04 - 2013-08-24 11:04 - 00003668 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910
2013-08-24 11:04 - 2013-08-24 11:04 - 00000000 ____D C:\Users\Johannes.Gottlieb\AppData\Roaming\HpUpdate
2013-08-24 11:04 - 2010-11-16 21:24 - 00750440 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5312.dll
2013-08-24 11:02 - 2013-08-24 11:02 - 00000000 ____D C:\Program Files\HP
2013-08-24 11:01 - 2013-08-24 11:01 - 00000000 ____D C:\Users\Johannes.Gottlieb\AppData\Local\HP
2013-08-23 11:41 - 2013-08-23 11:41 - 08824320 _____ C:\Users\Johannes.Gottlieb\Desktop\MS_ZED Geothermal Power Fund I - Basisinformation 23 07 2013 - ENGLISH.ppt
2013-08-21 21:40 - 2013-08-21 21:40 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-08-21 08:04 - 2013-08-21 08:07 - 08824320 _____ C:\Users\Johannes.Gottlieb\Desktop\MS_ZED Geothermal Power Fund I - Basisinformation 20 07 2013 - ENGLISH.ppt
2013-08-21 08:00 - 2013-08-21 08:00 - 02140160 _____ C:\Users\Johannes.Gottlieb\Desktop\ZED Renewable Energies Fund I - Basisinformation 15.07.2013.ppt
2013-08-15 19:52 - 2013-08-15 19:52 - 00037888 _____ C:\Users\Johannes.Gottlieb\Desktop\Kopie von 130812_Schwarzenberg_Eco2heat.xls
2013-08-15 19:51 - 2013-08-15 19:51 - 00096256 _____ C:\Users\Johannes.Gottlieb\Desktop\Kopie von 2013_E2H_Projektabwicklung.xls
2013-08-15 19:51 - 2013-08-15 19:51 - 00058880 _____ C:\Users\Johannes.Gottlieb\Desktop\Kopie von 130726_Schwarzenberg_Flächen.xls
2013-08-13 21:33 - 2013-08-13 21:34 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\Bilder Madeira
2013-08-12 14:44 - 2013-08-12 14:45 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\201 TSW Terra-Sol
2013-08-11 08:14 - 2013-08-11 08:14 - 00000000 ____D C:\Program Files (x86)\QuickTime
==================== One Month Modified Files and Folders =======
2013-09-01 12:22 - 2013-09-01 12:17 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\Scannen von Schadsoftware
2013-09-01 12:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2013-09-01 12:12 - 2009-07-14 06:45 - 00021440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-01 12:12 - 2009-07-14 06:45 - 00021440 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-01 12:08 - 2013-09-01 12:08 - 00000000 ____D C:\Windows\ERUNT
2013-09-01 12:06 - 2012-09-17 09:39 - 00000000 ____D C:\Users\Johannes.Gottlieb\AppData\Roaming\Skype
2013-09-01 12:05 - 2013-08-29 13:53 - 00000412 _____ C:\Windows\Tasks\Lyrics Seeker Update.job
2013-09-01 12:04 - 2012-12-24 12:52 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-01 12:03 - 2012-07-05 09:40 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-09-01 12:03 - 2010-11-20 07:21 - 00144112 _____ C:\Windows\PFRO.log
2013-09-01 12:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-01 12:03 - 2009-07-14 06:51 - 00058239 _____ C:\Windows\setupact.log
2013-09-01 12:02 - 2013-09-01 11:28 - 00000000 ____D C:\AdwCleaner
2013-09-01 12:02 - 2010-11-20 07:25 - 01125327 _____ C:\Windows\WindowsUpdate.log
2013-09-01 11:54 - 2012-08-09 22:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-01 11:25 - 2012-12-24 12:52 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-01 11:00 - 2009-07-14 06:45 - 00511528 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-01 10:48 - 2013-09-01 10:48 - 00000000 _____ C:\Users\Johannes.Gottlieb\defogger_reenable
2013-09-01 10:48 - 2012-08-27 12:46 - 00000000 ____D C:\Users\Johannes.Gottlieb
2013-09-01 09:19 - 2013-06-04 10:40 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\Desk Programme
2013-09-01 08:55 - 2013-09-01 08:55 - 00000000 ____D C:\FRST
2013-09-01 08:51 - 2012-08-27 12:49 - 00132800 _____ C:\Users\Johannes.Gottlieb\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-01 08:26 - 2012-01-26 15:57 - 00000128 _____ C:\Windows\system32\config\netlogon.ftl
2013-08-31 15:47 - 2013-08-31 15:47 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\Vorträge 2013
2013-08-31 15:20 - 2009-07-14 19:58 - 00697542 _____ C:\Windows\system32\perfh007.dat
2013-08-31 15:20 - 2009-07-14 19:58 - 00148548 _____ C:\Windows\system32\perfc007.dat
2013-08-31 15:20 - 2009-07-14 07:13 - 01614924 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-31 15:01 - 2013-08-25 22:05 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\Word-Docs
2013-08-31 11:23 - 2012-03-28 12:39 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-31 09:24 - 2012-08-27 12:46 - 00000000 ___RD C:\Users\Johannes.Gottlieb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-08-31 09:23 - 2012-11-22 19:29 - 00000000 ____D C:\Program Files\Bonjour
2013-08-31 09:23 - 2012-11-22 19:29 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-08-31 09:15 - 2012-02-17 02:12 - 00000000 ____D C:\Program Files (x86)\HP
2013-08-31 09:09 - 2012-12-23 21:24 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-31 09:09 - 2012-12-23 21:24 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-31 09:08 - 2012-12-23 21:24 - 00000000 ____D C:\Program Files\iTunes
2013-08-31 09:08 - 2012-12-23 21:24 - 00000000 ____D C:\Program Files\iPod
2013-08-31 08:21 - 2013-07-28 12:25 - 00000072 _____ C:\Users\Johannes.Gottlieb\AppData\Roaming\WB.CFG
2013-08-31 08:21 - 2013-06-22 12:01 - 00000005 _____ C:\Users\Johannes.Gottlieb\AppData\Roaming\WBPU-TTL.DAT
2013-08-31 00:35 - 2013-08-29 13:53 - 00000000 ____D C:\Program Files (x86)\LyricsSeeker
2013-08-31 00:35 - 2013-02-18 15:51 - 00000000 ___RD C:\Users\Johannes.Gottlieb\Desktop\Dokumente 2013
2013-08-30 21:59 - 2013-08-30 21:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-30 21:58 - 2013-08-30 21:58 - 00000000 ____D C:\Users\Johannes.Gottlieb\AppData\Roaming\Malwarebytes
2013-08-30 21:58 - 2013-08-30 21:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-29 17:05 - 2012-09-15 20:27 - 00000000 ____D C:\Users\Johannes.Gottlieb\AppData\Roaming\Tobit
2013-08-29 13:53 - 2013-08-29 13:53 - 00003084 _____ C:\Windows\System32\Tasks\Lyrics Seeker Update
2013-08-29 13:53 - 2013-08-29 13:53 - 00000000 ____D C:\Users\Johannes.Gottlieb\AppData\Local\avgchrome
2013-08-29 08:04 - 2012-11-11 00:11 - 00000000 ____D C:\Users\Johannes.Gottlieb\Documents\Solar und Fotovoltaik Software 2011
2013-08-28 14:21 - 2013-07-22 21:15 - 00000000 ____D C:\Users\Johannes.Gottlieb\Documents\PhraseExpress
2013-08-28 14:21 - 2013-07-22 21:00 - 00000000 ____D C:\Users\Public\Documents\PhraseExpress
2013-08-28 14:03 - 2013-05-18 11:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-27 08:12 - 2013-08-27 08:12 - 00924672 _____ C:\Users\Johannes.Gottlieb\Desktop\VWDA Gesprächsvorlage Managementkonzept 26 08 2013_ErgaenzungDD.ppt
2013-08-26 16:10 - 2013-08-26 16:10 - 00065732 _____ C:\Users\Johannes.Gottlieb\Desktop\Kopie von Musterportfolio.xlsm
2013-08-25 20:56 - 2013-07-09 11:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-25 20:45 - 2013-08-25 20:45 - 00050688 _____ C:\Users\Johannes.Gottlieb\Desktop\BBbank.xls
2013-08-25 20:42 - 2013-08-25 11:11 - 00806400 _____ C:\Users\Johannes.Gottlieb\Desktop\VWDA Gesprächsvorlage Managementkonzept 25.08.2013.ppt
2013-08-24 12:52 - 2012-02-17 01:00 - 00000000 ____D C:\ProgramData\HP
2013-08-24 12:45 - 2013-08-24 12:45 - 00000057 _____ C:\ProgramData\Ament.ini
2013-08-24 11:04 - 2013-08-24 11:04 - 00003668 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8500 A910
2013-08-24 11:04 - 2013-08-24 11:04 - 00000000 ____D C:\Users\Johannes.Gottlieb\AppData\Roaming\HpUpdate
2013-08-24 11:02 - 2013-08-24 11:02 - 00000000 ____D C:\Program Files\HP
2013-08-24 11:01 - 2013-08-24 11:01 - 00000000 ____D C:\Users\Johannes.Gottlieb\AppData\Local\HP
2013-08-23 11:41 - 2013-08-23 11:41 - 08824320 _____ C:\Users\Johannes.Gottlieb\Desktop\MS_ZED Geothermal Power Fund I - Basisinformation 23 07 2013 - ENGLISH.ppt
2013-08-21 21:41 - 2012-08-09 22:00 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-08-21 21:40 - 2013-08-21 21:40 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-08-21 21:40 - 2012-08-09 22:00 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-08-21 21:40 - 2012-02-27 22:59 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-08-21 08:07 - 2013-08-21 08:04 - 08824320 _____ C:\Users\Johannes.Gottlieb\Desktop\MS_ZED Geothermal Power Fund I - Basisinformation 20 07 2013 - ENGLISH.ppt
2013-08-21 08:00 - 2013-08-21 08:00 - 02140160 _____ C:\Users\Johannes.Gottlieb\Desktop\ZED Renewable Energies Fund I - Basisinformation 15.07.2013.ppt
2013-08-19 16:57 - 2013-07-24 18:07 - 00002154 _____ C:\Users\Johannes.Gottlieb\AppData\Roaming\SAS7_000.DAT
2013-08-18 07:26 - 2013-07-21 18:19 - 00000000 ____D C:\Windows\system32\MRT
2013-08-18 07:23 - 2012-11-11 13:37 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-16 14:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-15 19:52 - 2013-08-15 19:52 - 00037888 _____ C:\Users\Johannes.Gottlieb\Desktop\Kopie von 130812_Schwarzenberg_Eco2heat.xls
2013-08-15 19:51 - 2013-08-15 19:51 - 00096256 _____ C:\Users\Johannes.Gottlieb\Desktop\Kopie von 2013_E2H_Projektabwicklung.xls
2013-08-15 19:51 - 2013-08-15 19:51 - 00058880 _____ C:\Users\Johannes.Gottlieb\Desktop\Kopie von 130726_Schwarzenberg_Flächen.xls
2013-08-13 21:34 - 2013-08-13 21:33 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\Bilder Madeira
2013-08-12 14:45 - 2013-08-12 14:44 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\201 TSW Terra-Sol
2013-08-11 08:14 - 2013-08-11 08:14 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-08-07 17:13 - 2010-06-08 15:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-07 17:13 - 2010-06-08 15:10 - 00000000 ____D C:\ProgramData\Skype
2013-08-05 16:25 - 2013-06-29 08:42 - 00000000 ____D C:\Users\Johannes.Gottlieb\Desktop\Dokumente 2013 Juli
Files to move or delete:
====================
C:\Users\JoGo\AppData\Local\Temp\FP_PL_PFS_INSTALLER_32bit.exe
C:\Users\JoGo\AppData\Local\Temp\TeamViewer\Version7\TeamViewer_.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\APNStub.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\AskSLib.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\de_ww_Package.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\Quarantine.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\setup.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TuneUpUtilities2013_de-DE.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\uninst1.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\{AC76BA86-1033-F400-BA7E-100000000002}\asneu.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\{2CBCEC3C-FD52-4FE0-8EDE-48726B3095D1}\ISBEW64.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\UpdateWizard_62743\SilentUpdater.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\upd15D8\BabScheduler2000201.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\awt.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\cmm.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\dcpr.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\deploy.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\deploytk.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\dt_shmem.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\dt_socket.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\eula.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\fontmanager.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\hpi.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\hprof.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\instrument.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\ioser12.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\j2pcsc.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jaas_nt.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\java-rmi.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\java.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\java_crw_demo.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jawt.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jbroker.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\JdbcOdbc.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jdwp.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jli.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jp2iexp.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jp2launcher.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jp2native.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jp2ssv.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jpeg.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jsound.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\jureg.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\management.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\mlib_image.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\msvcrt.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\net.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\nio.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\npdeploytk.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\npt.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\pack200.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\regutils.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\rmi.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\splashscreen.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\ssv.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\ssvagent.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\unpack.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\unpack200.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\verify.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\w2k_lsa_auth.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\wsdetect.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\zip.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\server\jvm.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\new_plugin\msvcrt.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\java\jre\win64\jre\bin\new_plugin\npjp2.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\bin\win64\dotnetinst.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\bin\win64\instutil.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\bin\win64\java_launcher.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\bin\win64\mwinstall.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\bin\win64\setup.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\bin\win64\vcredist_x64.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\TMW1D90.tmp\bin\win64\VCRT_check.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\SDIAG_a7855e6b-455c-4ecf-8895-78cad746d533\DiagPackage.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\SDIAG_9fe09922-66d0-44a7-a478-02c278c0d08b\DiagPackage.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\Package2\Setup\TOBITCLT.DLL
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\nsqBD6D.tmp\System.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\nsqBD6D.tmp\UAC.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\NaturallySpeaking\dragon_support_packager.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\NaturallySpeaking\instmsiw.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\NaturallySpeaking\setup.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\NaturallySpeaking\WindowsInstaller-KB893803-x86.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\NaturallySpeaking\ISSetupPrerequisites\dotNetFramework\dotNetFx40_Full_x86_x64.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\NaturallySpeaking\Documentation\NuancePDFReader_EFGDIS.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\is357113909\chrome_logic.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\is357113909\dp.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\is357113909\OpenItSetup.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\is357113909\QtraxInstaller.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\is357113909\wajam_validate.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\is1590112554\OpenItSetup.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\is1590112554\wajam_validate.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\busA37F\ff21v.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\B0AB4348-BAB0-7891-BFCB-56F52B786494\Latest\BExternal.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\B0AB4348-BAB0-7891-BFCB-56F52B786494\Latest\BUSolForMontiera.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\B0AB4348-BAB0-7891-BFCB-56F52B786494\Latest\ccp.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\B0AB4348-BAB0-7891-BFCB-56F52B786494\Latest\ChromeToolbarSetup.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\B0AB4348-BAB0-7891-BFCB-56F52B786494\Latest\CrxInstaller.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\B0AB4348-BAB0-7891-BFCB-56F52B786494\Latest\enhancedNT.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\B0AB4348-BAB0-7891-BFCB-56F52B786494\Latest\GUninstaller.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\B0AB4348-BAB0-7891-BFCB-56F52B786494\Latest\IEHelper.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\B0AB4348-BAB0-7891-BFCB-56F52B786494\Latest\MntrDLLInstall.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\B0AB4348-BAB0-7891-BFCB-56F52B786494\Latest\sqlite3.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\A0EE81B6-BAB0-7891-87EE-BD6E6F6A5910\Latest\BExternal.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\A0EE81B6-BAB0-7891-87EE-BD6E6F6A5910\Latest\BUSolForMontiera.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\A0EE81B6-BAB0-7891-87EE-BD6E6F6A5910\Latest\ccp.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\A0EE81B6-BAB0-7891-87EE-BD6E6F6A5910\Latest\ChromeToolbarSetup.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\A0EE81B6-BAB0-7891-87EE-BD6E6F6A5910\Latest\CrxInstaller.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\A0EE81B6-BAB0-7891-87EE-BD6E6F6A5910\Latest\enhancedNT.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\A0EE81B6-BAB0-7891-87EE-BD6E6F6A5910\Latest\GUninstaller.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\A0EE81B6-BAB0-7891-87EE-BD6E6F6A5910\Latest\IEHelper.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\A0EE81B6-BAB0-7891-87EE-BD6E6F6A5910\Latest\MntrDLLInstall.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\A0EE81B6-BAB0-7891-87EE-BD6E6F6A5910\Latest\sqlite3.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\9F7FA5C5-BAB0-7891-8045-296DEB990CB3\Latest\BExternal.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\9F7FA5C5-BAB0-7891-8045-296DEB990CB3\Latest\BUSolForMontiera.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\9F7FA5C5-BAB0-7891-8045-296DEB990CB3\Latest\BUSolution.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\9F7FA5C5-BAB0-7891-8045-296DEB990CB3\Latest\ChromeToolbarSetup.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\9F7FA5C5-BAB0-7891-8045-296DEB990CB3\Latest\CrxInstaller.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\9F7FA5C5-BAB0-7891-8045-296DEB990CB3\Latest\GUninstaller.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\9F7FA5C5-BAB0-7891-8045-296DEB990CB3\Latest\IEHelper.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\9F7FA5C5-BAB0-7891-8045-296DEB990CB3\Latest\MntrDLLInstall.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\9F7FA5C5-BAB0-7891-8045-296DEB990CB3\Latest\sqlite3.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\setup.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\AccessibleMarshal.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\breakpadinjector.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\crashreporter.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\D3DCompiler_43.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\firefox.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\freebl3.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\gkmedias.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\libEGL.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\libGLESv2.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\maintenanceservice.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\maintenanceservice_installer.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\mozalloc.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\mozglue.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\mozjs.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\msvcp100.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\msvcr100.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\nss3.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\nssckbi.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\nssdbm3.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\plugin-container.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\plugin-hang-ui.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\softokn3.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\updater.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\webapp-uninstaller.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\webapprt-stub.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\xul.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\uninstall\helper.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\7zS7314.tmp\core\browser\components\browsercomps.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\38FDFC2D-BAB0-7891-8FC7-DEF964242C7E\Latest\BExternal.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\38FDFC2D-BAB0-7891-8FC7-DEF964242C7E\Latest\BUSolForMontiera.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\38FDFC2D-BAB0-7891-8FC7-DEF964242C7E\Latest\ccp.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\38FDFC2D-BAB0-7891-8FC7-DEF964242C7E\Latest\ChromeToolbarSetup.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\38FDFC2D-BAB0-7891-8FC7-DEF964242C7E\Latest\CrxInstaller.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\38FDFC2D-BAB0-7891-8FC7-DEF964242C7E\Latest\enhancedNT.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\38FDFC2D-BAB0-7891-8FC7-DEF964242C7E\Latest\GUninstaller.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\38FDFC2D-BAB0-7891-8FC7-DEF964242C7E\Latest\IEHelper.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\38FDFC2D-BAB0-7891-8FC7-DEF964242C7E\Latest\MntrDLLInstall.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\38FDFC2D-BAB0-7891-8FC7-DEF964242C7E\Latest\sqlite3.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\GoogleEarth.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemyext.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\earthps.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\geplugin.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\ge_expat.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\googleearth_free.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\icudt.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGAttrs.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGCore.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGExportCommon.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGGfx.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGMath.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGOpt.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGSg.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\IGUtils.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\msvcp100.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\msvcr100.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\npgeplugin.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\plugin_ax.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\QtCore4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\QtGui4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\QtNetwork4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\QtWebKit4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\imageformats\qgif4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\imageformats\qjpeg4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\optimizations\IGOptExtension.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\D3DCompiler_43.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\d3dx9_43.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGAttrs.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGGfx.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\IGSg.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\libEGL.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogles20\libGLESv2.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGAttrs.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGGfx.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\plugin\alchemy\ogl\IGSg.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemyext.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\earthflashsol.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\earthps.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\ge_expat.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\googleearth.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\googleearth_free.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\gpsbabel.exe
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\icudt.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGAttrs.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGCore.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGExportCommon.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGGfx.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGMath.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGOpt.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGSg.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\IGUtils.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\msvcp100.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\msvcr100.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\QtCore4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\QtGui4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\QtNetwork4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\QtWebKit4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\Plugins\npgeinprocessplugin.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\imageformats\qgif4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\imageformats\qjpeg4.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\optimizations\IGOptExtension.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\D3DCompiler_43.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\d3dx9_43.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGAttrs.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGGfx.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\IGSg.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\libEGL.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogles20\libGLESv2.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGAttrs.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGGfx.dll
C:\Users\Johannes.Gottlieb\AppData\Local\Temp\._msige61\program files\Google\Google Earth\client\alchemy\ogl\IGSg.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-22 10:05
==================== End Of Log ============================
--- --- ---
--- --- --- |
So funktioniert es:
AdwCleaner auf deinen Desktop.
SecurityCheck und:
