Trojaner-Board - Friend Checker, Conduit Search, seltsames Browser Verhalten

Danke.
FRST läuft nun, Lösung war: GEht nicht wenn die DOS-Einngabe blockiert ist z.B. durch ein Schutzprogramm.

Ich hatte noch weitere 4 Fragen gestellt. Da es sich wohl "nur" um ein bösartiges Addon/ Adware handelt, stelle meine Verseuchungs-Angst zurück.

Meine Frage bleibt offen, ob ein sauberes Backup der Broser wieder möglich wird. Für Neuinstallation des Rechners bräuchte ich dieses (von allen 4 Browsern -
jaja, kompliziert, aaber jeder kann halt was anderes gut:abklatsch:)

Mit Dank und Gruß
awk

PS: WOMIT habe ich mir das alles eingefangen???

Hier die Logs:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-04-2014

Ran by Andreas (administrator) on ANDREAS-PC on 27-04-2014 22:16:30

Running from C:\Users\Andreas\Desktop

Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(DigitalPersona, Inc.) c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe

(Salfeld Computer) C:\Windows\tray\wintmr.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe

(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(SANDBOXIE L.T.D) C:\Users\Andreas\SYSTEMprogramme\SbieCtrl.exe

(Google Inc.) C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe

(Dominik Reichl) C:\Program Files\KeePass Password Safe\KeePass.exe

() C:\Program Files\Ditto\Ditto.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corporation) C:\Windows\system32\cmd.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe

(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe

(Microsoft Corporation) C:\Windows\system32\taskmgr.exe

(Salfeld Computer) C:\Program Files\Salfeld\Kisi\kisiset.exe

(Salfeld Computer) C:\Windows\system32\cc32\webtmr.exe

(Mozilla Foundation) C:\Program Files\Mozilla Thunderbird\crashreporter.exe

(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-06-18] (PDF Complete Inc)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1640504 2009-08-20] (Hewlett-Packard)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)

HKLM\...\Run: [MVS Splash] => C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe

HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [153640 2009-06-04] (ActivIdentity)

HKLM\...\Run: [] => [X]

HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [400936 2009-06-04] (ActivIdentity)

HKLM\...\Run: [File Sanitizer] => c:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11258368 2009-07-15] (Hewlett-Packard)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-10] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-08-05] (IDT, Inc.)

HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)

HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)

HKLM\...\Run: [vProt] => "C:\Program Files\AVG Secure Search\vprot.exe"

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\Run: [ChicoSys] => C:\Windows\system32\cc32\webtmr.exe [6484352 2009-07-14] (Salfeld Computer)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Run: [Updater] => C:\ProgramData\Updater\Updater.exe [486264 2013-12-19] (Updater)

HKLM\...\runonceex: [ContentMerger] - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-13] (Sonic Solutions)

HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,

Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll (Hewlett-Packard Limited)

HKLM\...\Policies\Explorer: [NoAutorun] 1

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKU\.DEFAULT\...\Run: [CCWinTray] => C:\Windows\tray\wintmr.exe [6864256 2009-07-14] (Salfeld Computer)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [HPADVISOR] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-08-13] (Hewlett-Packard)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [SandboxieControl] => C:\Users\Andreas\SYSTEMprogramme\SbieCtrl.exe [442640 2011-11-23] (SANDBOXIE L.T.D)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [Google Update] => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-01] (Google Inc.)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [KeePass Password Safe] => C:\Program Files\KeePass Password Safe\KeePass.exe [2117632 2014-04-06] (Dominik Reichl)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [PC Suite Tray] => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [Ditto] => C:\Program Files\Ditto\Ditto.exe [1350144 2012-01-03] ()

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [CCWinTray] => C:\Windows\tray\wintmr.exe [6864256 2009-07-14] (Salfeld Computer)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe [486264 2013-12-19] (Updater)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\system: [DisableClock] 1

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\system: [DisableLockWorkstation] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\Explorer: [RestrictRun] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\MountPoints2: {5b5d81a5-8e33-11e1-902b-0009dd5029c9} - D:\Install.exe

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\MountPoints2: {91848a7a-159c-11e2-934a-705ab697ae61} - D:\setup.exe -a

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\MountPoints2: {a4f2663e-f5ae-11e2-963e-705ab697ae61} - G:\LGAutoRun.exe

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Run: [HPADVISOR] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-08-13] (Hewlett-Packard)

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Run: [CCWinTray] => C:\windows\tray\wintmr.exe [6864256 2009-07-14] (Salfeld Computer)

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe [486264 2013-12-19] (Updater)

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe [841096 2014-03-13] (Adobe Systems Incorporated)

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Policies\system: [DisableClock] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Policies\system: [DisableLockWorkstation] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1004\...\Policies\Explorer: [RestrictRun] 0

Lsa: [Notification Packages] DPPassFilter scecli

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)

Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\Mona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_DE&c=92&bd=all&pf=cmnb

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie

SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 

SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP24D0FC69-CA1C-434F-83A3-000B2DD50441&q={searchTerms}&SSPV=

SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP24D0FC69-CA1C-434F-83A3-000B2DD50441&q={searchTerms}&SSPV=

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear

SearchScopes: HKCU - {742E88D5-9010-46AA-AC14-40BADE3E90B8} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKCU - {91343ACB-EAA6-4986-A05A-36A9DE6932D8} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie

SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={AA84BBDD-C5EB-42FB-9AE5-F26FF3EC83F4}&mid=ef0ba35e35954242925b6c8602ac96fb-42c36a3c1954536467068e2918f4380efc067446&lang=de&ds=wa011&pr=&d=2012-10-22 23:38:44&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}

SearchScopes: HKCU - {997329D0-5E79-4A8B-878A-8713D269A659} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKCU - {C4BA47D3-A495-4814-8EE6-FE7C750E03B2} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKCU - {C6CA7969-6616-494A-B8C9-403353196BE3} URL = hxxp://ecosia.org/search?q={searchTerms}&addon=opsensearch-ie

BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: File Sanitizer for HP ProtectTools - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)

BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)

BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll No File

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: OpenLastClosedTab.LastClosedTab - {e15e75e9-a653-42a3-8d05-f2f7e309bdca} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File

Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll No File

Toolbar: HKLM - &Linkman - {5C9DCA26-CEC4-4280-A831-D622D4DBF113} - C:\Program Files\TOOLS\Linkman\LinkmanCom.dll (Outertech)

Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)

Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\myRmProt4.9.2.335.dll (McAfee, Inc.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll No File

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default

FF NewTab: hxxp://www.google.com/firefox

FF SearchEngineOrder.1: Google

FF SelectedSearchEngine: Google

FF Homepage: hxxp://www.google.com/firefox

FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File

FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF XChange Lite\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF XChange Lite\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andreas\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andreas\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSibelius.dll ()

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll ()

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\11-suche.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\bidvoynet-de.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\duckduckgo-1.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\duckduckgo.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\ecosia.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\google-video.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\idealode.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\mailcom-search.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\medikamentade.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\people-search.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\testberichtede.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\youtube-ssl.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: QuickFox Notes - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\amin.eft_bmnotes@gmail.com [2013-11-26]

FF Extension: bug682944 - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\bug682944@alice0775 [2012-05-18]

FF Extension: Pocket - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\isreaditlater@ideashower.com [2013-06-29]

FF Extension: KeeFox - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\keefox@chris.tomlinson [2014-03-22]

FF Extension: Rain Alarm Extension - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\rain-alarm@mdiener.de [2014-03-25]

FF Extension: screen-reader-simulator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\screen-reader-simulator@gaiamobile.org [2014-04-24]

FF Extension: Websteroids - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\support@websteroidsapp.com [2014-04-23]

FF Extension: AddThis - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2012-10-02]

FF Extension: WOT - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]

FF Extension: Snip It! Button for eBay - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{aab35b56-0206-4472-9993-9cb5c09bb722} [2012-09-30]

FF Extension: DownloadHelper - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]

FF Extension: Evernote Web Clipper - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2013-12-22]

FF Extension: billiger.de Sparberater - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\ciuvo-extension@billiger.de.xpi [2013-04-25]

FF Extension: Firebug - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\firebug@software.joehewitt.com.xpi [2013-12-28]

FF Extension: Email This! Bookmarklet Extension - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\gmailthis@lazyrussian.com.xpi [2011-09-13]

FF Extension: DuckDuckGo Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2013-04-16]

FF Extension: Lazarus: Form Recovery - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\lazarus@interclue.com.xpi [2011-12-14]

FF Extension: People Lookup - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\mail@sayemislam.com.xpi [2012-01-30]

FF Extension: Clearly - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\readable@evernote.com.xpi [2013-05-29]

FF Extension: Save Session - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\savesession@noasobi.net.xpi [2011-11-25]

FF Extension: ScrapBook Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\scrapbookplus@addons.mozilla.org.xpi [2011-09-13]

FF Extension: 如意淘：同款比价，价格曲线，降价提醒 - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\shoppingassist@ookong.com.xpi [2012-03-12]

FF Extension: Stealthy - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\stealthyextension@gmail.com.xpi [2011-12-08]

FF Extension: WEB.DE MailCheck - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\toolbar@web.de.xpi [2012-01-04]

FF Extension: WikiLook - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\wikilook@testpilot.xpi [2013-04-16]

FF Extension: YouTube to MP3 - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\youtube2mp3@mondayx.de.xpi [2011-10-17]

FF Extension: All-in-One Sidebar - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2011-09-12]

FF Extension: Session Manager - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2012-04-28]

FF Extension: Webutation - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2014-04-23]

FF Extension: FlashGot - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-02-19]

FF Extension: Unhide Passwords - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}.xpi [2011-12-14]

FF Extension: ebayitemdescriptionshowsellerloc - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{38fc2fbc-9500-46e7-8bc5-b128acd9e143}.xpi [2012-03-12]

FF Extension: Speed Dial - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2011-12-14]

FF Extension: OperaView - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{87f54a61-c9b3-4138-a38a-33c31770bb9e}.xpi [2011-09-12]

FF Extension: ImTranslator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2011-09-12]

FF Extension: Easy YouTube Video Downloader - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2011-10-17]

FF Extension: Ecosia - The search engine that plants trees - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2014-02-25]

FF Extension: Adblock Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-09-12]

FF Extension: BetterPrivacy - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-03-12]

FF Extension: Tab Mix Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011-11-25]

FF Extension: DownThemAll! - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-09-12]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-12-20]

FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\

FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1

FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013-02-20]

FF HKLM\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - C:\Program Files\Mobile Master\ext\1\

FF Extension: Mobile Master Add-In - C:\Program Files\Mobile Master\ext\1\ []

FF HKCU\...\Firefox\Extensions: [{576c7366-d9f6-439a-a42d-06940409e125}] - C:\Program Files\TubeSaver\130.xpi
 

Chrome: 

=======

CHR RestoreOnStartup: "https://www.google.com/calendar/render?tab=mc"

CHR DefaultSearchKeyword: ecosia.org

CHR DefaultSearchProvider: Ecosia

CHR DefaultSearchURL: hxxp://ecosia.org/search.php?q={searchTerms}&addon=opensearch

CHR DefaultNewTabURL: 

CHR Plugin: (Shockwave Flash) - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll No File

CHR Plugin: (ScorchPlugin) - C:\Program Files\Mozilla Firefox\plugins\NPSibelius.dll ()

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File

CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File

CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File

CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\system32\npDeployJava1.dll No File

CHR Extension: (Angry Birds) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-03]

CHR Extension: (Poper Blocker) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2013-08-23]

CHR Extension: (Hotah) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnjgpdehkocfilimigpgedggkneaacc [2014-01-31]

CHR Extension: (Strict Workflow) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd [2013-08-23]

CHR Extension: (Google Calendar) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-01-03]

CHR Extension: (Polycraft) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopfmbpfhhfnklgmjpoehcjaajhpbhbl [2014-01-31]

CHR Extension: (Planetarium) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2014-01-03]

CHR Extension: (Google Calendar (by Google)) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2014-02-25]

CHR Extension: (Air Hockey) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojagedhadegobocpaokaifiacjiolph [2013-08-20]

CHR Extension: (Timer) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhclmngbkkejbdfjmicnkmoggfpehein [2014-01-03]

CHR Extension: (The Old Reader) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhdpibondcndkgpoobpnndbbelpidhpk [2014-01-03]

CHR Extension: (Murder Files) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijfecbiladpinddbjfodaaiahggomhaf [2014-01-31]

CHR Extension: (Google Tasks Offline (Unofficial)) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jekhpicinnaamcmadbipjejafgkjdokh [2014-01-03]

CHR Extension: (Cut the Rope) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbadlndcminbkfojhlimnkgaackjmdo [2014-01-03]

CHR Extension: (Any.do Extension) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2013-08-23]

CHR Extension: (Evernote Web) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2013-08-28]

CHR Extension: (Pocket) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2014-01-03]

CHR Extension: (Google Wallet) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-26]

CHR Extension: (Any.do) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2014-01-24]

CHR Extension: (Bubble Santa) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbokbbbgkgifjmmbokbdiimcffphbgha [2014-01-03]

CHR Extension: (Accurate Ruler) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemefhlbiinkcopbapnfghcnjhlgceof [2014-01-03]

CHR Extension: (SpeakIt!) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2014-01-03]

CHR Extension: (Evernote Web Clipper) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-08-28]

CHR Extension: (Calculator) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppilpeehmlhboiknckikefgpdkpnhkgc [2014-01-24]

CHR HKLM\...\Chrome\Extension: [igjjkeeamkpihpncmmbgdkhdnjpcfmfb] - C:\ProgramData\Websteroids\Chrome\common.crx [2013-12-19]

CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.2.0.5\avg.crx [2013-12-19]

CHR HKLM\...\Chrome\Extension: [ojcdnngpmbenohhjlickdajclhbcaada] - C:\Program Files\TubeSaver\130.crx [2013-12-19]

CHR StartMenuInternet: Google Chrome - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

========================== Services (Whitelisted) =================
 

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-04] (ActivIdentity)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-07-27] (LSI Corporation)

R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [303184 2009-09-03] (DigitalPersona, Inc.)

R2 EngineServer; C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe [14144 2009-06-03] (McAfee, Inc.)

S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-08-17] (Hewlett-Packard Ltd)

S3 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-10] (Hewlett-Packard)

R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [95800 2009-08-20] (Hewlett-Packard)

S3 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-08-26] (Hewlett-Packard Development Company, L.P)

R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [96312 2009-08-20] (Hewlett-Packard)

R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [277024 2009-08-13] (McAfee, Inc.)

R2 HPFSService; c:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [293376 2009-07-15] (Hewlett-Packard)

R2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [45568 2014-01-15] (Parallel Lines Development, LLC)

S2 ksupmgr; C:\Windows\system32\ksupmgr.exe [765592 2010-08-25] (Salfeld Computer)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)

R2 McShield; C:\Program Files\McAfee\Managed VirusScan\VScan\McShield.exe [144704 2009-06-03] (McAfee, Inc.)

R2 MotoHelper; C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()

R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)

R2 SbieSvc; C:\Users\Andreas\SYSTEMprogramme\SbieSvc.exe [72976 2011-11-23] (SANDBOXIE L.T.D)

R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_0879317fde6173f1\STacSV.exe [221266 2009-08-05] (IDT, Inc.)

R2 StarMoney 7.0 OnlineUpdate; C:\Program Files\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe [554160 2011-11-08] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

R2 StarMoney 8.0 OnlineUpdate; C:\Program Files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

R2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)

S2 myAgtSvc; "C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe" /ServiceStart [X]

S2 vToolbarUpdater15.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [X]
 

==================== Drivers (Whitelisted) ====================
 

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2013-04-18] (Google Inc)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2013-04-18] (LG Electronics Inc.)

S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2013-06-28] (LG Electronics Inc.)

S1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [37664 2013-05-22] (AVG Technologies)

S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)

R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)

S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32312 2009-08-17] (Hewlett-Packard Development Company L.P.)

R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] ()

R3 MfeAVFK; C:\Windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)

R3 MfeBOPK; C:\Windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)

R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)

S3 MfeRKDK; C:\Windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)

R1 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)

R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [48128 2009-09-05] (REDC)

R2 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)

R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [40016 2009-08-13] (McAfee, Inc.)

R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [110448 2009-08-13] ()

R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [51728 2009-08-13] (McAfee, Inc.)

R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13184 2009-08-13] (McAfee, Inc.)

R3 SbieDrv; C:\Users\Andreas\SYSTEMprogramme\SbieDrv.sys [131856 2011-11-23] (SANDBOXIE L.T.D)

R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-27 22:16 - 2014-04-27 22:18 - 00041116 _____ () C:\Users\Andreas\Desktop\FRST.txt

2014-04-27 22:15 - 2014-04-27 22:17 - 00000655 _____ () C:\Windows\system32\cchservice.err

2014-04-27 22:08 - 2014-04-27 22:08 - 00000000 ____D () C:\Users\Andreas\Desktop\FRST-OlderVersion

2014-04-24 11:16 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-04-24 11:16 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-04-24 11:16 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-04-24 11:16 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-04-24 11:16 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-04-24 11:16 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-04-24 11:16 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-04-24 11:16 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-04-24 11:16 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-04-24 11:16 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-04-24 11:16 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-04-24 11:16 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-04-24 11:16 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-04-24 11:16 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-04-24 11:16 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-04-24 11:16 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-04-24 11:16 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-04-24 11:16 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-04-24 11:16 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-04-24 11:16 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-04-24 11:16 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-04-24 11:16 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-04-24 11:16 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-04-24 11:16 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-04-24 11:16 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-04-24 11:16 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-04-23 23:09 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-04-23 23:09 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-04-23 23:09 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-04-23 23:09 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-04-23 23:08 - 2014-04-23 23:09 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

2014-04-23 22:57 - 2014-04-23 23:03 - 00000000 ____D () C:\Users\Andreas\Downloads\software media

2014-04-23 21:50 - 2014-04-27 22:08 - 01049600 _____ (Farbar) C:\Users\Andreas\Desktop\FRST.exe

2014-04-23 21:23 - 2014-04-27 22:16 - 00000000 ____D () C:\FRST

2014-04-16 23:04 - 2014-04-16 23:06 - 00000000 ____D () C:\AdwCleaner

2014-04-16 23:02 - 2014-04-16 23:02 - 00000000 ____D () C:\Program Files\ESET

2014-04-16 22:34 - 2014-04-16 22:34 - 01891395 _____ (Dominik Reichl ) C:\Users\Andreas\Desktop\KeePass-1.27-Setup.exe

2014-04-16 22:14 - 2014-04-16 23:01 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-16 21:58 - 2014-04-16 21:58 - 00001197 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-16 21:58 - 2014-04-16 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-04-16 21:58 - 2014-04-16 21:58 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-16 21:58 - 2014-04-16 21:58 - 00000000 ____D () C:\Program Files\AntiPEST

2014-04-16 21:58 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-16 21:58 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-16 21:58 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-16 21:55 - 2014-04-16 21:57 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Andreas\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-16 21:24 - 2014-04-23 21:17 - 00000000 ____D () C:\Users\Andreas\Downloads\AntiPEST

2014-04-10 21:02 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-04-09 07:55 - 2014-04-09 07:55 - 00000000 ____D () C:\Users\TEST\AppData\Local\Microsoft Corporation

2014-04-09 07:54 - 2014-04-09 07:54 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\ATI

2014-04-09 07:54 - 2014-04-09 07:54 - 00000000 ____D () C:\Users\TEST\AppData\Local\ATI

2014-04-09 07:53 - 2014-04-10 22:41 - 00146904 _____ () C:\Users\TEST\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-09 07:52 - 2014-04-09 07:52 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Hewlett-Packard

2014-04-09 07:52 - 2014-04-09 07:52 - 00000000 ____D () C:\Users\TEST\AppData\Local\Hewlett-Packard

2014-04-09 07:51 - 2014-04-09 07:51 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Apple Computer

2014-04-09 07:51 - 2014-04-09 07:51 - 00000000 ____D () C:\Users\TEST\AppData\Local\PDFC

2014-04-09 07:50 - 2014-04-09 07:50 - 00001419 _____ () C:\Users\TEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-09 07:50 - 2014-04-09 07:50 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Salfeld

2014-04-09 07:50 - 2014-04-09 07:50 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Adobe

2014-04-09 07:49 - 2014-04-09 07:50 - 00000000 ____D () C:\Users\TEST

2014-04-09 07:49 - 2014-04-09 07:49 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Motorola

2014-04-09 07:49 - 2013-06-26 23:13 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Macromedia

2014-04-09 07:49 - 2011-09-26 21:09 - 00000000 ____D () C:\Users\TEST\AppData\Local\Microsoft Help

2014-04-09 07:49 - 2009-07-27 09:37 - 00000020 ___SH () C:\Users\TEST\ntuser.ini

2014-04-09 07:49 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\TEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-04-09 07:49 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\TEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 

==================== One Month Modified Files and Folders =======
 

2014-04-27 22:19 - 2013-02-14 13:28 - 00000000 ___HD () C:\ProgramData\Device

2014-04-27 22:18 - 2014-04-27 22:16 - 00041116 _____ () C:\Users\Andreas\Desktop\FRST.txt

2014-04-27 22:17 - 2014-04-27 22:15 - 00000655 _____ () C:\Windows\system32\cchservice.err

2014-04-27 22:16 - 2014-04-23 21:23 - 00000000 ____D () C:\FRST

2014-04-27 22:16 - 2012-04-15 19:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-27 22:15 - 2012-04-11 08:21 - 00000016 _____ () C:\Windows\system32\excltmp~.dat

2014-04-27 22:15 - 2011-10-01 13:52 - 00000261 _____ () C:\NET.INI

2014-04-27 22:11 - 2012-01-20 18:35 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-04-27 22:11 - 2011-11-29 21:13 - 00004720 _____ () C:\Windows\Sandboxie.ini

2014-04-27 22:09 - 2012-01-20 18:35 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-04-27 22:08 - 2014-04-27 22:08 - 00000000 ____D () C:\Users\Andreas\Desktop\FRST-OlderVersion

2014-04-27 22:08 - 2014-04-23 21:50 - 01049600 _____ (Farbar) C:\Users\Andreas\Desktop\FRST.exe

2014-04-27 22:02 - 2011-10-01 13:52 - 00000000 ___HD () C:\Program Files\Common Files\System Shared

2014-04-27 22:02 - 2011-10-01 03:35 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002UA.job

2014-04-27 22:01 - 2011-11-16 03:47 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003UA.job

2014-04-27 22:01 - 2011-11-16 03:47 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003Core.job

2014-04-27 22:01 - 2011-10-01 03:35 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002Core.job

2014-04-27 09:40 - 2012-10-22 23:35 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Ditto

2014-04-26 15:01 - 2010-10-13 22:23 - 01699403 _____ () C:\Windows\WindowsUpdate.log

2014-04-26 14:59 - 2009-10-01 03:18 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-04-26 14:57 - 2009-07-14 06:34 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-26 14:57 - 2009-07-14 06:34 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-26 14:52 - 2009-10-01 03:20 - 00000000 ____D () C:\ProgramData\PDFC

2014-04-26 14:51 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-26 14:50 - 2009-07-14 06:39 - 00408482 _____ () C:\Windows\setupact.log

2014-04-23 23:09 - 2014-04-23 23:08 - 00004117 _____ () C:\Windows\system32\jupdate-1.7.0_55-b14.log

2014-04-23 23:09 - 2013-10-22 23:21 - 00000000 ____D () C:\ProgramData\Oracle

2014-04-23 23:09 - 2012-09-01 13:15 - 00000000 ____D () C:\Program Files\Java

2014-04-23 23:03 - 2014-04-23 22:57 - 00000000 ____D () C:\Users\Andreas\Downloads\software media

2014-04-23 22:59 - 2013-06-26 23:12 - 00000000 ____D () C:\Users\Andreas\Downloads\System Software

2014-04-23 21:17 - 2014-04-16 21:24 - 00000000 ____D () C:\Users\Andreas\Downloads\AntiPEST

2014-04-19 13:28 - 2012-08-08 09:05 - 00000000 ____D () C:\Users\Andreas\.tfo4

2014-04-18 22:21 - 2013-09-17 18:54 - 00000000 ____D () C:\Program Files\StarMoney 9.0

2014-04-16 23:06 - 2014-04-16 23:04 - 00000000 ____D () C:\AdwCleaner

2014-04-16 23:02 - 2014-04-16 23:02 - 00000000 ____D () C:\Program Files\ESET

2014-04-16 23:01 - 2014-04-16 22:14 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-16 22:41 - 2011-12-20 01:04 - 00001067 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk

2014-04-16 22:41 - 2011-12-20 01:04 - 00001055 _____ () C:\Users\Andreas\Desktop\KeePass.lnk

2014-04-16 22:41 - 2011-12-20 01:04 - 00000000 ____D () C:\Program Files\KeePass Password Safe

2014-04-16 22:34 - 2014-04-16 22:34 - 01891395 _____ (Dominik Reichl ) C:\Users\Andreas\Desktop\KeePass-1.27-Setup.exe

2014-04-16 21:58 - 2014-04-16 21:58 - 00001197 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-16 21:58 - 2014-04-16 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-04-16 21:58 - 2014-04-16 21:58 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-16 21:58 - 2014-04-16 21:58 - 00000000 ____D () C:\Program Files\AntiPEST

2014-04-16 21:57 - 2014-04-16 21:55 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Andreas\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-16 21:07 - 2011-11-29 21:24 - 00000000 ____D () C:\Users\Andreas\Downloads\KeePass-1.20

2014-04-16 18:21 - 2009-10-01 03:22 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-04-16 18:19 - 2013-07-29 08:50 - 00000000 ____D () C:\Windows\system32\MRT

2014-04-16 18:11 - 2011-11-14 23:57 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-04-14 20:13 - 2014-04-23 23:09 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-04-14 20:05 - 2014-04-23 23:09 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-04-14 20:05 - 2014-04-23 23:09 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-04-14 20:04 - 2014-04-23 23:09 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-04-11 07:14 - 2011-12-19 22:33 - 00000000 ____D () C:\Program Files\StarMoney 8.0

2014-04-10 22:41 - 2014-04-09 07:53 - 00146904 _____ () C:\Users\TEST\AppData\Local\GDIPFONTCACHEV1.DAT

2014-04-09 07:55 - 2014-04-09 07:55 - 00000000 ____D () C:\Users\TEST\AppData\Local\Microsoft Corporation

2014-04-09 07:54 - 2014-04-09 07:54 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\ATI

2014-04-09 07:54 - 2014-04-09 07:54 - 00000000 ____D () C:\Users\TEST\AppData\Local\ATI

2014-04-09 07:52 - 2014-04-09 07:52 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Hewlett-Packard

2014-04-09 07:52 - 2014-04-09 07:52 - 00000000 ____D () C:\Users\TEST\AppData\Local\Hewlett-Packard

2014-04-09 07:51 - 2014-04-09 07:51 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Apple Computer

2014-04-09 07:51 - 2014-04-09 07:51 - 00000000 ____D () C:\Users\TEST\AppData\Local\PDFC

2014-04-09 07:50 - 2014-04-09 07:50 - 00001419 _____ () C:\Users\TEST\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-04-09 07:50 - 2014-04-09 07:50 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Salfeld

2014-04-09 07:50 - 2014-04-09 07:50 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Adobe

2014-04-09 07:50 - 2014-04-09 07:49 - 00000000 ____D () C:\Users\TEST

2014-04-09 07:50 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2014-04-09 07:50 - 2009-07-14 04:04 - 00000499 _____ () C:\Windows\win.ini

2014-04-09 07:49 - 2014-04-09 07:49 - 00000000 ____D () C:\Users\TEST\AppData\Roaming\Motorola

2014-04-04 13:18 - 2011-12-14 00:48 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\vlc

2014-04-03 09:51 - 2014-04-16 21:58 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-03 09:51 - 2014-04-16 21:58 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-03 09:50 - 2014-04-16 21:58 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-03-31 22:15 - 2014-01-19 15:34 - 00000000 ____D () C:\Users\Andreas\Desktop\MONA PHOTOS

2014-03-31 09:35 - 2011-09-12 10:25 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-03-30 23:06 - 2013-01-22 18:30 - 00001066 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk

2014-03-30 23:06 - 2013-01-22 18:30 - 00001054 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk

2014-03-28 00:25 - 2012-05-18 17:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-03-28 00:25 - 2011-11-15 09:46 - 00020428 _____ () C:\Windows\PFRO.log
 

Some content of TEMP:

====================

C:\Users\Andreas\AppData\Local\Temp\FileSystemView.dll

C:\Users\Andreas\AppData\Local\Temp\fox5325.exe

C:\Users\Andreas\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Andreas\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\Andreas\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Andreas\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Andreas\AppData\Local\Temp\nsb96F9.exe

C:\Users\Andreas\AppData\Local\Temp\nsbF218.exe

C:\Users\Andreas\AppData\Local\Temp\nsgE9FB.exe

C:\Users\Andreas\AppData\Local\Temp\nsrA119.exe

C:\Users\Andreas\AppData\Local\Temp\nst63AB.exe

C:\Users\Andreas\AppData\Local\Temp\nsw9B1F.exe

C:\Users\Andreas\AppData\Local\Temp\nswEE50.exe

C:\Users\Andreas\AppData\Local\Temp\proxy_util_w32.dll

C:\Users\Andreas\AppData\Local\Temp\setup{97E2961E-BFC3-4F89-8CD0-825CCBAC3110}.exe

C:\Users\Andreas\AppData\Local\Temp\SPSetup.exe

C:\Users\Andreas\AppData\Local\Temp\tbsTMP.exe

C:\Users\Andreas\AppData\Local\Temp\WEB.DE_Softwareaktualisierung_Setup.exe

C:\Users\Monika\AppData\Local\Temp\fqqsc5od.dll

C:\Users\Monika\AppData\Local\Temp\rt507gxw.dll

C:\Users\Mr.Backup\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Mr.Backup\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\TEST\AppData\Local\Temp\o6hw5iub.dll

C:\Users\TEST\AppData\Local\Temp\rmmwricn.dll
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-04-19 19:59
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

und

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-04-2014

Ran by Andreas at 2014-04-27 22:21:12

Running from C:\Users\Andreas\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

1.36 (HKLM\...\etope Lister_is1) (Version:  - Freshworx GmbH & Co.KG)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )

AbiWord 2.8.4 (HKLM\...\AbiWord2) (Version: 2.8.4 - AbiSource Developers)

ActivClient x86 (HKLM\...\{1BE8806A-84F8-4655-A381-0D5524430944}) (Version: 6.2 - ActivIdentity)

ActiveCheck component for HP Active Support Library (Version: 3.0.0.1 - Hewlett-Packard) Hidden

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)

Adobe AIR (Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

AM-DeadLink 4.6 (HKLM\...\aignesamdeadlink_is1) (Version: 4.6 - www.aignes.com)

Analog Clock (HKCU\...\Analog Clock) (Version:  - Opera widgets)

Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ATI Catalyst Install Manager (HKLM\...\{506C2F0A-2C04-BDA8-8B90-0A3DF65ED67E}) (Version: 3.0.732.0 - ATI Technologies, Inc.)

AudibleManager (HKLM\...\AudibleManager) (Version: 1995397856.48.56.3607922 - Audible, Inc.)

Auktionatrix - der schnelle Weg zu eBay (HKLM\...\{02E8DF80-DFB9-4C56-8CB9-AFA1CE97AF9C}) (Version: 4.11.10.0 - Z-Dev)

BayDesigner - Deinstallation (HKLM\...\BayDesigner_is1) (Version: 1.35 - Mathias Gerlach [aborange.de])

BayWatcher Pro - Deinstallation (HKLM\...\BayWatcher_is1) (Version: 8.05 - Mathias Gerlach & Jochen Milchsack [aborange.de])

Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.30.21.0 - Broadcom Corporation)

Canon iP4700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series) (Version:  - )

Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden

Catalyst Control Center Core Implementation (Version: 2009.0909.1747.30091 - ATI) Hidden

Catalyst Control Center Graphics Full Existing (Version: 2009.0909.1747.30091 - ATI) Hidden

Catalyst Control Center Graphics Full New (Version: 2009.0909.1747.30091 - ATI) Hidden

Catalyst Control Center Graphics Light (Version: 2009.0909.1747.30091 - ATI) Hidden

Catalyst Control Center InstallProxy (Version: 2009.0909.1747.30091 - ATI Technologies, Inc.) Hidden

Catalyst Control Center Localization All (Version: 2009.0909.1747.30091 - ATI) Hidden

CCC Help Chinese Standard (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Chinese Traditional (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Czech (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Danish (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Dutch (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help English (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Finnish (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help French (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help German (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Greek (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Hungarian (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Italian (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Japanese (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Korean (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Norwegian (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Polish (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Portuguese (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Russian (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Spanish (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Swedish (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Thai (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Turkish (Version: 2009.0909.1746.30091 - ATI) Hidden

ccc-core-static (Version: 2009.0909.1747.30091 - ATI) Hidden

ccc-utility (Version: 2009.0909.1747.30091 - ATI) Hidden

CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)

Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden

Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.1 - Hewlett-Packard)

DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden

Ditto (HKLM\...\Ditto_is1) (Version:  - Scott Brogden)

doPDF 7.2 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)

Drive Encryption (HKLM\...\{77ECDC11-EC6B-4027-AD94-60E839F256FB}) (Version: 5.0.1.2 - Hewlett-Packard)

Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)

eDocPrintPro (HKLM\...\eDocPrintPro) (Version:  - )

Elastic Soccer v1.0 (HKLM\...\{0FB9C428-F598-49FF-9C90-B1821FF90486}_is1) (Version:  - Nowstat.com)

EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version:  - SEIKO EPSON Corporation)

EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)

ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )

Evernote v. 5.1.2 (HKLM\...\{12FB6296-8840-11E3-86D7-00163E98E7D0}) (Version: 5.1.2.2387 - Evernote Corp.)

Exact Audio Copy 1.0beta3 (HKLM\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)

Faxdrucker (HKLM\...\{44FEE3D0-362E-4439-A976-51825DDAC61F}) (Version: 0.1 - simple-fax.de)

File Sanitizer For HP ProtectTools (HKLM\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.0.7 - Hewlett-Packard)

FileParade bundle uninstaller (HKLM\...\FileParade bundle uninstaller) (Version: 1.0.0.0 - FileParade) <==== ATTENTION

FileZilla Client 3.5.3 (HKLM\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)

Free Mp3 Wma Converter V 2.2 (HKLM\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)

FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)

FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )

German - with < > | (HKLM\...\{724D0DBA-3F2F-4AE2-B16C-DAAB7FCB7F49}) (Version: 1.0.3.40 - HP)

Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.76 - Google Inc.)

Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden

Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)

HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)

HP Advisor (HKLM\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.9212.3114 - Hewlett-Packard)

HP Common Access Service Library (HKLM\...\{AFCFBA3D-D2EB-4F44-A7F6-5384CE5090DA}) (Version: 3.0.31.1 - Hewlett-Packard)

HP Customer Experience Enhancements (HKLM\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard)

HP ESU for Microsoft Windows 7 (HKLM\...\{511376F5-7E5A-4EC9-B603-193B1D425BC3}) (Version: 1.0.1.1 - Hewlett-Packard)

HP Power Assistant (HKLM\...\{B07A6D31-EDE9-415A-9278-07400F7FCCD5}) (Version: 1.0.0.31 - Hewlett-Packard)

HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.00.516 - Hewlett-Packard)

HP ProtectTools Security Manager (Version: 5.00.516 - Hewlett-Packard) Hidden

HP QuickLook (HKLM\...\{6B11BCAC-CE60-418E-A0BD-F773EC1194E5}) (Version: 3.0.0.19 - Hewlett-Packard)

HP QuickWeb (HKLM\...\{7861911B-4270-498A-8F7A-FCF0570F4800}) (Version: 1.0.1.32 - DeviceVM, Inc.)

HP Setup (HKLM\...\{D0BFE65D-C320-4FC9-88D2-B9C32FB95DA0}) (Version: 1.2.3215.3078 - Hewlett-Packard)

HP Software Setup (HKLM\...\{C66A15C3-1435-49AA-9F20-F854E2E91A6C}) (Version: 6.0.1.7 - Hewlett-Packard)

HP Support Assistant (HKLM\...\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}) (Version: 4.1.11.3 - Hewlett-Packard)

HP User Guides 0142 (HKLM\...\{10A11115-4EFC-4E86-BFC1-D53A478556A1}) (Version: 1.01.0001 - Hewlett-Packard)

HP Wallpaper (HKLM\...\{F173C2B3-296F-458C-98FF-1676A42EBA02}) (Version: 1.0.1.11 - Hewlett-Packard)

HP Wireless Assistant (HKLM\...\{3E497776-1FCB-4921-91DC-D26E7F636B62}) (Version: 4.0.0.31 - Hewlett-Packard)

HPAsset component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden

iCopy (HKLM\...\iCopy) (Version: 1.6.0 - Matteo Rossi)

IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6229.0 - IDT)

Internet Updater (HKLM\...\InternetUpdater) (Version: 2.6.57 - Parallel Lines Development, LLC) <==== ATTENTION

Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)

Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java Card Security for HP ProtectTools (HKLM\...\{F4477CC0-7293-414A-93BC-20EE897A80F0}) (Version: 5.0.4.1 - Hewlett-Packard)

Java(TM) 6 Update 39 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.390 - Oracle)

KeePass Password Safe 1.27 (HKLM\...\KeePass Password Safe_is1) (Version: 1.27 - Dominik Reichl)

Kindersicherung 2012 (HKLM\...\Kindersicherung_is1) (Version:  - Salfeld Computer GmbH)

Kolab E5 Client 2012-07-31-07-47 (HKLM\...\Kolab E5 Client) (Version:  - )

L&H TTS3000 British English (HKLM\...\LHTTSENG) (Version:  - )

L&H TTS3000 Deutsch (HKLM\...\LHTTSGED) (Version:  - )

Lame ACM MP3 Codec (HKLM\...\LameACM) (Version:  - )

LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )

Lauge 3.0.4.beta (HKLM\...\Lauge_is1) (Version: 3.0.4.beta - Waldemar Derr)

Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )

LesefixPRO (HKLM\...\{00DDD9E0-E95F-4470-8767-26B76164A315}) (Version: 8.00 - Dr. Michael Schlesier)

LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)

LibreOffice 3.3 (HKLM\...\{1A97CF67-FEBB-436E-BD64-431FFEF72EB8}) (Version: 3.3.8 - LibreOffice)

LightScribe System Software (HKLM\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)

Linkman (HKLM\...\Linkman) (Version: 8.71 - Outertech)

LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)

Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)

McAfee Virus and Spyware Protection Service (HKLM\...\MVS) (Version: 4.9.2.335 - McAfee, Inc.)

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)

Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Access MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Outlook MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Russian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Bulgarian) 2007 (Version: 12.0.4518.1042 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Latvian) 2007 (Version: 12.0.4518.1045 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Lithuanian) 2007 (Version: 12.0.4518.1048 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Romanian) 2007 (Version: 12.0.4518.1039 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)

Microsoft Office Word MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft RichCopy 4.0 (HKLM\...\{86F4F32B-77C7-4951-B33C-05D41A8190C1}) (Version: 4.0.211 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Core Components (x86) ENU  (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Mindomo Desktop (HKLM\...\MindomoDesktop) (Version: 6.84 - Expert Software Applications Srl)

Mindomo Desktop (Version: 6.84 - Expert Software Applications Srl) Hidden

mobilant.de Client (HKLM\...\mobilant) (Version: 1.0 - F.J. Wechselberger)

Mobile Master (Version: 7.9.14 - Jumping Bytes) Hidden

Mobile Master 7.9.14 (HKLM\...\Mobile Master) (Version: 7.9.14 - Jumping Bytes)

MotoHelper 2.1.32 Driver 5.4.0 (HKLM\...\MotoHelper) (Version: 2.1.32 - Motorola)

MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden

Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden

MozBackup 1.5.1 (HKLM\...\MozBackup) (Version:  - Pavel Cvrcek)

Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)

Mozilla Thunderbird 24.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)

MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden

MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MuseScore 1.1 MuseScore score typesetter (HKLM\...\MuseScore) (Version: 1.1.0 - Werner Schweer and Others)

MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)

Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)

Nokia Maps 3D browser plugin for Internet Explorer (5.7.1.0) (HKCU\...\Nokia Maps 3D browser plugin for Internet Explorer) (Version: 5.7.1.0 - Nokia)

Open Last Closed Tab - Internet Explorer Extension (HKLM\...\OpenLastClosedTab) (Version: 4.1.0.0 - MuvEnum)

Opera 12.15 (HKLM\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)

PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)

PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.108 - PDF Complete, Inc)

PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.201.0 - Tracker Software Products Ltd)

PDF-XChange Lite 4 (HKLM\...\{B860298B-CE03-4DE2-B92E-422F2C20A2D8}_is1) (Version: 4.0.213.1 - Tracker Software Products Ltd)

Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Pre-Boot Security for HP ProtectTools (Version: 5.0.6.1 - Hewlett-Packard) Hidden

PreisHai 4.2 (HKLM\...\PreisHai_is1) (Version:  - Elmar Denkmann)

Privacy Manager for HP ProtectTools (HKLM\...\{2F77F045-8B4E-40B7-8130-56076F85C38E}) (Version: 5.00.712 - Hewlett-Packard)

PureSync (Version: 3.7.2 - Jumping Bytes) Hidden

PureSync 3.7.2 (HKLM\...\PureSync) (Version: 3.7.2 - Jumping Bytes)

QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)

RealSpeak Solo fur Deutsch - Steffi (HKLM\...\{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}) (Version: 4.00.0000 - ScanSoft)

RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )

RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.12.00.05 - RICOH)

Roxio Activation Module (Version: 1.0 - Roxio) Hidden

Roxio Creator Audio (Version: 3.8.0 - Roxio) Hidden

Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)

Roxio Creator Business v10 (Version: 3.8.0 - Roxio) Hidden

Roxio Creator Copy (Version: 3.8.0 - Roxio) Hidden

Roxio Creator Data (Version: 3.8.0 - Roxio) Hidden

Roxio Creator Tools (Version: 3.8.0 - Roxio) Hidden

Roxio Express Labeler 3 (Version: 3.2.2 - Roxio) Hidden

Roxio MyDVD (Version: 10.3.349 - Roxio) Hidden

Sandboxie 3.62 (32-bit) (HKLM\...\Sandboxie) (Version: 3.62 - SANDBOXIE L.T.D)

Seesu (HKCU\...\Seesu) (Version:  - Gleb Arestov)

Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM\...\{10ABE49D-343A-463E-9753-C4C5A05ECEF9}) (Version: 6.2.0 - Sibelius Software)

simple-fax.de Version 1 (HKLM\...\{7343767F-D225-4EB2-87B8-173451445F45}_is1) (Version: 1 - simple-fax.de)

Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden

SpeedCommander 11 (HKLM\...\SpeedCommander 11) (Version: 11 - SpeedProject)

SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )

StarMoney (Version: 2.0 - StarFinanz) Hidden

StarMoney (Version: 3.0.1.31 - StarFinanz) Hidden

StarMoney (Version: 4.0.1.51 - StarFinanz) Hidden

StarMoney 7.0  (HKLM\...\{3A116B91-77B5-463A-8B77-6FBDE5BAA661}) (Version: 7.0 - Star Finanz GmbH)

StarMoney 8.0  (HKLM\...\{6A75F8FA-3A8C-4A11-8628-43ADC5332BEF}) (Version: 8.0 - Star Finanz GmbH)

StarMoney 9.0  (HKLM\...\{CC4F180B-8D7D-44E1-A061-A1B6DDD653CC}) (Version: 9.0 - Star Finanz GmbH)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)

SyncBack (HKLM\...\SyncBack_is1) (Version:  - 2BrightSparks)

Synkron 1.6.2 (HKLM\...\Tomlein.Synkron_is1) (Version: 1.6.2 - Matúš Tomlein)

TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)

Theft Recovery (HKLM\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.15 - Hewlett-Packard)

Theft Recovery (Version: 5.1.0.15 - Hewlett-Packard) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0402-0000-0000000FF1CE}_PROHYBRIDR_{F8AE4EBB-CCF5-45FB-B527-E88B4DC37278}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{2CD437DF-B0CD-43D2-A344-07C9FAC961F4}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0426-0000-0000000FF1CE}_PROHYBRIDR_{64057C60-03F0-4E29-B2E2-DCB6A1886F33}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0427-0000-0000000FF1CE}_PROHYBRIDR_{CC873AD1-9842-4A46-AF2A-3ED0F3F1452C}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)

Updater (HKLM\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION

Visual C++ 8.0 x86 Runtime Setup Package (Version: 1.0.0.0 - McAfee Inc.) Hidden

VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)

WEB.DE Online-Speicher 1.3.1234.0 (HKCU\...\WEB.DE Application {sync-000021}) (Version: 1.3.1234.0 - 1&1 Mail & Media GmbH)

WEB.DE Softwareaktualisierung (HKLM\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.0.55 - 1&1 Mail & Media GmbH)

WEB.DE Toolbar für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 1.7.0.0 - 1&1 Mail & Media GmbH)

Websteroids (HKLM\...\Websteroids) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION

Windows 7 Default Setting (HKLM\...\{E70E6183-F6EC-45B4-AFA4-0C3C36D4B664}) (Version: 1.0.0.8 - Hewlett-Packard)

Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

Windows Live Call (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden

Windows Live Communications Platform (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)

Windows Live Essentials (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden

Windows Live Messenger (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden

Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)

Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

WinZip 12.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )

Wuala (HKCU\...\Wuala) (Version: 1.0.411.0 - LaCie)

Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)

Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)
 

==================== Restore Points  =========================
 

23-02-2014 18:00:14 Windows Backup

04-03-2014 14:52:21 Windows Backup

10-03-2014 14:30:50 Windows Backup
 

==================== Hosts content: ==========================
 

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {1C2D18F9-AA3F-4BCA-B98C-6BCA255BDB40} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003Core => C:\Users\tobias\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16] (Google Inc.)

Task: {2EE8AA8D-D206-4C3A-ABC4-3C81FDD16626} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003UA => C:\Users\tobias\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16] (Google Inc.)

Task: {31B6FAE7-F9FC-4B66-8F80-8F1FCB661B64} - System32\Tasks\MotoHelper Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()

Task: {45ADE483-6146-40DB-8021-6C3D5E21A998} - System32\Tasks\Registration 1und1 Task => C:\Program Files\1und1Softwareaktualisierung\cdsupdclient.exe [2013-06-18] (1&1 Mail & Media GmbH)

Task: {46FC6A6B-8F1A-4DB8-A041-32D5110D4F83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-20] (Google Inc.)

Task: {543143EE-FBFF-4BA8-BFF6-0C266FB6DD04} - System32\Tasks\MotoHelper MUM => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()

Task: {562032F5-CFB6-4273-BA02-BE7B85ED9FF9} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-10] (Hewlett-Packard)

Task: {5625CBF6-57FE-4D98-9CD1-BA4CD8A511ED} - System32\Tasks\OperaBookmarks => C:\Users\Andreas\Documents\Eigene Daten T30 -PC\PC\Backups\Operasave11.exe [2013-08-20] ()

Task: {592BC37C-F4D1-4579-A987-FBB5506CE04A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002UA => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-01] (Google Inc.)

Task: {6CEC5E53-6AB2-41FC-A3D5-B65C1CBF011F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)

Task: {6EBE3D25-1606-429C-A4C0-D06AF8E76A10} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002Core => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-01] (Google Inc.)

Task: {7333E2D8-2FEE-45CF-8664-50D5ED5BBBD7} - System32\Tasks\MotoHelper Routing => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()

Task: {74A3E3A2-C334-4AF1-8189-8684FAD401B5} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)

Task: {95A1B0B2-E0F7-42D9-B7C8-B91A7C275888} - System32\Tasks\Firesave => C:\Users\Andreas\Documents\Eigene Daten T30 -PC\PC\Backups\Firesave11.exe [2013-08-20] ()

Task: {B5361521-D7CF-4099-B24D-2F3D232EBEFF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {C01C8BE0-BD5C-44D8-97E3-70915D71CAA5} - System32\Tasks\{9813CE5C-8F35-4835-AC86-B55B5816A9BD} => Firefox.exe 

Task: {CE30372A-0F34-4A3E-904C-A2C0412D3A5E} - System32\Tasks\MotoHelper Initial Update => C:\Program Files\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()

Task: {E58361F0-3D6E-48F2-913E-E9337A15D1C0} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-10] (Hewlett-Packard)

Task: {EF570923-0D65-4B54-B77C-75D729D87533} - System32\Tasks\thundersave => C:\Users\Andreas\Documents\Eigene Daten T30 -PC\PC\Backups\Thundersave11.exe [2013-08-20] ()

Task: {F2E7D8D1-09FE-4DFC-8CE5-6BDCFD272684} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-20] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002Core.job => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002UA.job => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003Core.job => C:\Users\tobias\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003UA.job => C:\Users\tobias\AppData\Local\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2009-08-17 21:26 - 2009-08-17 21:26 - 00300600 _____ () C:\Windows\system32\flcdlmsg.dll

2012-01-08 15:41 - 2012-01-08 15:41 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll

2009-08-20 22:15 - 2009-08-20 22:15 - 00051768 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll

2009-08-20 22:15 - 2009-08-20 22:15 - 00051256 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll

2012-10-22 23:34 - 2012-01-03 20:00 - 01350144 _____ () C:\Program Files\Ditto\Ditto.exe

2012-10-22 23:34 - 2012-01-03 19:59 - 00008192 _____ () C:\Program Files\Ditto\focus.dll

2014-01-22 14:29 - 2014-01-22 14:29 - 00433664 _____ () C:\Program Files\Evernote\Evernote\libxml2.dll

2014-01-22 14:29 - 2014-01-22 14:29 - 00315392 _____ () C:\Program Files\Evernote\Evernote\libtidy.dll

2009-06-11 01:30 - 2009-06-11 01:30 - 00098304 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll

2010-10-13 22:23 - 2010-10-13 22:23 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2014-03-23 22:07 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

2014-03-13 21:54 - 2014-03-13 21:54 - 16276872 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

2014-03-21 15:47 - 2014-03-21 15:47 - 03018864 _____ () C:\Program Files\Mozilla Thunderbird\mozjs.dll

2014-03-21 15:47 - 2014-03-21 15:47 - 00158832 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAP32V60.dll

2014-03-21 15:47 - 2014-03-21 15:47 - 00023152 _____ () C:\Program Files\Mozilla Thunderbird\NSLDAPPR32V60.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\startupreg: Google Update => "C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe" /c

MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden

MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

MSCONFIG\startupreg: McAfee Managed Services Tray => C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe

MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
 

==================== Faulty Device Manager Devices =============
 

Name: avgtp

Description: avgtp

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: avgtp

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (04/27/2014 10:03:14 PM) (Source: Application Error) (User: )

Description: Faulting application name: updater.exe, version: 1.0.0.1, time stamp: 0x52b21c71

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00000000

Faulting process id: 0x1834

Faulting application start time: 0xupdater.exe0

Faulting application path: updater.exe1

Faulting module path: updater.exe2

Report Id: updater.exe3
 

Error: (04/27/2014 10:02:22 PM) (Source: Windows Backup) (User: )

Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 

Error: (04/27/2014 10:02:08 PM) (Source: Application Error) (User: )

Description: Faulting application name: ccsync.exe, version: 6.418.0.0, time stamp: 0x52677676

Faulting module name: ccsync.exe, version: 6.418.0.0, time stamp: 0x52677676

Exception code: 0xc0000005

Fault offset: 0x000061fe

Faulting process id: 0x2a08

Faulting application start time: 0xccsync.exe0

Faulting application path: ccsync.exe1

Faulting module path: ccsync.exe2

Report Id: ccsync.exe3
 

Error: (04/27/2014 10:02:08 PM) (Source: Application Error) (User: )

Description: Faulting application name: ccsync.exe, version: 6.418.0.0, time stamp: 0x52677676

Faulting module name: ccsync.exe, version: 6.418.0.0, time stamp: 0x52677676

Exception code: 0xc0000005

Fault offset: 0x000061fe

Faulting process id: 0x2064

Faulting application start time: 0xccsync.exe0

Faulting application path: ccsync.exe1

Faulting module path: ccsync.exe2

Report Id: ccsync.exe3
 

Error: (04/27/2014 09:47:16 AM) (Source: HP Advisor) (User: )

Description: Timestamp: 04.27.2014 09:47:16.032;

Category: FATAL;

Priority:(4);

Win32 Thread Id: [4088];

Message: Application::OnStartup() failed !!!, shutdown application... ;

EventId: 400;

Severity: Critical;

Machine: ANDREAS-PC;

Application Domain: HPAdvisor.exe;

Process Id: 7768;

Process Name: C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe;

Extended Properties:
 

Error: (04/20/2014 07:00:03 PM) (Source: Windows Backup) (User: )

Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 

Error: (04/19/2014 08:06:13 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.
 

Error: (04/16/2014 07:07:16 PM) (Source: Windows Backup) (User: )

Description: The backup did not complete because of an error writing to the backup location K:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 

Error: (04/10/2014 10:42:14 PM) (Source: HP Advisor) (User: )

Description: Timestamp: 04.10.2014 22:42:14.290;

Category: FATAL;

Priority:(4);

Win32 Thread Id: [9328];

Message: Application::OnStartup() failed !!!, shutdown application... ;

EventId: 400;

Severity: Critical;

Machine: ANDREAS-PC;

Application Domain: HPAdvisor.exe;

Process Id: 9324;

Process Name: C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe;

Extended Properties:
 

Error: (04/10/2014 08:29:54 AM) (Source: Application Error) (User: )

Description: Faulting application name: ccsync.exe, version: 6.418.0.0, time stamp: 0x52677676

Faulting module name: ccsync.exe, version: 6.418.0.0, time stamp: 0x52677676

Exception code: 0xc0000005

Fault offset: 0x000061fe

Faulting process id: 0x1a38

Faulting application start time: 0xccsync.exe0

Faulting application path: ccsync.exe1

Faulting module path: ccsync.exe2

Report Id: ccsync.exe3
 
 

System errors:

=============

Error: (04/27/2014 10:04:48 PM) (Source: atikmdag) (User: )

Description: Display is not active
 

Error: (04/27/2014 10:04:07 PM) (Source: atikmdag) (User: )

Description: Display is not active
 

Error: (04/27/2014 10:01:04 PM) (Source: DCOM) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 

Error: (04/27/2014 10:01:03 PM) (Source: atikmdag) (User: )

Description: Display is not active
 

Error: (04/27/2014 09:39:59 AM) (Source: atikmdag) (User: )

Description: Display is not active
 

Error: (04/27/2014 09:22:28 AM) (Source: atikmdag) (User: )

Description: Display is not active
 

Error: (04/26/2014 02:51:59 PM) (Source: Service Control Manager) (User: )

Description: The following boot-start or system-start driver(s) failed to load: 

avgtp
 

Error: (04/26/2014 02:51:33 PM) (Source: Service Control Manager) (User: )

Description: The vToolbarUpdater15.2.0 service failed to start due to the following error: 

%%2
 

Error: (04/26/2014 02:51:16 PM) (Source: Service Control Manager) (User: )

Description: The McAfee Virus and Spyware Protection Service service failed to start due to the following error: 

%%2
 

Error: (04/26/2014 02:50:53 PM) (Source: Service Control Manager) (User: )

Description: The UAC File Virtualization service failed to start due to the following error: 

%%2
 
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-04-27 09:57:17.215

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-04-27 09:48:29.737

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-04-27 09:39:59.454

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-04-24 11:15:45.181

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-04-24 11:02:17.822

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-04-23 22:14:33.679

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-04-23 22:03:49.521

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-04-23 21:23:05.977

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-04-23 21:11:12.577

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-04-16 22:31:41.415

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 69%

Total physical RAM: 2812.7 MB

Available physical RAM: 865.49 MB

Total Pagefile: 5623.7 MB

Available Pagefile: 2898.8 MB

Total Virtual: 2047.88 MB

Available Virtual: 1919.99 MB
 

==================== Drives ================================
 

Drive c: (WIN7_C) (Fixed) (Total:280.79 GB) (Free:130.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive e: (HP_TOOLS) (Fixed) (Total:2 GB) (Free:1.51 GB) FAT32

Drive g: () (Removable) (Total:3.72 GB) (Free:3.39 GB) FAT32
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 298 GB) (Disk ID: B8DEA2D4)

Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=281 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=15 GB) - (Type=83)

Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
 

========================================================

Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

und:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Professional x86

Ran by Andreas on 27.04.2014 at 23:18:24,54

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\f

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\tubesaver

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\s

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_free-mp3-wma-converter_RASAPI32

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_free-mp3-wma-converter_RASMANCS

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\Program Files\optimizer pro"

Successfully deleted: [Folder] "C:\Program Files\sweetpacks bundle uninstaller"

Successfully deleted: [Folder] "C:\Users\Andreas\documents\optimizer pro"
 
 
 

~~~ FireFox
 

Successfully deleted: [Folder] C:\Users\Andreas\AppData\Roaming\mozilla\firefox\profiles\xgqgx91o.default\extensions\support@websteroidsapp.com

Successfully deleted the following from C:\Users\Andreas\AppData\Roaming\mozilla\firefox\profiles\xgqgx91o.default\prefs.js
 

user_pref("avg.install.userHPSettings", "hxxps://isearch.avg.com/?cid={AA84BBDD-C5EB-42FB-9AE5-F26FF3EC83F4}&mid=ef0ba35e35954242925b6c8602ac96fb-42c36a3c1954536467068e2918f43

Emptied folder: C:\Users\Andreas\AppData\Roaming\mozilla\firefox\profiles\xgqgx91o.default\minidumps [69 files]
 
 
 

~~~ Chrome
 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ojcdnngpmbenohhjlickdajclhbcaada
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 27.04.2014 at 23:33:27,35

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hallo,
habe im TB gesucht und durch Zufall meinen eingenen Eintrag wieder gefunden...:wtf:

Problem besteht weiter und ich bin kurz davor, den Rechner komplett platt zu machen.

Alles versuchte half nichts.

Akuell:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-10-2014 01

Ran by Andreas (administrator) on ANDREAS-PC on 14-10-2014 16:23:19

Running from C:\Users\Andreas\Desktop

Loaded Profile: Andreas (Available profiles: Andreas & Monika & Mona & TEST)

Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe

(Salfeld Computer) C:\Windows\System32\cc32\webtmr.exe

(Salfeld Computer) C:\Windows\tray\wintmr.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe

(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe

(Updater) C:\ProgramData\Updater\updater.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

(SANDBOXIE L.T.D) C:\Users\Andreas\SYSTEMprogramme\SbieCtrl.exe

(Dominik Reichl) C:\Program Files\KeePass Password Safe\KeePass.exe

() C:\Program Files\Ditto\Ditto.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files\Evernote\Evernote\EvernoteClipper.exe

(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe

(WatchDog) C:\ProgramData\RHelpers\FirefoxHelper\FirefoxHelper.exe

(WatchDog) C:\ProgramData\RHelpers\IeHelper\IeHelper.exe

(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [PDF Complete] => C:\Program Files\PDF Complete\pdfsty.exe [563736 2009-06-18] (PDF Complete Inc)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1640504 2009-08-20] (Hewlett-Packard)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2010-06-04] (Synaptics Incorporated)

HKLM\...\Run: [MVS Splash] => C:\Program Files\McAfee\Managed VirusScan\Agent\Splash.exe

HKLM\...\Run: [acevents] => C:\Program Files\ActivIdentity\ActivClient\acevents.exe [153640 2009-06-04] (ActivIdentity)

HKLM\...\Run: [] => [X]

HKLM\...\Run: [accrdsub] => C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [400936 2009-06-04] (ActivIdentity)

HKLM\...\Run: [File Sanitizer] => c:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11258368 2009-07-15] (Hewlett-Packard)

HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-10] (Advanced Micro Devices, Inc.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [458844 2009-08-05] (IDT, Inc.)

HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)

HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)

HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)

HKLM\...\Run: [vProt] => "C:\Program Files\AVG Secure Search\vprot.exe"

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)

HKLM\...\Run: [ChicoSys] => C:\Windows\system32\cc32\webtmr.exe [6634624 2009-07-14] (Salfeld Computer)

HKLM\...\Run: [Updater] => C:\ProgramData\Updater\Updater.exe [486264 2013-12-19] (Updater)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKLM\...\runonceex: [ContentMerger] => c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-06-13] (Sonic Solutions)

HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,

Winlogon\Notify\DeviceNP: C:\Windows\system32\DeviceNP.dll (Hewlett-Packard Limited)

HKLM\...\Policies\Explorer: [NoFolderOptions] 0

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKLM\...\Policies\Explorer: [NoAutorun] 1

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [HPADVISOR] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-08-13] (Hewlett-Packard)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [SandboxieControl] => C:\Users\Andreas\SYSTEMprogramme\SbieCtrl.exe [442640 2011-11-23] (SANDBOXIE L.T.D)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [Google Update] => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-10-01] (Google Inc.)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [KeePass Password Safe] => C:\Program Files\KeePass Password Safe\KeePass.exe [2117632 2014-04-06] (Dominik Reichl)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [PC Suite Tray] => "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [Ditto] => C:\Program Files\Ditto\Ditto.exe [1350144 2012-01-03] ()

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [CCWinTray] => C:\Windows\tray\wintmr.exe [7099008 2009-07-14] (Salfeld Computer)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe [486264 2013-12-19] (Updater)

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\system: [DisableClock] 1

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\system: [DisableLockWorkstation] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\Explorer: [NoSaveSettings] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\Explorer: [NoFind] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\Policies\Explorer: [RestrictRun] 0

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\MountPoints2: {5b5d81a5-8e33-11e1-902b-0009dd5029c9} - D:\Install.exe

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\MountPoints2: {91848a7a-159c-11e2-934a-705ab697ae61} - D:\setup.exe -a

HKU\S-1-5-21-1624768357-4126066135-592724133-1002\...\MountPoints2: {a4f2663e-f5ae-11e2-963e-705ab697ae61} - G:\LGAutoRun.exe

HKU\S-1-5-18\...\Run: [CCWinTray] => C:\Windows\tray\wintmr.exe [7099008 2009-07-14] (Salfeld Computer)

Lsa: [Notification Packages] DPPassFilter scecli

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

Startup: C:\Users\Mona\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk

ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers: [0WualaOverlayIcon1] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)

ShellIconOverlayIdentifiers: [0WualaOverlayIcon2] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)

ShellIconOverlayIdentifiers: [0WualaOverlayIcon3] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)

ShellIconOverlayIdentifiers: [0WualaOverlayIcon4] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Wuala OverlayIcons\OverlayIcon.dll (LaCie AG)

ShellIconOverlayIdentifiers: [1EldosIconOverlay] -> {BBE889A1-1AE6-4482-912B-F2B77654EEDB} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)

ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie

SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 

SearchScopes: HKCU - DefaultScope {C6CA7969-6616-494A-B8C9-403353196BE3} URL = hxxp://ecosia.org/search?q={searchTerms}&addon=opsensearch-ie

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear

SearchScopes: HKCU - {742E88D5-9010-46AA-AC14-40BADE3E90B8} URL = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKCU - {91343ACB-EAA6-4986-A05A-36A9DE6932D8} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie

SearchScopes: HKCU - {997329D0-5E79-4A8B-878A-8713D269A659} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKCU - {C4BA47D3-A495-4814-8EE6-FE7C750E03B2} URL = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}

SearchScopes: HKCU - {C6CA7969-6616-494A-B8C9-403353196BE3} URL = hxxp://ecosia.org/search?q={searchTerms}&addon=opsensearch-ie

BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)

BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)

BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: OpenLastClosedTab.LastClosedTab -> {e15e75e9-a653-42a3-8d05-f2f7e309bdca} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File

Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File

Toolbar: HKLM - &Linkman - {5C9DCA26-CEC4-4280-A831-D622D4DBF113} - C:\Program Files\TOOLS\Linkman\LinkmanCom.dll (Outertech)

Toolbar: HKCU - No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab

Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)

Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)

Handler: myrm - {4D034FC3-013F-4b95-B544-44D49ABE3E76} - C:\Program Files\McAfee\Managed VirusScan\Agent\myRmProt4.9.2.335.dll (McAfee, Inc.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default

FF DefaultSearchEngine: Ecosia

FF SearchEngineOrder.1: Google

FF SelectedSearchEngine: Ecosia

FF Homepage: about:home

FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF NetworkProxy: "ftp", "185.49.15.25"

FF NetworkProxy: "ftp_port", 7808

FF NetworkProxy: "http", "185.49.15.25"

FF NetworkProxy: "http_port", 7808

FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"

FF NetworkProxy: "share_proxy_settings", true

FF NetworkProxy: "socks", "185.49.15.25"

FF NetworkProxy: "socks_port", 7808

FF NetworkProxy: "ssl", "185.49.15.25"

FF NetworkProxy: "ssl_port", 7808

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File

FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-XChange\PDF XChange Lite\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\PDF-XChange\PDF XChange Lite\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSibelius.dll ()

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll ()

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\11-suche.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\bidvoynet-de.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\duckduckgo-1.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\duckduckgo.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\google-video.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\idealode.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\mailcom-search.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\medikamentade.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\people-search.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\testberichtede.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\searchplugins\youtube-ssl.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\searchplugins\duckduckgo-de.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\searchplugins\duckduckgo-html.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\searchplugins\firefox-add-ons.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\searchplugins\idealode.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\searchplugins\metager.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\searchplugins\mp3-search.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\searchplugins\openstreetmap.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\searchplugins\privatelee-https.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\searchplugins\wot-scorecard.xml

FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\searchplugins\youtube.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: QuickFox Notes - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\amin.eft_bmnotes@gmail.com [2014-04-27]

FF Extension: bug682944 - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\bug682944@alice0775 [2012-05-18]

FF Extension: CLEO - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\CLEO@guid.customsoftwareconsult.com [2014-07-13]

FF Extension: Pocket - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\isreaditlater@ideashower.com [2014-07-04]

FF Extension: KeeFox - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\keefox@chris.tomlinson [2014-10-13]

FF Extension: Rain Alarm Extension - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\rain-alarm@mdiener.de [2014-03-25]

FF Extension: screen-reader-simulator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\screen-reader-simulator@gaiamobile.org [2014-09-04]

FF Extension: WEB.DE MailCheck - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\toolbar@web.de [2014-09-18]

FF Extension: AddThis - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{3e0e7d2a-070f-4a47-b019-91fe5385ba79} [2012-10-02]

FF Extension: FEBE - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2014-09-18]

FF Extension: WOT - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]

FF Extension: Snip It! Button for eBay - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{aab35b56-0206-4472-9993-9cb5c09bb722} [2012-09-30]

FF Extension: DownloadHelper - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-18]

FF Extension: Evernote Web Clipper - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2013-12-22]

FF Extension: billiger.de Sparberater - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\ciuvo-extension@billiger.de.xpi [2013-04-25]

FF Extension: Firebug - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\firebug@software.joehewitt.com.xpi [2013-12-28]

FF Extension: GutscheinDoktor Toolbar - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\FirefoxToolbar@gutscheindoktor.de.xpi [2014-10-13]

FF Extension: Email This! Bookmarklet Extension - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\gmailthis@lazyrussian.com.xpi [2011-09-13]

FF Extension: Trusted Shops Add-On für Firefox - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\jid1-PBNne26X1Kn6hQ@jetpack.xpi [2014-09-18]

FF Extension: DuckDuckGo Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2013-04-16]

FF Extension: Lazarus: Form Recovery - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\lazarus@interclue.com.xpi [2011-12-14]

FF Extension: People Lookup - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\mail@sayemislam.com.xpi [2012-01-30]

FF Extension: Clearly - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\readable@evernote.com.xpi [2013-05-29]

FF Extension: Save Session - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\savesession@noasobi.net.xpi [2011-11-25]

FF Extension: ScrapBook Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\scrapbookplus@addons.mozilla.org.xpi [2011-09-13]

FF Extension: 如意淘：同款比价，价格曲线，降价提醒 - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\shoppingassist@ookong.com.xpi [2012-03-12]

FF Extension: Stealthy - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\stealthyextension@gmail.com.xpi [2011-12-08]

FF Extension: WikiLook - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\wikilook@testpilot.xpi [2013-04-16]

FF Extension: YouTube to MP3 - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\youtube2mp3@mondayx.de.xpi [2011-10-17]

FF Extension: All-in-One Sidebar - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2011-09-12]

FF Extension: Session Manager - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2012-04-28]

FF Extension: Webutation - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2014-04-23]

FF Extension: FlashGot - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-02-19]

FF Extension: Unhide Passwords - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{2e17e2b2-b8d4-4a67-8d7b-fafa6cc9d1d0}.xpi [2011-12-14]

FF Extension: ebayitemdescriptionshowsellerloc - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{38fc2fbc-9500-46e7-8bc5-b128acd9e143}.xpi [2012-03-12]

FF Extension: Speed Dial - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2011-12-14]

FF Extension: OperaView - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{87f54a61-c9b3-4138-a38a-33c31770bb9e}.xpi [2011-09-12]

FF Extension: ImTranslator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2011-09-12]

FF Extension: Easy YouTube Video Downloader - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2011-10-17]

FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2014-02-25]

FF Extension: Adblock Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-09-12]

FF Extension: BetterPrivacy - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2012-03-12]

FF Extension: Tab Mix Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2011-11-25]

FF Extension: DownThemAll! - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\xgqgx91o.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-09-12]

FF Extension: CLEO - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\Extensions\CLEO@guid.customsoftwareconsult.com [2014-07-13]

FF Extension: FEBE - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\Extensions\{4BBDD651-70CF-4821-84F8-2B918CF89CA3} [2014-07-13]

FF Extension: Snip It! Button for eBay - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\Extensions\{aab35b56-0206-4472-9993-9cb5c09bb722} [2014-08-01]

FF Extension: Evernote Web Clipper - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-07-14]

FF Extension: Clearly - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\Extensions\readable@evernote.com.xpi [2014-07-14]

FF Extension: No Name - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-08-01]

FF Extension: Integrated Inbox for Gmail &amp; Google Apps - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\Extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460}.xpi [2014-07-14]

FF Extension: No Name - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\wy9a448b.REPAIR\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2014-07-13]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]

FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-12-20]

FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt

FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1

FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013-02-20]

FF HKLM\...\Thunderbird\Extensions: [{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}] - C:\Program Files\Mobile Master\ext\1

FF Extension: Mobile Master Add-In - C:\Program Files\Mobile Master\ext\1 [2012-03-06]

FF HKCU\...\Firefox\Extensions: [{576c7366-d9f6-439a-a42d-06940409e125}] - C:\Program Files\TubeSaver\130.xpi

FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 

Chrome: 

=======

CHR Profile: C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Angry Birds) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-03]

CHR Extension: (Poper Blocker) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2013-08-23]

CHR Extension: (Hotah) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnjgpdehkocfilimigpgedggkneaacc [2014-01-31]

CHR Extension: (Strict Workflow) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd [2013-08-23]

CHR Extension: (Google Calendar) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-01-03]

CHR Extension: (Polycraft) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopfmbpfhhfnklgmjpoehcjaajhpbhbl [2014-01-31]

CHR Extension: (Planetarium) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2014-01-03]

CHR Extension: (Google Calendar (by Google)) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2014-02-25]

CHR Extension: (Air Hockey) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojagedhadegobocpaokaifiacjiolph [2013-08-20]

CHR Extension: (Timer) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhclmngbkkejbdfjmicnkmoggfpehein [2014-01-03]

CHR Extension: (The Old Reader) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhdpibondcndkgpoobpnndbbelpidhpk [2014-01-03]

CHR Extension: (Murder Files) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijfecbiladpinddbjfodaaiahggomhaf [2014-01-31]

CHR Extension: (Google Tasks Offline (Unofficial)) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jekhpicinnaamcmadbipjejafgkjdokh [2014-01-03]

CHR Extension: (Cut the Rope) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfbadlndcminbkfojhlimnkgaackjmdo [2014-01-03]

CHR Extension: (Any.do Extension) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2013-08-23]

CHR Extension: (Evernote Web) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2013-08-28]

CHR Extension: (Pocket) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2014-01-03]

CHR Extension: (Google Wallet) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-26]

CHR Extension: (Any.do) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2014-01-24]

CHR Extension: (Bubble Santa) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbokbbbgkgifjmmbokbdiimcffphbgha [2014-01-03]

CHR Extension: (Accurate Ruler) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemefhlbiinkcopbapnfghcnjhlgceof [2014-01-03]

CHR Extension: (SpeakIt!) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2014-01-03]

CHR Extension: (Evernote Web Clipper) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2013-08-28]

CHR Extension: (Calculator) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppilpeehmlhboiknckikefgpdkpnhkgc [2014-01-24]

CHR Profile: C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (Angry Birds) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-01-03]

CHR Extension: (Google Docs) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-03]

CHR Extension: (Google Drive) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-03]

CHR Extension: (Poper Blocker) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2014-02-05]

CHR Extension: (YouTube) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-03]

CHR Extension: (Adblock Plus) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-31]

CHR Extension: (Hotah) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfnjgpdehkocfilimigpgedggkneaacc [2014-02-05]

CHR Extension: (Strict Workflow) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd [2014-01-03]

CHR Extension: (Google-Suche) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-03]

CHR Extension: (Google Kalender) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-01-03]

CHR Extension: (Polycraft) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eopfmbpfhhfnklgmjpoehcjaajhpbhbl [2014-02-05]

CHR Extension: (Planetarium) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2014-01-03]

CHR Extension: (Google Kalender (von Google)) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2014-02-25]

CHR Extension: (Timer) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hhclmngbkkejbdfjmicnkmoggfpehein [2014-01-03]

CHR Extension: (The Old Reader) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hhdpibondcndkgpoobpnndbbelpidhpk [2014-01-03]

CHR Extension: (Websteroids) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb [2014-05-04]

CHR Extension: (Murder Files) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ijfecbiladpinddbjfodaaiahggomhaf [2014-02-05]

CHR Extension: (Google Tasks Offline (Unofficial)) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jekhpicinnaamcmadbipjejafgkjdokh [2014-01-03]

CHR Extension: (Button Snip Dies! für eBay) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jhaoojkpcgaobmnnphdpdokcgdiibblh [2014-08-31]

CHR Extension: (Any.do Extension) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2014-01-03]

CHR Extension: (Evernote Web) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-01-03]

CHR Extension: (Pocket) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2014-01-03]

CHR Extension: (Google Wallet) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-03]

CHR Extension: (Any.do) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2014-02-05]

CHR Extension: (Lineal zum Messen) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pemefhlbiinkcopbapnfghcnjhlgceof [2014-01-03]

CHR Extension: (SpeakIt!) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pgeolalilifpodheeocdmbhehgnkkbak [2014-01-03]

CHR Extension: (Evernote Web Clipper) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-01-03]

CHR Extension: (Google Mail) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-03]

CHR Extension: (Calculator - Rechner) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ppilpeehmlhboiknckikefgpdkpnhkgc [2014-02-05]

CHR HKLM\...\Chrome\Extension: [igjjkeeamkpihpncmmbgdkhdnjpcfmfb] - C:\ProgramData\Websteroids\Chrome\common.crx [2014-05-04]

CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.2.0.5\avg.crx [2014-05-04]

CHR StartMenuInternet: Google Chrome - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

========================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-04] (ActivIdentity)

R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [14336 2009-07-27] (LSI Corporation)

R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [303184 2009-09-03] (DigitalPersona, Inc.)

R2 EngineServer; C:\Program Files\McAfee\Managed VirusScan\VScan\EngineServer.exe [14144 2009-06-03] (McAfee, Inc.)

S3 FLCDLOCK; c:\Windows\system32\flcdlock.exe [362040 2009-08-17] (Hewlett-Packard Ltd)

S3 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-10] (Hewlett-Packard) [File not signed]

R2 HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [95800 2009-08-20] (Hewlett-Packard)

S3 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-08-26] (Hewlett-Packard Development Company, L.P) [File not signed]

R2 HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [96312 2009-08-20] (Hewlett-Packard)

R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [277024 2009-08-13] (McAfee, Inc.)

R2 HPFSService; c:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [293376 2009-07-15] (Hewlett-Packard) [File not signed]

S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]

R2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [45568 2014-01-15] (Parallel Lines Development, LLC) [File not signed]

S2 ksupmgr; C:\Windows\system32\ksupmgr.exe [765592 2010-08-25] (Salfeld Computer)

R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)

R2 McShield; C:\Program Files\McAfee\Managed VirusScan\VScan\McShield.exe [144704 2009-06-03] (McAfee, Inc.)

R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2009-06-18] (PDF Complete Inc)

R2 SbieSvc; C:\Users\Andreas\SYSTEMprogramme\SbieSvc.exe [72976 2011-11-23] (SANDBOXIE L.T.D)

R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_0879317fde6173f1\STacSV.exe [221266 2009-08-05] (IDT, Inc.)

R2 StarMoney 7.0 OnlineUpdate; C:\Program Files\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe [554160 2011-11-08] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

R2 StarMoney 8.0 OnlineUpdate; C:\Program Files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)

R2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)

S2 myAgtSvc; "C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe" /ServiceStart [X]

S2 vToolbarUpdater15.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2013-04-18] (Google Inc)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2013-04-18] (LG Electronics Inc.)

S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2013-06-28] (LG Electronics Inc.)

S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis.sys [74240 2013-04-23] (LG Electronics Inc.)

S1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [37664 2013-05-22] (AVG Technologies) [File not signed]

S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)

R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [299024 2012-04-09] (EldoS Corporation)

S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv.sys [32312 2009-08-17] (Hewlett-Packard Development Company L.P.)

R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]

R3 MfeAVFK; C:\Windows\System32\drivers\MfeAVFK.sys [79816 2009-05-16] (McAfee, Inc.)

R3 MfeBOPK; C:\Windows\System32\drivers\MfeBOPK.sys [35272 2009-05-16] (McAfee, Inc.)

R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [214024 2009-05-16] (McAfee, Inc.)

S3 MfeRKDK; C:\Windows\System32\drivers\MfeRKDK.sys [34248 2009-05-16] (McAfee, Inc.)

R1 mfetdik; C:\Windows\System32\drivers\mfetdik.sys [55336 2009-05-16] (McAfee, Inc.)

R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [48128 2009-09-05] (REDC)

R2 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)

R1 RsvLock; C:\Windows\system32\Drivers\RsvLock.sys [40016 2009-08-13] (McAfee, Inc.)

R0 SafeBoot; C:\Windows\system32\Drivers\SafeBoot.sys [110448 2009-08-13] () [File not signed]

R0 SbAlg; C:\Windows\system32\Drivers\SbAlg.sys [51728 2009-08-13] (McAfee, Inc.)

R0 SbFsLock; C:\Windows\system32\Drivers\SbFsLock.sys [13184 2009-08-13] (McAfee, Inc.)

R3 SbieDrv; C:\Users\Andreas\SYSTEMprogramme\SbieDrv.sys [131856 2011-11-23] (SANDBOXIE L.T.D)

R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
 

==================== NetSvcs (Whitelisted) ===================
 
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-10-14 16:23 - 2014-10-14 16:25 - 00045254 _____ () C:\Users\Andreas\Desktop\FRST.txt

2014-10-14 16:21 - 2014-10-14 16:21 - 01101824 _____ (Farbar) C:\Users\Andreas\Desktop\FRST.exe

2014-10-14 15:48 - 2014-10-14 13:43 - 01705698 _____ (Thisisu) C:\Users\Andreas\Desktop\JRT_NEW.exe

2014-10-14 15:15 - 2014-10-14 15:15 - 00000960 _____ () C:\Users\Andreas\Desktop\remove.txt

2014-10-14 14:16 - 2014-10-14 14:16 - 00263762 _____ () C:\Windows\msxml4-KB2758694-enu.LOG

2014-10-13 17:36 - 2014-10-13 17:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf

2014-10-13 07:06 - 2014-10-14 16:11 - 00004445 _____ () C:\Windows\system32\cchservice.err

2014-09-24 13:31 - 2014-09-24 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote

2014-09-24 13:30 - 2014-09-24 13:30 - 00000000 ____D () C:\Program Files\Evernote

2014-09-17 21:22 - 2014-09-17 21:23 - 00000914 _____ () C:\Users\Andreas\Desktop\My Documents.lnk

2014-09-17 21:22 - 2014-09-17 21:22 - 00001260 _____ () C:\Users\Andreas\Desktop\PC.lnk

2014-09-15 09:50 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-09-15 09:50 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-09-15 09:50 - 2014-08-18 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-09-15 09:50 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-09-15 09:50 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-09-15 09:50 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-09-15 09:50 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-09-15 09:50 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-09-15 09:50 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-09-15 09:50 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-09-15 09:50 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-09-15 09:50 - 2014-08-18 23:36 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-09-15 09:50 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-09-15 09:50 - 2014-08-18 23:30 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-09-15 09:50 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-09-15 09:50 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-09-15 09:50 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-09-15 09:50 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-09-15 09:50 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-09-15 09:50 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-09-15 09:50 - 2014-08-18 23:08 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-09-15 09:50 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-09-15 09:50 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-09-15 09:49 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-09-15 09:49 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-09-15 09:49 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-09-15 09:49 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-09-15 09:49 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-09-15 09:49 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-09-15 09:49 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2014-10-14 16:23 - 2014-04-23 21:23 - 00000000 ____D () C:\FRST

2014-10-14 16:19 - 2009-07-14 06:34 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-10-14 16:19 - 2009-07-14 06:34 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-10-14 16:18 - 2009-10-01 03:18 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-10-14 16:16 - 2012-10-22 23:35 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Ditto

2014-10-14 16:16 - 2012-04-15 19:34 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-10-14 16:15 - 2012-04-11 08:21 - 00000056 _____ () C:\Windows\system32\excltmp~.dat

2014-10-14 16:15 - 2010-10-13 22:23 - 01974571 _____ () C:\Windows\WindowsUpdate.log

2014-10-14 16:14 - 2012-01-20 18:35 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-10-14 16:11 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-10-14 16:11 - 2009-07-14 06:39 - 00424878 _____ () C:\Windows\setupact.log

2014-10-14 15:44 - 2012-01-20 18:35 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-10-14 15:28 - 2011-11-16 03:47 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003UA.job

2014-10-14 15:08 - 2011-10-01 03:35 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002UA.job

2014-10-14 14:31 - 2013-08-25 23:02 - 00000000 ____D () C:\Windows\system32\wdrv

2014-10-14 14:31 - 2011-10-01 13:52 - 00000261 _____ () C:\NET.INI

2014-10-14 14:31 - 2011-10-01 13:52 - 00000000 ___HD () C:\Program Files\Common Files\System Shared

2014-10-13 22:43 - 2011-11-29 21:13 - 00004846 _____ () C:\Windows\Sandboxie.ini

2014-10-13 22:08 - 2011-10-01 03:35 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002Core.job

2014-10-13 16:28 - 2011-11-16 03:47 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003Core.job

2014-10-13 15:38 - 2012-12-21 08:19 - 00000000 ____D () C:\Program Files\Motorola

2014-10-13 15:33 - 2011-09-26 20:59 - 00000000 ____D () C:\Program Files\MSXML 4.0

2014-10-13 15:29 - 2009-10-01 03:13 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

2014-10-13 09:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles

2014-10-13 09:13 - 2012-12-21 08:51 - 00000000 ____D () C:\Temp

2014-10-13 07:06 - 2013-09-17 18:54 - 00000000 ____D () C:\Program Files\StarMoney 9.0

2014-10-13 07:06 - 2013-02-14 13:28 - 00000000 ___HD () C:\ProgramData\Device

2014-10-09 10:42 - 2013-02-13 13:50 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-09-30 22:15 - 2012-09-08 17:37 - 00158652 _____ () C:\Users\Andreas\Desktop\Database2012-09.kdb.kdb

2014-09-27 09:10 - 2013-01-22 18:30 - 00001066 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk

2014-09-27 09:10 - 2013-01-22 18:30 - 00001054 _____ () C:\Users\Public\Desktop\TeamViewer 8.lnk

2014-09-24 15:16 - 2012-04-15 19:34 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-09-24 15:16 - 2011-10-01 03:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-09-23 12:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache

2014-09-17 21:27 - 2013-02-20 01:29 - 00000000 ____D () C:\Users\Andreas\Desktop\BACKUP Saver

2014-09-15 10:20 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-09-15 09:52 - 2009-10-01 03:22 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-09-15 09:49 - 2013-07-29 08:50 - 00000000 ____D () C:\Windows\system32\MRT

2014-09-15 09:06 - 2011-09-12 10:25 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-09-15 08:53 - 2011-11-14 23:57 - 98758480 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 

Some content of TEMP:

====================

C:\Users\Andreas\AppData\Local\Temp\proxy_util_w32.dll

C:\Users\Andreas\AppData\Local\Temp\setup{A5AA80DC-A9D4-4792-BF4A-DFDDD5824B73}.exe

C:\Users\Andreas\AppData\Local\Temp\setup{ABBCEE9C-C215-428A-9CAF-74DFD0612D02}.exe

C:\Users\Monika\AppData\Local\Temp\fqqsc5od.dll

C:\Users\Monika\AppData\Local\Temp\rt507gxw.dll

C:\Users\Mr.Backup\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Mr.Backup\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\TEST\AppData\Local\Temp\o6hw5iub.dll

C:\Users\TEST\AppData\Local\Temp\rmmwricn.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-10-10 09:41
 

==================== End Of Log ============================

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-10-2014 01

Ran by Andreas at 2014-10-14 16:26:15

Running from C:\Users\Andreas\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

1.36 (HKLM\...\etope Lister_is1) (Version:  - Freshworx GmbH & Co.KG)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )

AbiWord 2.8.4 (HKLM\...\AbiWord2) (Version: 2.8.4 - AbiSource Developers)

ActivClient x86 (HKLM\...\{1BE8806A-84F8-4655-A381-0D5524430944}) (Version: 6.2 - ActivIdentity)

ActiveCheck component for HP Active Support Library (Version: 3.0.0.1 - Hewlett-Packard) Hidden

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)

Adobe AIR (Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)

AM-DeadLink 4.6 (HKLM\...\aignesamdeadlink_is1) (Version: 4.6 - www.aignes.com)

Analog Clock (HKCU\...\Analog Clock) (Version:  - Opera widgets)

Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ATI Catalyst Install Manager (HKLM\...\{506C2F0A-2C04-BDA8-8B90-0A3DF65ED67E}) (Version: 3.0.732.0 - ATI Technologies, Inc.)

AudibleManager (HKLM\...\AudibleManager) (Version: 1995397856.48.56.3607922 - Audible, Inc.)

Auktionatrix - der schnelle Weg zu eBay (HKLM\...\{02E8DF80-DFB9-4C56-8CB9-AFA1CE97AF9C}) (Version: 4.11.10.0 - Z-Dev)

BackRex Internet Explorer Backup (HKLM\...\BackRex Internet Explorer Backup) (Version: 2.8 - BackRex Software)

BayDesigner - Deinstallation (HKLM\...\BayDesigner_is1) (Version: 1.35 - Mathias Gerlach [aborange.de])

BayWatcher Pro - Deinstallation (HKLM\...\BayWatcher_is1) (Version: 8.05 - Mathias Gerlach & Jochen Milchsack [aborange.de])

Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.30.21.0 - Broadcom Corporation)

Canon iP4700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series) (Version:  - )

Cartoonist 1.3 (HKLM\...\Cartoonist_is1) (Version:  - )

Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden

Catalyst Control Center Core Implementation (Version: 2009.0909.1747.30091 - ATI) Hidden

Catalyst Control Center Graphics Full Existing (Version: 2009.0909.1747.30091 - ATI) Hidden

Catalyst Control Center Graphics Full New (Version: 2009.0909.1747.30091 - ATI) Hidden

Catalyst Control Center Graphics Light (Version: 2009.0909.1747.30091 - ATI) Hidden

Catalyst Control Center InstallProxy (Version: 2009.0909.1747.30091 - ATI Technologies, Inc.) Hidden

Catalyst Control Center Localization All (Version: 2009.0909.1747.30091 - ATI) Hidden

CCC Help Chinese Standard (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Chinese Traditional (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Czech (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Danish (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Dutch (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help English (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Finnish (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help French (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help German (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Greek (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Hungarian (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Italian (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Japanese (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Korean (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Norwegian (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Polish (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Portuguese (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Russian (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Spanish (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Swedish (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Thai (Version: 2009.0909.1746.30091 - ATI) Hidden

CCC Help Turkish (Version: 2009.0909.1746.30091 - ATI) Hidden

ccc-core-static (Version: 2009.0909.1747.30091 - ATI) Hidden

ccc-utility (Version: 2009.0909.1747.30091 - ATI) Hidden

CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)

Choice Guard (Version: 1.2.87.0 - Microsoft Corporation) Hidden

Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.1 - Hewlett-Packard)

DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden

Ditto (HKLM\...\Ditto_is1) (Version:  - Scott Brogden)

doPDF 7.2 printer (HKLM\...\doPDF 7 printer_is1) (Version:  - Softland)

Drive Encryption (HKLM\...\{77ECDC11-EC6B-4027-AD94-60E839F256FB}) (Version: 5.0.1.2 - Hewlett-Packard)

Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)

eDocPrintPro (HKLM\...\eDocPrintPro) (Version:  - )

Elastic Soccer v1.0 (HKLM\...\{0FB9C428-F598-49FF-9C90-B1821FF90486}_is1) (Version:  - Nowstat.com)

EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version:  - SEIKO EPSON Corporation)

EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)

ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )

Evernote v. 5.6.4 (HKLM\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)

Exact Audio Copy 1.0beta3 (HKLM\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)

Faxdrucker (HKLM\...\{44FEE3D0-362E-4439-A976-51825DDAC61F}) (Version: 0.1 - simple-fax.de)

File Sanitizer For HP ProtectTools (HKLM\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.0.7 - Hewlett-Packard)

FileParade bundle uninstaller (HKLM\...\FileParade bundle uninstaller) (Version: 1.0.0.0 - FileParade) <==== ATTENTION

FileZilla Client 3.5.3 (HKLM\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)

Free Mp3 Wma Converter V 2.2 (HKLM\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)

FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)

FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )

German - with < > | (HKLM\...\{724D0DBA-3F2F-4AE2-B16C-DAAB7FCB7F49}) (Version: 1.0.3.40 - HP)

Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.76 - Google Inc.)

Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden

Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)

HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)

HP Advisor (HKLM\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.9212.3114 - Hewlett-Packard)

HP Common Access Service Library (HKLM\...\{AFCFBA3D-D2EB-4F44-A7F6-5384CE5090DA}) (Version: 3.0.31.1 - Hewlett-Packard)

HP Customer Experience Enhancements (HKLM\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard)

HP ESU for Microsoft Windows 7 (HKLM\...\{511376F5-7E5A-4EC9-B603-193B1D425BC3}) (Version: 1.0.1.1 - Hewlett-Packard)

HP Power Assistant (HKLM\...\{B07A6D31-EDE9-415A-9278-07400F7FCCD5}) (Version: 1.0.0.31 - Hewlett-Packard)

HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.00.516 - Hewlett-Packard)

HP ProtectTools Security Manager (Version: 5.00.516 - Hewlett-Packard) Hidden

HP QuickLook (HKLM\...\{6B11BCAC-CE60-418E-A0BD-F773EC1194E5}) (Version: 3.0.0.19 - Hewlett-Packard)

HP QuickWeb (HKLM\...\{7861911B-4270-498A-8F7A-FCF0570F4800}) (Version: 1.0.1.32 - DeviceVM, Inc.)

HP Setup (HKLM\...\{D0BFE65D-C320-4FC9-88D2-B9C32FB95DA0}) (Version: 1.2.3215.3078 - Hewlett-Packard)

HP Software Setup (HKLM\...\{C66A15C3-1435-49AA-9F20-F854E2E91A6C}) (Version: 6.0.1.7 - Hewlett-Packard)

HP Support Assistant (HKLM\...\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}) (Version: 4.1.11.3 - Hewlett-Packard)

HP User Guides 0142 (HKLM\...\{10A11115-4EFC-4E86-BFC1-D53A478556A1}) (Version: 1.01.0001 - Hewlett-Packard)

HP Wallpaper (HKLM\...\{F173C2B3-296F-458C-98FF-1676A42EBA02}) (Version: 1.0.1.11 - Hewlett-Packard)

HP Wireless Assistant (HKLM\...\{3E497776-1FCB-4921-91DC-D26E7F636B62}) (Version: 4.0.0.31 - Hewlett-Packard)

HPAsset component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden

iCopy (HKLM\...\iCopy) (Version: 1.6.0 - Matteo Rossi)

IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6229.0 - IDT)

Internet Updater (HKLM\...\InternetUpdater) (Version: 2.6.57 - Parallel Lines Development, LLC) <==== ATTENTION

Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)

Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden

Java Card Security for HP ProtectTools (HKLM\...\{F4477CC0-7293-414A-93BC-20EE897A80F0}) (Version: 5.0.4.1 - Hewlett-Packard)

Java(TM) 6 Update 39 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.390 - Oracle)

KeePass Password Safe 1.27 (HKLM\...\KeePass Password Safe_is1) (Version: 1.27 - Dominik Reichl)

Kindersicherung 2012 (HKLM\...\Kindersicherung_is1) (Version:  - Salfeld Computer GmbH)

Kolab E5 Client 2012-07-31-07-47 (HKLM\...\Kolab E5 Client) (Version:  - )

L&H TTS3000 British English (HKLM\...\LHTTSENG) (Version:  - )

L&H TTS3000 Deutsch (HKLM\...\LHTTSGED) (Version:  - )

Lame ACM MP3 Codec (HKLM\...\LameACM) (Version:  - )

LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )

Lauge 3.0.4.beta (HKLM\...\Lauge_is1) (Version: 3.0.4.beta - Waldemar Derr)

Lernout & Hauspie TruVoice American English TTS Engine (HKLM\...\tv_enua) (Version:  - )

LesefixPRO (HKLM\...\{00DDD9E0-E95F-4470-8767-26B76164A315}) (Version: 8.00 - Dr. Michael Schlesier)

LG United Mobile Driver (HKLM\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)

LibreOffice 3.3 (HKLM\...\{1A97CF67-FEBB-436E-BD64-431FFEF72EB8}) (Version: 3.3.8 - LibreOffice)

LightScribe System Software (HKLM\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)

Linkman (HKLM\...\Linkman) (Version: 8.71 - Outertech)

LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)

Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)

McAfee Virus and Spyware Protection Service (HKLM\...\MVS) (Version: 4.9.2.335 - McAfee, Inc.)

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)

Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Access MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Outlook MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Hybrid 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Polish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Russian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Bulgarian) 2007 (Version: 12.0.4518.1042 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Latvian) 2007 (Version: 12.0.4518.1045 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Lithuanian) 2007 (Version: 12.0.4518.1048 - Microsoft Corporation) Hidden

Microsoft Office Proofing (Romanian) 2007 (Version: 12.0.4518.1039 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)

Microsoft Office Word MUI (Bulgarian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (Latvian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (Lithuanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (Romanian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft RichCopy 4.0 (HKLM\...\{86F4F32B-77C7-4951-B33C-05D41A8190C1}) (Version: 4.0.211 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Core Components (x86) ENU  (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Mindomo Desktop (HKLM\...\MindomoDesktop) (Version: 6.84 - Expert Software Applications Srl)

Mindomo Desktop (Version: 6.84 - Expert Software Applications Srl) Hidden

mobilant.de Client (HKLM\...\mobilant) (Version: 1.0 - F.J. Wechselberger)

Mobile Master (Version: 7.9.14 - Jumping Bytes) Hidden

Mobile Master 7.9.14 (HKLM\...\Mobile Master) (Version: 7.9.14 - Jumping Bytes)

MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden

Motorola Device Manager (HKLM\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)

Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{A55747C1-4651-433D-B082-478874FF7516}) (Version: 6.3.0 - Motorola Mobility LLC)

MozBackup 1.5.1 (HKLM\...\MozBackup) (Version:  - Pavel Cvrcek)

Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)

Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)

MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden

MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MuseScore 1.1 MuseScore score typesetter (HKLM\...\MuseScore) (Version: 1.1.0 - Werner Schweer and Others)

MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)

Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)

Nokia Maps 3D browser plugin for Internet Explorer (5.7.1.0) (HKCU\...\Nokia Maps 3D browser plugin for Internet Explorer) (Version: 5.7.1.0 - Nokia)

Open Last Closed Tab - Internet Explorer Extension (HKLM\...\OpenLastClosedTab) (Version: 4.1.0.0 - MuvEnum)

Opera 12.15 (HKLM\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)

PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)

PDF Complete Special Edition (HKLM\...\PDF Complete) (Version: 3.5.108 - PDF Complete, Inc)

PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.201.0 - Tracker Software Products Ltd)

PDF-XChange Lite 4 (HKLM\...\{B860298B-CE03-4DE2-B92E-422F2C20A2D8}_is1) (Version: 4.0.213.1 - Tracker Software Products Ltd)

PhotoScape (HKLM\...\PhotoScape) (Version:  - )

Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Pre-Boot Security for HP ProtectTools (Version: 5.0.6.1 - Hewlett-Packard) Hidden

PreisHai 4.2 (HKLM\...\PreisHai_is1) (Version:  - Elmar Denkmann)

Privacy Manager for HP ProtectTools (HKLM\...\{2F77F045-8B4E-40B7-8130-56076F85C38E}) (Version: 5.00.712 - Hewlett-Packard)

PureSync (Version: 3.7.2 - Jumping Bytes) Hidden

PureSync 3.7.2 (HKLM\...\PureSync) (Version: 3.7.2 - Jumping Bytes)

QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)

RealSpeak Solo fur Deutsch - Steffi (HKLM\...\{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}) (Version: 4.00.0000 - ScanSoft)

RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )

RICOH Media Driver (HKLM\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.12.00.05 - RICOH)

Roxio Activation Module (Version: 1.0 - Roxio) Hidden

Roxio Creator Audio (Version: 3.8.0 - Roxio) Hidden

Roxio Creator Business (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)

Roxio Creator Business v10 (Version: 3.8.0 - Roxio) Hidden

Roxio Creator Copy (Version: 3.8.0 - Roxio) Hidden

Roxio Creator Data (Version: 3.8.0 - Roxio) Hidden

Roxio Creator Tools (Version: 3.8.0 - Roxio) Hidden

Roxio Express Labeler 3 (Version: 3.2.2 - Roxio) Hidden

Roxio MyDVD (Version: 10.3.349 - Roxio) Hidden

Sandboxie 3.62 (32-bit) (HKLM\...\Sandboxie) (Version: 3.62 - SANDBOXIE L.T.D)

Seesu (HKCU\...\Seesu) (Version:  - Gleb Arestov)

Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM\...\{10ABE49D-343A-463E-9753-C4C5A05ECEF9}) (Version: 6.2.0 - Sibelius Software)

simple-fax.de Version 1 (HKLM\...\{7343767F-D225-4EB2-87B8-173451445F45}_is1) (Version: 1 - simple-fax.de)

Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden

SpeedCommander 11 (HKLM\...\SpeedCommander 11) (Version: 11 - SpeedProject)

SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )

StarMoney (Version: 2.0 - StarFinanz) Hidden

StarMoney (Version: 3.0.1.31 - StarFinanz) Hidden

StarMoney (Version: 4.0.1.51 - StarFinanz) Hidden

StarMoney 7.0  (HKLM\...\{3A116B91-77B5-463A-8B77-6FBDE5BAA661}) (Version: 7.0 - Star Finanz GmbH)

StarMoney 8.0  (HKLM\...\{6A75F8FA-3A8C-4A11-8628-43ADC5332BEF}) (Version: 8.0 - Star Finanz GmbH)

StarMoney 9.0  (HKLM\...\{CC4F180B-8D7D-44E1-A061-A1B6DDD653CC}) (Version: 9.0 - Star Finanz GmbH)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)

SyncBack (HKLM\...\SyncBack_is1) (Version:  - 2BrightSparks)

Synkron 1.6.2 (HKLM\...\Tomlein.Synkron_is1) (Version: 1.6.2 - Matúš Tomlein)

TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)

Theft Recovery (HKLM\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.15 - Hewlett-Packard)

Theft Recovery (Version: 5.1.0.15 - Hewlett-Packard) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0402-0000-0000000FF1CE}_PROHYBRIDR_{F8AE4EBB-CCF5-45FB-B527-E88B4DC37278}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0418-0000-0000000FF1CE}_PROHYBRIDR_{2CD437DF-B0CD-43D2-A344-07C9FAC961F4}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0426-0000-0000000FF1CE}_PROHYBRIDR_{64057C60-03F0-4E29-B2E2-DCB6A1886F33}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0427-0000-0000000FF1CE}_PROHYBRIDR_{CC873AD1-9842-4A46-AF2A-3ED0F3F1452C}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)

Updater (HKLM\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION

Visual C++ 8.0 x86 Runtime Setup Package (Version: 1.0.0.0 - McAfee Inc.) Hidden

VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)

WEB.DE Online-Speicher 1.3.1234.0 (HKCU\...\WEB.DE Application {sync-000021}) (Version: 1.3.1234.0 - 1&1 Mail & Media GmbH)

WEB.DE Softwareaktualisierung (HKLM\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.0.55 - 1&1 Mail & Media GmbH)

WEB.DE Toolbar für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 1.7.0.0 - 1&1 Mail & Media GmbH)

Websteroids (HKLM\...\Websteroids) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION

Windows 7 Default Setting (HKLM\...\{E70E6183-F6EC-45B4-AFA4-0C3C36D4B664}) (Version: 1.0.0.8 - Hewlett-Packard)

Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

Windows Live Call (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden

Windows Live Communications Platform (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)

Windows Live Essentials (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden

Windows Live Messenger (Version: 14.0.8050.1202 - Microsoft Corporation) Hidden

Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)

Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

WinZip 12.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}) (Version: 12.0.8252 - WinZip Computing, S.L. )

Wuala (HKCU\...\Wuala) (Version: 1.0.411.0 - LaCie)

Wuala CBFS (HKLM\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie)

Wuala OverlayIcons (HKLM\...\Wuala OverlayIcons) (Version: 1.0.0.2 - LaCie)
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{1EFB6596-857C-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomCtl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{2C247F23-8591-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomCtl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{3117CB95-EAC5-4C8E-8647-429A6BA4E914}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Nokia\OviMapsPlugIn\PlugIns\5.7.1.0\npNMapNPR.dll (Nokia gate5 GmbH)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{35053A22-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomCtl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Andreas\AppData\Local\Google\Chrome\Application\32.0.1700.76\delegate_execute.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{66833FE6-8583-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomCtl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{8E3867A3-8586-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomCtl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomCtl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{C74190B6-8589-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomCtl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{CAC6785B-655E-4AE1-A656-BDEFD18DC46C}\InprocServer32 -> C:\Program Files\ScanSoft\RealSpeakSolov4\speech\components\common\rs_sapi5_solo.dll (ScanSoft, Inc)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{DD9DA666-8594-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomCtl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{F08DF954-8592-11D1-B16A-00C0F0283628}\InprocServer32 -> C:\Windows\system32\mscomCtl.ocx (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{F9043C85-F6F2-101A-A3C9-08002B2F49FB}\InprocServer32 -> C:\windows\system32\COMDLG32.OCX (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File

CustomCLSID: HKU\S-1-5-21-1624768357-4126066135-592724133-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
 

==================== Restore Points  =========================
 
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {1C2D18F9-AA3F-4BCA-B98C-6BCA255BDB40} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003Core => C:\Users\tobias\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16] (Google Inc.)

Task: {2EE8AA8D-D206-4C3A-ABC4-3C81FDD16626} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003UA => C:\Users\tobias\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16] (Google Inc.)

Task: {45ADE483-6146-40DB-8021-6C3D5E21A998} - System32\Tasks\Registration 1und1 Task => C:\Program Files\1und1Softwareaktualisierung\cdsupdclient.exe [2013-06-18] (1&1 Mail & Media GmbH)

Task: {46FC6A6B-8F1A-4DB8-A041-32D5110D4F83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-20] (Google Inc.)

Task: {5625CBF6-57FE-4D98-9CD1-BA4CD8A511ED} - System32\Tasks\OperaBookmarks => C:\Users\Andreas\Documents\Eigene Daten T30 -PC\PC\Backups\Operasave11.exe [2013-08-20] ()

Task: {592BC37C-F4D1-4579-A987-FBB5506CE04A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002UA => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-01] (Google Inc.)

Task: {6CEC5E53-6AB2-41FC-A3D5-B65C1CBF011F} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)

Task: {6EBE3D25-1606-429C-A4C0-D06AF8E76A10} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002Core => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-01] (Google Inc.)

Task: {74A3E3A2-C334-4AF1-8189-8684FAD401B5} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)

Task: {95A1B0B2-E0F7-42D9-B7C8-B91A7C275888} - System32\Tasks\Firesave => C:\Users\Andreas\Documents\Eigene Daten T30 -PC\PC\Backups\Firesave11.exe [2013-08-20] ()

Task: {B5361521-D7CF-4099-B24D-2F3D232EBEFF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {C01C8BE0-BD5C-44D8-97E3-70915D71CAA5} - System32\Tasks\{9813CE5C-8F35-4835-AC86-B55B5816A9BD} => Firefox.exe 

Task: {E58361F0-3D6E-48F2-913E-E9337A15D1C0} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-10] (Hewlett-Packard)

Task: {EF570923-0D65-4B54-B77C-75D729D87533} - System32\Tasks\thundersave => C:\Users\Andreas\Documents\Eigene Daten T30 -PC\PC\Backups\Thundersave11.exe [2013-08-20] ()

Task: {F2E7D8D1-09FE-4DFC-8CE5-6BDCFD272684} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-01-20] (Google Inc.)
 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002Core.job => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1002UA.job => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003Core.job => C:\Users\tobias\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1624768357-4126066135-592724133-1003UA.job => C:\Users\tobias\AppData\Local\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2009-08-17 21:26 - 2009-08-17 21:26 - 00300600 _____ () C:\Windows\system32\flcdlmsg.dll

2012-01-08 15:41 - 2012-01-08 15:41 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll

2009-08-20 22:15 - 2009-08-20 22:15 - 00051768 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll

2009-08-20 22:15 - 2009-08-20 22:15 - 00051256 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll

2009-08-13 00:16 - 2009-08-13 00:16 - 00061440 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll

2009-08-13 00:15 - 2009-08-13 00:15 - 00131072 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll

2009-08-13 00:15 - 2009-08-13 00:15 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll

2009-08-13 00:15 - 2009-08-13 00:15 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll

2009-08-13 00:15 - 2009-08-13 00:15 - 00018944 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll

2009-08-13 00:15 - 2009-08-13 00:15 - 00036864 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll

2009-08-13 00:15 - 2009-08-13 00:15 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll

2009-08-13 00:15 - 2009-08-13 00:15 - 00007680 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll

2012-10-22 23:34 - 2012-01-03 20:00 - 01350144 _____ () C:\Program Files\Ditto\Ditto.exe

2012-10-22 23:34 - 2012-01-03 19:59 - 00008192 _____ () C:\Program Files\Ditto\focus.dll

2014-08-26 16:47 - 2014-08-26 16:47 - 00436576 _____ () C:\Program Files\Evernote\Evernote\libxml2.dll

2014-08-26 16:47 - 2014-08-26 16:47 - 00318304 _____ () C:\Program Files\Evernote\Evernote\libtidy.dll

2009-06-11 01:30 - 2009-06-11 01:30 - 00098304 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll

2010-10-13 22:23 - 2010-10-13 22:23 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2014-07-12 17:25 - 2014-06-06 06:38 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"
 

==================== EXE Association (whitelisted) =============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\startupreg: Google Update => "C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe" /c

MSCONFIG\startupreg: HPWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden

MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

MSCONFIG\startupreg: McAfee Managed Services Tray => C:\Program Files\McAfee\Managed VirusScan\Agent\StartMyAgtTry.Exe

MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
 

========================= Accounts: ==========================
 

Administrator (S-1-5-21-1624768357-4126066135-592724133-500 - Administrator - Disabled)

Andreas (S-1-5-21-1624768357-4126066135-592724133-1002 - Administrator - Enabled) => C:\Users\Andreas

Guest (S-1-5-21-1624768357-4126066135-592724133-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1624768357-4126066135-592724133-1007 - Limited - Enabled)

McAfeeMVSUser (S-1-5-21-1624768357-4126066135-592724133-1000 - Limited - Enabled)

Mona (S-1-5-21-1624768357-4126066135-592724133-1009 - Limited - Enabled) => C:\Users\Mona

Monika (S-1-5-21-1624768357-4126066135-592724133-1004 - Limited - Enabled) => C:\Users\Monika

TEST (S-1-5-21-1624768357-4126066135-592724133-1010 - Administrator - Enabled) => C:\Users\TEST
 

==================== Faulty Device Manager Devices =============
 

Name: avgtp

Description: avgtp

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: avgtp

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (10/13/2014 07:24:12 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233

Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393

Exception code: 0x80000003

Fault offset: 0x0000141b

Faulting process id: 0xfc4

Faulting application start time: 0xplugin-container.exe0

Faulting application path: plugin-container.exe1

Faulting module path: plugin-container.exe2

Report Id: plugin-container.exe3
 

Error: (10/13/2014 05:30:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233

Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393

Exception code: 0x80000003

Fault offset: 0x0000141b

Faulting process id: 0x17ac

Faulting application start time: 0xplugin-container.exe0

Faulting application path: plugin-container.exe1

Faulting module path: plugin-container.exe2

Report Id: plugin-container.exe3
 

Error: (10/13/2014 04:08:07 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233

Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393

Exception code: 0x80000003

Fault offset: 0x0000141b

Faulting process id: 0x177c

Faulting application start time: 0xplugin-container.exe0

Faulting application path: plugin-container.exe1

Faulting module path: plugin-container.exe2

Report Id: plugin-container.exe3
 

Error: (10/13/2014 03:35:07 PM) (Source: MsiInstaller) (EventID: 11904) (User: Andreas-PC)

Description: Product: Motorola Device Software Update -- Error 1904. Module C:\Program Files\Common Files\MSSoap\Binaries\MSSOAP30.dll failed to register.  HRESULT -1073741502.  Contact your support personnel.
 

Error: (10/13/2014 03:28:34 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: FreeCommander.exe, version: 2009.2.0.417, time stamp: 0x4c8d0097

Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c

Exception code: 0xc0000028

Fault offset: 0x00090629

Faulting process id: 0x2e60

Faulting application start time: 0xFreeCommander.exe0

Faulting application path: FreeCommander.exe1

Faulting module path: FreeCommander.exe2

Report Id: FreeCommander.exe3
 

Error: (10/13/2014 03:26:52 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233

Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393

Exception code: 0x80000003

Fault offset: 0x0000141b

Faulting process id: 0x2b2c

Faulting application start time: 0xplugin-container.exe0

Faulting application path: plugin-container.exe1

Faulting module path: plugin-container.exe2

Report Id: plugin-container.exe3
 

Error: (10/13/2014 02:54:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233

Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393

Exception code: 0x80000003

Fault offset: 0x0000141b

Faulting process id: 0x2c7c

Faulting application start time: 0xplugin-container.exe0

Faulting application path: plugin-container.exe1

Faulting module path: plugin-container.exe2

Report Id: plugin-container.exe3
 

Error: (10/13/2014 02:21:58 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233

Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393

Exception code: 0x80000003

Fault offset: 0x0000141b

Faulting process id: 0x223c

Faulting application start time: 0xplugin-container.exe0

Faulting application path: plugin-container.exe1

Faulting module path: plugin-container.exe2

Report Id: plugin-container.exe3
 

Error: (10/13/2014 01:02:44 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233

Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393

Exception code: 0x80000003

Fault offset: 0x0000141b

Faulting process id: 0x1118

Faulting application start time: 0xplugin-container.exe0

Faulting application path: plugin-container.exe1

Faulting module path: plugin-container.exe2

Report Id: plugin-container.exe3
 

Error: (10/13/2014 11:45:13 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233

Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393

Exception code: 0x80000003

Fault offset: 0x0000141b

Faulting process id: 0x23c8

Faulting application start time: 0xplugin-container.exe0

Faulting application path: plugin-container.exe1

Faulting module path: plugin-container.exe2

Report Id: plugin-container.exe3
 
 

System errors:

=============

Error: (10/14/2014 04:12:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load: 

avgtp
 

Error: (10/14/2014 04:11:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The vToolbarUpdater15.2.0 service failed to start due to the following error: 

%%2
 

Error: (10/14/2014 04:11:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The McAfee Virus and Spyware Protection Service service failed to start due to the following error: 

%%2
 

Error: (10/14/2014 04:11:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The UAC File Virtualization service failed to start due to the following error: 

%%2
 

Error: (10/14/2014 04:11:01 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (10/14/2014 04:11:01 PM) (Source: atikmdag) (EventID: 19468) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (10/14/2014 03:55:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load: 

avgtp
 

Error: (10/14/2014 03:55:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The vToolbarUpdater15.2.0 service failed to start due to the following error: 

%%2
 

Error: (10/14/2014 03:55:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The McAfee Virus and Spyware Protection Service service failed to start due to the following error: 

%%2
 

Error: (10/14/2014 03:54:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The UAC File Virtualization service failed to start due to the following error: 

%%2
 
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-10-14 15:27:49.623

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-10-14 15:16:11.184

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-10-14 14:52:07.909

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-10-13 19:57:35.105

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-10-13 19:48:57.503

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-10-13 19:29:50.416

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-10-13 14:51:34.855

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-10-13 14:34:17.233

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-10-13 13:14:46.731

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2014-10-13 12:50:30.598

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wdrvtd32.dll because the set of per-page image hashes could not be found on the system.
 
 

==================== Memory info =========================== 
 

Processor: AMD Athlon(tm) II Dual-Core M340

Percentage of memory in use: 53%

Total physical RAM: 2812.7 MB

Available physical RAM: 1295.43 MB

Total Pagefile: 5623.7 MB

Available Pagefile: 3820.4 MB

Total Virtual: 2047.88 MB

Available Virtual: 1912.34 MB
 

==================== Drives ================================
 

Drive c: (WIN7_C) (Fixed) (Total:280.79 GB) (Free:91.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive d: (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Drive e: (HP_TOOLS) (Fixed) (Total:2 GB) (Free:1.37 GB) FAT32

Drive f: (KRD10) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 298.1 GB) (Disk ID: B8DEA2D4)

Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=280.8 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=15 GB) - (Type=83)

Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
 

==================== End Of Log ============================

Was tu ich nun?
Arbeiten seeehr eingeschränkt, da der Plugin Container alle ca. 30 min crasht ohne jede Vorwarnung, also ständig Broser Neustart...

Fixen möglich, oder besser gleich alles NEU?

LG AWK