Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Komplette Adware und Toolbarverseuchung mit ca. 2000 Funden beim ersten Check... (https://www.trojaner-board.de/156926-komplette-adware-toolbarverseuchung-ca-2000-funden-beim-ersten-check.html)

Andyleinchen 27.07.2014 16:22
Komplette Adware und Toolbarverseuchung mit ca. 2000 Funden beim ersten Check...
 
Hi,
Ich bin grad dabei ein Notebook wieder zum Ansatzweise-Arbeiten zu bringen und hab nun einen Scan mit Malewarebytes durchgeführt... Nach den ersten 300 Funden war mir klar, dass es etwas härter werden könnte... Beim letzten Blick mit 1880 Funden wurde dies zur bitteren Sicherheit... :party:

Ich benötige bei dieser enormen Anzahl dringenst Hilfe, da es nicht infrage kommt das Notebook neu aufzusetzen, da es kein Laufwerk besitzt. :headbang: :applaus:

Das Logfile ist selbst gepackt noch zu groß zum hochladen mit ca. 600000 Zeichen...:balla:

Ich bedanke mich bereits im voraus für die Hilfe.:party:


MFG

Andyleinchen 27.07.2014 17:41
Han nen neuen Scan gemacht den ich hochladen konnte:crazy:

cosinus 29.07.2014 19:51
Hi und :hallo:

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Andyleinchen 30.07.2014 14:57
Splitten würde ewig dauern.... Es sind 600000 zeichen nur von dem malewarebytes scan... Anders ist dies leider nicht möglich....

cosinus 30.07.2014 15:13
Ok, aber bitte die FRST Logs in CODE-Tags posten

Andyleinchen 30.07.2014 19:50
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-07-2014
Ran by Andrea (administrator) on ANDREA-PC on 30-07-2014 20:22:39
Running from C:\Users\Andrea\Downloads
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files\PC Beschleunigen\PCSUService.exe
(Stardock Corporation) C:\Program Files\Stardock\MyColors\VistaSrv.exe
() C:\Program Files\Stardock\MyColors\WBVista.exe
() C:\Windows\System32\AsusService.exe
() C:\Program Files\Guard-ICQ\GuardICQ.exe
() C:\Windows\System32\dmwu.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Blabbers Communications Ltd) C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
() C:\Windows\System32\jmdp\stij.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ASUSTeK Computer Inc.) C:\Program Files\Asus\HotkeyService\HotkeyService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUSTeK Computer Inc.) C:\Program Files\Asus\HotkeyService\HotKeyMon.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ASUSTeK Computer Inc.) C:\Program Files\Asus\SHE\SuperHybridEngine.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AsusTek Computer Inc.) C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUS) C:\Program Files\Asus\CapsHook\CapsHook.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Users\Andrea\AppData\Roaming\BrowserCompanion\tbhcn.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3601385101-2140175397-1978509390-1000\...\RunOnce: [FlashPlayerUpdate] => C:\windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin
HKU\S-1-5-21-3601385101-2140175397-1978509390-1000\...\MountPoints2: {9bba8ab2-87ee-11e2-8299-5404a629b83b} - E:\Startme.exe
AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll => C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll [1723320 2013-04-01] (Bandoo Media, inc)
AppInit_DLLs:  C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll => C:\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll [1185208 2012-08-06] (Bandoo Media, inc)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk -> C:\Users\Andrea\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk
ShortcutTarget: IconPackager.lnk -> C:\Program Files\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk
ShortcutTarget: IconPackager.lnk -> C:\Program Files\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {CC5FC992-B0AA-47CD-9DC2-83445083CBB8} => C:\Program Files\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll ()
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {618A47A2-528B-4D9A-AFC8-97D3233511E2} => C:\Program Files\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt.dll ()
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MON00006/tb_v1?SearchSource=10&cc=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7FFBF5DA-D170-40D3-91A7-55FD28DB7790}&mid=937d7987183b47d19f81854de0cd51c8-a1eab306f4f7adae3faf3915e98e941f41c4ab04&lang=de&ds=AVG&pr=pr&d=2013-01-03 16:30:22&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=109867&babsrc=SP_ss&mntrId=b2e820680000000000005404a629b83b
SearchScopes: HKCU - {23BE01D0-C186-4456-A856-F33472C1EF2D} URL = hxxp://search.softonic.com/MON00006/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=201
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
SearchScopes: HKCU - {48E9923A-16C4-410A-9D2B-97CA7A6E9743} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7FFBF5DA-D170-40D3-91A7-55FD28DB7790}&mid=937d7987183b47d19f81854de0cd51c8-a1eab306f4f7adae3faf3915e98e941f41c4ab04&lang=de&ds=AVG&pr=pr&d=2013-01-03 16:30:22&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6OyK0cewlx&i=26
BHO: Ginyas Browser Companion -> {00cbb66b-1d3b-46d3-9577-323a336acb50} -> C:\Program Files\BrowserCompanion\jsloader.dll ( )
BHO: ICQ Sparberater -> {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} -> C:\Program Files\icq\Internet Explorer\icq.dll (solute gmbh)
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: I Want This -> {11111111-1111-1111-1111-110011221158} -> C:\Program Files\I Want This\I Want This.dll (215 Apps)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: Incredibar.com Helper Object -> {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} -> C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: DVDVideoSoftTB Toolbar -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO: BetterAds -> {BA56787C-729F-4715-8F11-EB2A16908B91} -> C:\Program Files\BetterAds\ScriptHost.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com)
BHO: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKCU - DVDVideoSoftTB Toolbar - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default
FF SearchEngineOrder.1: Search Results
FF NetworkProxy: "type", 0
FF Homepage: user_pref("browser.startup.homepage", "");
FF Keyword.URL: hxxp://mystart.incredibar.com/mb203?a=6OyK0cewlx&i=26&search=
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=1.6.0_32 - C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Andrea\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\user.js
FF SearchPlugin: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\searchplugins\Plusnetwork.xml
FF SearchPlugin: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Heroes Updater - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\Extensions\battlefieldheroespatcher@ea.com [2012-03-03]
FF Extension: Ginyas Browser Companion - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\Extensions\bbrs_002@blabbers.com [2012-08-17]
FF Extension: Ginyas Browser Companions - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\Extensions\bbrs_003@blabbers.com [2013-01-26]
FF Extension: I Want This - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\Extensions\crossriderapp2258@crossrider.com [2013-12-10]
FF Extension: Babylon - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\Extensions\ffxtlbr@babylon.com [2012-03-11]
FF Extension: incredibar.com - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\Extensions\ffxtlbr@incredibar.com [2012-08-04]
FF Extension: softonic.com - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\Extensions\ffxtlbra@softonic.com [2012-09-02]
FF Extension: Searchqu Toolbar - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012-08-06]
FF Extension: BetterAds - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\Extensions\betterads@BetterAds.org.xpi [2012-08-21]
FF Extension: Yontoo - C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\7uf201vf.default\Extensions\plugin@yontoo.com.xpi [2013-02-20]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-04]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: hxxp://search.babylon.com/?AF=109867&babsrc=HP_ss&mntrId=b2e820680000000000005404a629b83b
CHR DefaultSearchKeyword: t-online-shop.de
CHR DefaultSearchProvider: t-online.de Shop Deutschland Produktsuche
CHR DefaultSearchURL: hxxp://www.t-online-shop.de/tonline/celebrosSearch.do?action=ExecuteSearch&searchString={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Browser Companion Helper) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2013-07-30]
CHR Extension: (BetterAds) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cacclhdpfoingihegojhoipnihfnoaki [2013-07-30]
CHR Extension: (New tab for Chrome™) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2013-07-30]
CHR Extension: (I Want This) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk [2013-07-11]
CHR Extension: (AVG Security Toolbar) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-07-30]
CHR Extension: (Google Wallet) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files\BrowserCompanion\blabbers-ch.crx [2012-07-02]
CHR HKLM\...\Chrome\Extension: [cacclhdpfoingihegojhoipnihfnoaki] - C:\Users\Andrea\AppData\Local\MediaBA\betterads.crx [2012-08-21]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-04]
CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\newTab.crx [2012-08-04]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-08-04]
CHR HKLM\...\Chrome\Extension: [mpfapcdfbbledbojijcbcclmlieaoogk] - C:\Users\Andrea\AppData\Local\I Want This\Chrome\I Want This.crx [2012-02-21]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.2.0.38\avg.crx [2013-12-09]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Andrea\AppData\Local\Temp\YontooLayers.crx [2013-12-09]
CHR StartMenuInternet: Google Chrome - C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe

cosinus 30.07.2014 23:05
Ist unvollständig. Und das Addition.txt Logfile fehlt auch leider...

Andyleinchen 31.07.2014 01:00
Das tut mir Leid... Da muss irgendetwas schief gelaufen sein, anbei sind die FRST und GMER Logs.

GMER:
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-31 01:40:59
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST9320325AS rev.0003SDM1 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Andrea\AppData\Local\Temp\uwdiqpob.sys


---- Kernel code sections - GMER 2.1 ----

.text          ntkrnlpa.exe!ZwRollbackEnlistment + 142D                                                                                      81E4CA15 1 Byte  [06]
.text          ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                                                        81E86212 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User code sections - GMER 2.1 ----

.text          C:\Program Files\Elantech\ETDCtrl.exe[300] kernel32.dll!VirtualProtect                                                        76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrl.exe[300] USER32.dll!SetWindowPlacement                                                      77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrl.exe[300] USER32.dll!MoveWindow                                                              77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrl.exe[300] USER32.dll!DeferWindowPos                                                          7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrl.exe[300] USER32.dll!SetWindowPos                                                            774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrl.exe[300] USER32.dll!GetWindowRect                                                            774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrl.exe[300] USER32.dll!BeginPaint                                                              774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrl.exe[300] USER32.dll!EndPaint                                                                774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrl.exe[300] USER32.dll!GetWindowPlacement                                                      774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxtray.exe[2528] kernel32.dll!VirtualProtect                                                            76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxtray.exe[2528] USER32.dll!SetWindowPlacement                                                          77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxtray.exe[2528] USER32.dll!MoveWindow                                                                  77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxtray.exe[2528] USER32.dll!DeferWindowPos                                                              7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxtray.exe[2528] USER32.dll!SetWindowPos                                                                774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxtray.exe[2528] USER32.dll!GetWindowRect                                                                774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxtray.exe[2528] USER32.dll!BeginPaint                                                                  774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxtray.exe[2528] USER32.dll!EndPaint                                                                    774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxtray.exe[2528] USER32.dll!GetWindowPlacement                                                          774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\hkcmd.exe[2544] kernel32.dll!VirtualProtect                                                                76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\hkcmd.exe[2544] USER32.dll!SetWindowPlacement                                                              77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\hkcmd.exe[2544] USER32.dll!MoveWindow                                                                      77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\hkcmd.exe[2544] USER32.dll!DeferWindowPos                                                                  7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\hkcmd.exe[2544] USER32.dll!SetWindowPos                                                                    774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\hkcmd.exe[2544] USER32.dll!GetWindowRect                                                                  774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\hkcmd.exe[2544] USER32.dll!BeginPaint                                                                      774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\hkcmd.exe[2544] USER32.dll!EndPaint                                                                        774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\hkcmd.exe[2544] USER32.dll!GetWindowPlacement                                                              774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxpers.exe[2672] kernel32.dll!VirtualProtect                                                            76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxpers.exe[2672] USER32.dll!SetWindowPlacement                                                          77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxpers.exe[2672] USER32.dll!MoveWindow                                                                  77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxpers.exe[2672] USER32.dll!DeferWindowPos                                                              7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxpers.exe[2672] USER32.dll!SetWindowPos                                                                774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxpers.exe[2672] USER32.dll!GetWindowRect                                                                774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxpers.exe[2672] USER32.dll!BeginPaint                                                                  774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxpers.exe[2672] USER32.dll!EndPaint                                                                    774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\igfxpers.exe[2672] USER32.dll!GetWindowPlacement                                                          774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\igfxsrvc.exe[2712] kernel32.dll!VirtualProtect                                                            76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\igfxsrvc.exe[2712] USER32.dll!SetWindowPlacement                                                          77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\igfxsrvc.exe[2712] USER32.dll!MoveWindow                                                                  77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\igfxsrvc.exe[2712] USER32.dll!DeferWindowPos                                                              7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\igfxsrvc.exe[2712] USER32.dll!SetWindowPos                                                                774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\igfxsrvc.exe[2712] USER32.dll!GetWindowRect                                                                774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\igfxsrvc.exe[2712] USER32.dll!BeginPaint                                                                  774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\igfxsrvc.exe[2712] USER32.dll!EndPaint                                                                    774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\igfxsrvc.exe[2712] USER32.dll!GetWindowPlacement                                                          774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2868] kernel32.dll!VirtualProtect                                              76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2868] USER32.dll!SetWindowPlacement                                            77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2868] USER32.dll!MoveWindow                                                    77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2868] USER32.dll!DeferWindowPos                                                7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2868] USER32.dll!SetWindowPos                                                  774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2868] USER32.dll!GetWindowRect                                                774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2868] USER32.dll!BeginPaint                                                    774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2868] USER32.dll!EndPaint                                                      774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2868] USER32.dll!GetWindowPlacement                                            774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\taskhost.exe[2996] kernel32.dll!VirtualProtect                                                            76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\taskhost.exe[2996] USER32.dll!SetWindowPlacement                                                          77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\taskhost.exe[2996] USER32.dll!MoveWindow                                                                  77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\taskhost.exe[2996] USER32.dll!DeferWindowPos                                                              7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\taskhost.exe[2996] USER32.dll!SetWindowPos                                                                774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\taskhost.exe[2996] USER32.dll!GetWindowRect                                                                774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\taskhost.exe[2996] USER32.dll!BeginPaint                                                                  774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\taskhost.exe[2996] USER32.dll!EndPaint                                                                    774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\system32\taskhost.exe[2996] USER32.dll!GetWindowPlacement                                                          774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\Explorer.EXE[3180] kernel32.dll!VirtualProtect                                                                      76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\Explorer.EXE[3180] USER32.dll!SetWindowPlacement                                                                    77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\Explorer.EXE[3180] USER32.dll!MoveWindow                                                                            77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\Explorer.EXE[3180] USER32.dll!DeferWindowPos                                                                        7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\Explorer.EXE[3180] USER32.dll!SetWindowPos                                                                          774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\Explorer.EXE[3180] USER32.dll!GetWindowRect                                                                        774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\Explorer.EXE[3180] USER32.dll!BeginPaint                                                                            774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\Explorer.EXE[3180] USER32.dll!EndPaint                                                                              774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\windows\Explorer.EXE[3180] USER32.dll!GetWindowPlacement                                                                    774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe[3372] kernel32.dll!VirtualProtect                                        76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe[3372] USER32.dll!SetWindowPlacement                                      77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe[3372] USER32.dll!MoveWindow                                              77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe[3372] USER32.dll!DeferWindowPos                                          7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe[3372] USER32.dll!SetWindowPos                                            774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe[3372] USER32.dll!GetWindowRect                                          774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe[3372] USER32.dll!BeginPaint                                              774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe[3372] USER32.dll!EndPaint                                                774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe[3372] USER32.dll!GetWindowPlacement                                      774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\AVG Secure Search\vprot.exe[3432] kernel32.dll!VirtualProtect                                                76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\AVG Secure Search\vprot.exe[3432] USER32.dll!SetWindowPlacement                                              77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\AVG Secure Search\vprot.exe[3432] USER32.dll!MoveWindow                                                      77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\AVG Secure Search\vprot.exe[3432] USER32.dll!DeferWindowPos                                                  7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\AVG Secure Search\vprot.exe[3432] USER32.dll!SetWindowPos                                                    774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\AVG Secure Search\vprot.exe[3432] USER32.dll!GetWindowRect                                                    774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\AVG Secure Search\vprot.exe[3432] USER32.dll!BeginPaint                                                      774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\AVG Secure Search\vprot.exe[3432] USER32.dll!EndPaint                                                        774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\AVG Secure Search\vprot.exe[3432] USER32.dll!GetWindowPlacement                                              774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Users\Andrea\Downloads\Gmer-19357.exe[3480] kernel32.dll!VirtualProtect                                                    76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Users\Andrea\Downloads\Gmer-19357.exe[3480] USER32.dll!SetWindowPlacement                                                  77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Users\Andrea\Downloads\Gmer-19357.exe[3480] USER32.dll!MoveWindow                                                          77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Users\Andrea\Downloads\Gmer-19357.exe[3480] USER32.dll!DeferWindowPos                                                      7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Users\Andrea\Downloads\Gmer-19357.exe[3480] USER32.dll!SetWindowPos                                                        774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Users\Andrea\Downloads\Gmer-19357.exe[3480] USER32.dll!GetWindowRect                                                        774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Users\Andrea\Downloads\Gmer-19357.exe[3480] USER32.dll!BeginPaint                                                          774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Users\Andrea\Downloads\Gmer-19357.exe[3480] USER32.dll!EndPaint                                                            774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Users\Andrea\Downloads\Gmer-19357.exe[3480] USER32.dll!GetWindowPlacement                                                  774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\jmdp\stij.exe[3484] kernel32.dll!VirtualProtect                                                            76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\jmdp\stij.exe[3484] USER32.dll!SetWindowPlacement                                                          77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\jmdp\stij.exe[3484] USER32.dll!MoveWindow                                                                  77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\jmdp\stij.exe[3484] USER32.dll!DeferWindowPos                                                              7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\jmdp\stij.exe[3484] USER32.dll!SetWindowPos                                                                774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\jmdp\stij.exe[3484] USER32.dll!GetWindowRect                                                              774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\jmdp\stij.exe[3484] USER32.dll!BeginPaint                                                                  774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\jmdp\stij.exe[3484] USER32.dll!EndPaint                                                                    774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Windows\System32\jmdp\stij.exe[3484] USER32.dll!GetWindowPlacement                                                          774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrlHelper.exe[4064] kernel32.dll!VirtualProtect                                                  76E52CDD 5 Bytes  JMP 660047B5 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrlHelper.exe[4064] USER32.dll!SetWindowPlacement                                                77497F78 5 Bytes  JMP 66033F8E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrlHelper.exe[4064] USER32.dll!MoveWindow                                                        77498D29 5 Bytes  JMP 66034289 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrlHelper.exe[4064] USER32.dll!DeferWindowPos                                                    7749A6C8 5 Bytes  JMP 6603390A C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrlHelper.exe[4064] USER32.dll!SetWindowPos                                                      774A1BC4 5 Bytes  JMP 660343D8 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrlHelper.exe[4064] USER32.dll!GetWindowRect                                                    774A558C 5 Bytes  JMP 66034564 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrlHelper.exe[4064] USER32.dll!BeginPaint                                                        774A5D14 5 Bytes  JMP 66002C0E C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrlHelper.exe[4064] USER32.dll!EndPaint                                                          774A5D42 5 Bytes  JMP 66002C09 C:\Program Files\Stardock\MyColors\WBLIND.dll
.text          C:\Program Files\Elantech\ETDCtrlHelper.exe[4064] USER32.dll!GetWindowPlacement                                                774C69DE 5 Bytes  JMP 660340DF C:\Program Files\Stardock\MyColors\WBLIND.dll

---- User IAT/EAT - GMER 2.1 ----

IAT            C:\windows\Explorer.EXE[3180] @ C:\windows\Explorer.EXE [KERNEL32.dll!LoadLibraryExA]                                          [66057244] C:\Program Files\Stardock\MyColors\WBLIND.dll
IAT            C:\windows\Explorer.EXE[3180] @ C:\windows\Explorer.EXE [KERNEL32.dll!LoadLibraryW]                                            [6605730C] C:\Program Files\Stardock\MyColors\WBLIND.dll
IAT            C:\windows\Explorer.EXE[3180] @ C:\windows\Explorer.EXE [KERNEL32.dll!LoadLibraryA]                                            [660572A1] C:\Program Files\Stardock\MyColors\WBLIND.dll
IAT            C:\windows\Explorer.EXE[3180] @ C:\windows\Explorer.EXE [USER32.dll!GetWindowDC]                                              [66033A28] C:\Program Files\Stardock\MyColors\WBLIND.dll
IAT            C:\windows\Explorer.EXE[3180] @ C:\windows\Explorer.EXE [USER32.dll!UpdateLayeredWindow]                                      [66057A44] C:\Program Files\Stardock\MyColors\WBLIND.dll
IAT            C:\windows\Explorer.EXE[3180] @ C:\windows\Explorer.EXE [USER32.dll!UpdateLayeredWindowIndirect]                              [6605735E] C:\Program Files\Stardock\MyColors\WBLIND.dll
IAT            C:\windows\Explorer.EXE[3180] @ C:\windows\Explorer.EXE [USER32.dll!EndPaint]                                                  [660584BD] C:\Program Files\Stardock\MyColors\WBLIND.dll
IAT            C:\windows\Explorer.EXE[3180] @ C:\windows\Explorer.EXE [USER32.dll!LoadImageW]                                                [6600AA77] C:\Program Files\Stardock\MyColors\WBLIND.dll
IAT            C:\windows\Explorer.EXE[3180] @ C:\windows\Explorer.EXE [USER32.dll!BeginPaint]                                                [660581B9] C:\Program Files\Stardock\MyColors\WBLIND.dll
IAT            C:\windows\Explorer.EXE[3180] @ C:\windows\Explorer.EXE [USER32.dll!DrawTextW]                                                [6605A7BB] C:\Program Files\Stardock\MyColors\WBLIND.dll

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\fastfat \Fat                                                                                                      fltmgr.sys

---- Threads - GMER 2.1 ----

Thread          System [4:3992]                                                                                                                83C5AF2E

---- Registry - GMER 2.1 ----

Reg            HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e                                                   
Reg            HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\74f06dbb854f                                                   
Reg            HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BDE4E20B-9DDA-4414-9773-A51264A0F4E5}@LeaseObtainedTime    1406761422
Reg            HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BDE4E20B-9DDA-4414-9773-A51264A0F4E5}@T1                  1406934222
Reg            HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BDE4E20B-9DDA-4414-9773-A51264A0F4E5}@T2                  1407063822
Reg            HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{BDE4E20B-9DDA-4414-9773-A51264A0F4E5}@LeaseTerminatesTime  1407107022
Reg            HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)                               
Reg            HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\74f06dbb854f (not active ControlSet)                               

---- EOF - GMER 2.1 ----
addition:

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-07-2014
Ran by Andrea at 2014-07-31 01:48:00
Running from C:\Users\Andrea\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.06.02 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3462 - AVG Technologies)
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.1.7.644 - AVG Technologies)
Babylon toolbar on IE (HKLM\...\BabylonToolbar) (Version:  - ) <==== ATTENTION
BetterAds (HKLM\...\BetterAds) (Version: 1.5 - BetterAds.org)
Boingo Wi-Fi (HKLM\...\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
BrowserCompanion (HKLM\...\BrowserCompanion) (Version:  - ) <==== ATTENTION
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.7 - AsusTek Computer)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Chicken Invaders 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DVDVideoSoftTB Toolbar (HKLM\...\DVDVideoSoftTB Toolbar) (Version: 6.8.2.0 - DVDVideoSoftTB)
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.3.0 - AzureWave)
Eee Docking 3.8.3 (HKLM\...\Eee Docking_is1) (Version: 3.8.3 - ASUSTek Computer Inc.)
EeeSplendid (HKLM\...\{6333FC29-BFE5-4024-AC78-958A1A7555D1}) (Version: 5.1.2.0011 - ASUS)
EeeSplendid (Version: 5.1.2.0011 - ASUS) Hidden
ETDWare PS/2-x86 7.0.5.13_WHQL (HKLM\...\Elantech) (Version: 7.0.5.13 - ELAN Microelectronics Corp.)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GinyasBrowserCompanion (HKLM\...\GinyasBrowserCompanion) (Version:  - Ginyas) <==== ATTENTION
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
I Want This (HKLM\...\I Want This) (Version: 1.8.146.147 - 215 Apps)
IB Updater Service (HKLM\...\WNLT) (Version: 4.0.8.7 - ) <==== ATTENTION
ICQ Toolbar (HKLM\...\ICQToolbar) (Version: 3.0.0 - ICQ)
Incredibar Toolbar  on IE (HKLM\...\incredibar) (Version:  - ) <==== ATTENTION
InstantOn (HKLM\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 1.0.2 - ASUS)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
Java Auto Updater (Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS)
LogonStudio (HKLM\...\{5C46518A-F797-4973-A257-F3F60F2FC61E}) (Version: 1.51.12 - Stardock)
MAGIX Foto Manager MX (HKLM\...\MAGIX_{30D2BC25-D905-48FE-AA2C-98E11AC3A081}) (Version: 9.0.1.238 - MAGIX AG)
MAGIX Foto Manager MX (Version: 9.0.1.238 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM\...\MAGIX_{6662A179-33A4-407D-B57D-736E6BF765B1}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OpenOffice 4.0.0 (HKLM\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
Raccolta foto (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.1.0 - Ralink)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0159 - REALTEK Semiconductor Corp.)
RegClean Pro (HKLM\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Searchqu Toolbar (HKLM\...\Searchqu Toolbar) (Version: 4.1.0.3028 - Bandoo Media Inc) <==== ATTENTION
simplitec simplicheck (HKLM\...\{B73AFF76-53AD-464D-93D5-5A4E6CAAB893}) (Version: 1.2.3.0 - simplitec GmbH)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Softonic toolbar  on IE (HKLM\...\Softonic) (Version:  - Softonic) <==== ATTENTION
Stardock MyColors (HKLM\...\Stardock MyColors) (Version: 2.7 - Stardock Corporation)
Stardock MyColors (Version: 2.7 - Stardock Corporation) Hidden
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.17 - AsusTek Computer)
Times Reader (HKLM\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
Times Reader (Version: 2.055 - The New York Times Company) Hidden
Web Assistant 2.0.0.573 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.573 - IncrediBar) <==== ATTENTION
Windows Driver Package - Broadcom Bluetooth  (07/17/2009 6.2.0.9403) (HKLM\...\B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE) (Version: 07/17/2009 6.2.0.9403 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0) (HKLM\...\B5C82F3814F82FB37F1513B3185399BD88892B08) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Xvid MPEG-4 Video Codec (HKLM\...\Xvid_is1) (Version:  - )
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Chrome\Application\36.0.1985.125\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File

==================== Restore Points  =========================

27-07-2014 11:46:07 Windows Update
27-07-2014 12:52:12 Removed AVG 2013
27-07-2014 12:55:40 Removed AVG 2013
27-07-2014 14:30:47 Removed Façade
30-07-2014 19:04:07 Windows Update
30-07-2014 20:28:43 Removed Acrobat.com
30-07-2014 20:30:38 Removed Facebook Video Calling 2.0.0.447
30-07-2014 20:31:14 Removed Firebird SQL Server - MAGIX Edition
30-07-2014 20:33:39 Removed FontResizer
30-07-2014 20:37:01 ICQ Sparberater wird entfernt
30-07-2014 20:40:48 Removed Hotkey Service
30-07-2014 20:44:01 Removed LiveUpdate.
30-07-2014 20:46:33 Removed Microsoft Silverlight
30-07-2014 20:47:56 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
30-07-2014 22:25:36 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1731A9D0-2E85-4DA6-AB94-8DEC2B6D451D} - System32\Tasks\GinyasBrowserCompanions FireFox Watcher => C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe <==== ATTENTION
Task: {1C15F955-3BAF-4F38-9403-5ABAFDB489F6} - System32\Tasks\GinyasBrowserCompanions Update Checker => C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe <==== ATTENTION
Task: {1D273B6A-F377-4E5F-84B5-73466833A687} - System32\Tasks\GinyasBrowserCompanion Stats Report => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {3AC26CE1-FAAC-4CA4-933F-1A4A7BEE3F57} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000Core => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-23] (Google Inc.)
Task: {4176131F-21E9-4835-B31E-A3719243C43B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: {507AD962-93DB-462D-A8C9-5254E20ECD6C} - System32\Tasks\{45369E78-DC3E-4556-B91B-58151EF25307} => Chrome.exe
Task: {53F1A6DF-F93D-45DE-9788-669A9F527A41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {61BE41AD-E80E-44B2-B32A-7360FAC33257} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: {6683A2CF-CEA5-4BE5-922F-93ABCF07030D} - System32\Tasks\GinyasBrowserCompanion Update Checker => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {66CE3246-EA70-4D23-B9F1-472BC84CF734} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe [2011-11-19] (Systweak Inc) <==== ATTENTION
Task: {7C003877-A4F8-4271-B3E5-10894BD34BA7} - System32\Tasks\{B3F1EFB7-0F6B-4354-95DF-D7EAB1940561} => Chrome.exe
Task: {86E697F7-B804-4FF1-90B9-691B066FB397} - System32\Tasks\GinyasBrowserCompanions Chrome Watcher => C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe <==== ATTENTION
Task: {896A91D8-D121-45B9-A385-8F82B3649378} - System32\Tasks\GinyasBrowserCompanions Stats Report => C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe <==== ATTENTION
Task: {A2FE6341-29F8-479F-95F1-A8219CE39871} - System32\Tasks\{5D00A04D-C9F6-40BA-96AE-7DC3DCC5C8C1} => Chrome.exe
Task: {AA780D2E-065A-49E4-8CB0-103E2355ED6E} - System32\Tasks\GinyasBrowserCompanion Runner => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {AB2122C3-0053-4D6C-BC82-9936493BD5AE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-27] (Adobe Systems Incorporated)
Task: {C49CCEB8-BF31-47F8-A6D8-2E5E99F86201} - System32\Tasks\GinyasBrowserCompanion Chrome Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION
Task: {D0E6D060-655F-40DA-9089-2A8116626CAE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000UA => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-23] (Google Inc.)
Task: {E814AE2A-C75D-4650-AD86-DD27D75C4119} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe [2011-11-19] (Systweak Inc) <==== ATTENTION
Task: {FBE700C9-255D-434F-8190-080705610AC1} - System32\Tasks\GinyasBrowserCompanion FireFox Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-02-18] (Blabbers Communications Ltd) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\windows\Tasks\GinyasBrowserCompanion Runner.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\windows\Tasks\GinyasBrowserCompanion Stats Report.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\windows\Tasks\GinyasBrowserCompanion Update Checker.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe <==== ATTENTION
Task: C:\windows\Tasks\GinyasBrowserCompanions Chrome Watcher.job => C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe <==== ATTENTION
Task: C:\windows\Tasks\GinyasBrowserCompanions FireFox Watcher.job => C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe <==== ATTENTION
Task: C:\windows\Tasks\GinyasBrowserCompanions Stats Report.job => C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe <==== ATTENTION
Task: C:\windows\Tasks\GinyasBrowserCompanions Update Checker.job => C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000Core.job => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000UA.job => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2009-06-09 10:56 - 2009-06-09 10:56 - 00099632 _____ () C:\Program Files\Stardock\MyColors\WBVista.exe
2009-06-09 10:55 - 2009-06-09 10:55 - 00057904 _____ () C:\windows\system32\wbload.dll
2012-09-10 13:10 - 2013-10-15 10:43 - 01432368 _____ () C:\windows\system32\dmwu.exe
2012-08-04 13:16 - 2012-08-23 15:40 - 00188760 _____ () C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
2014-07-26 14:23 - 2014-07-26 14:23 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
2014-07-26 14:23 - 2014-07-26 14:23 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll
2013-10-15 11:05 - 2013-10-15 11:05 - 00410416 _____ () C:\Windows\System32\jmdp\stij.exe
2013-10-15 11:03 - 2013-10-15 11:03 - 01057792 _____ () C:\Windows\System32\jmdp\lmrn.dll
2009-06-09 10:55 - 2009-06-09 10:55 - 00057904 _____ () C:\Windows\System32\wbload.dll
2013-01-03 17:30 - 2014-07-26 14:23 - 02571288 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2012-07-02 11:16 - 2012-07-02 11:16 - 00695448 _____ () C:\Users\Andrea\AppData\Roaming\BrowserCompanion\tbhcn.exe
2014-07-27 18:11 - 2014-07-15 11:24 - 08537928 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-27 18:11 - 2014-07-15 11:24 - 00353096 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-27 18:11 - 2014-07-15 11:24 - 01732936 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-30 21:00 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-07-30 21:00 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-07-27 18:11 - 2014-07-15 11:24 - 14664008 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:AB689DEA

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Stardock MyColors.lnk => C:\windows\pss\Stardock MyColors.lnk.CommonStartup
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files\AVG\AVG2012\avgtray.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Andrea\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Guard.Mail.ru.gui => "C:\Program Files\Guard-ICQ\GuardICQ.exe" /gui
MSCONFIG\startupreg: PCSpeedUp => C:\Program Files\PC Beschleunigen\PCSpeedUp.lnk
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/31/2014 01:04:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052d37
ID des fehlerhaften Prozesses: 0xc94
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (07/31/2014 00:00:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012298
ID des fehlerhaften Prozesses: 0x990
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3

Error: (07/30/2014 11:24:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: bd8

Startzeit: 01cfac3b7c1614bf

Endzeit: 0

Anwendungspfad: C:\windows\Explorer.EXE

Berichts-ID: c1104603-182f-11e4-99db-5404a629b83b

Error: (07/30/2014 11:16:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052d37
ID des fehlerhaften Prozesses: 0xcd4
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (07/30/2014 10:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ICQ7.exe, Version: 14.0.0.162, Zeitstempel: 0x4626b2f4
Name des fehlerhaften Moduls: MoveIt.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4ee6373f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6bdfcf4e
ID des fehlerhaften Prozesses: 0x141c
Startzeit der fehlerhaften Anwendung: 0xICQ7.exe0
Pfad der fehlerhaften Anwendung: ICQ7.exe1
Pfad des fehlerhaften Moduls: ICQ7.exe2
Berichtskennung: ICQ7.exe3

Error: (07/30/2014 10:25:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avgmfapx.exe, Version: 13.0.0.3480, Zeitstempel: 0x537d2383
Name des fehlerhaften Moduls: avgmfapx.exe, Version: 13.0.0.3480, Zeitstempel: 0x537d2383
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00017ec0
ID des fehlerhaften Prozesses: 0x1384
Startzeit der fehlerhaften Anwendung: 0xavgmfapx.exe0
Pfad der fehlerhaften Anwendung: avgmfapx.exe1
Pfad des fehlerhaften Moduls: avgmfapx.exe2
Berichtskennung: avgmfapx.exe3

Error: (07/30/2014 08:35:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel: 0x5121f458
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052d37
ID des fehlerhaften Prozesses: 0x8b4
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (07/30/2014 08:29:37 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (07/30/2014 08:29:16 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (07/30/2014 08:27:54 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.


System errors:
=============
Error: (07/31/2014 01:03:53 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (07/31/2014 01:03:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Asus Launcher Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/31/2014 01:01:52 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x8007045b

Error: (07/31/2014 01:01:16 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (07/31/2014 01:01:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Asus Launcher Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/30/2014 11:16:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (07/30/2014 11:15:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Asus Launcher Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/30/2014 11:15:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎30.‎07.‎2014 um 23:10:10 unerwartet heruntergefahren.

Error: (07/30/2014 10:04:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/30/2014 08:34:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom


Microsoft Office Sessions:
=========================
Error: (07/31/2014 01:04:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea91cc000000500052d37c9401cfac4a96bffa88C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\windows\SYSTEM32\ntdll.dlld79bc0e1-183d-11e4-a99c-5404a629b83b

Error: (07/31/2014 00:00:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c00000050001229899001cfac41435e35d1C:\Users\Andrea\Downloads\Gmer-19357.exeC:\Users\Andrea\Downloads\Gmer-19357.exef5e9d28f-1834-11e4-99db-5404a629b83b

Error: (07/30/2014 11:24:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.17567bd801cfac3b7c1614bf0C:\windows\Explorer.EXEc1104603-182f-11e4-99db-5404a629b83b

Error: (07/30/2014 11:16:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea91cc000000500052d37cd401cfac3b7df7fb2dC:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\windows\SYSTEM32\ntdll.dllbdf03c01-182e-11e4-99db-5404a629b83b

Error: (07/30/2014 10:39:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ICQ7.exe14.0.0.1624626b2f4MoveIt.dll_unloaded0.0.0.04ee6373fc00000056bdfcf4e141c01cfac362426aa31C:\Users\Andrea\AppData\Local\Temp\{82AF3D29-AC7C-4B2B-8B16-DFEF02C11BDA}\ICQ7.exeMoveIt.dll8ecb9d7c-1829-11e4-bda9-5404a629b83b

Error: (07/30/2014 10:25:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgmfapx.exe13.0.0.3480537d2383avgmfapx.exe13.0.0.3480537d2383c000000500017ec0138401cfac34559c6b53C:\Program Files\AVG\AVG2013\avgmfapx.exeC:\Program Files\AVG\AVG2013\avgmfapx.exe95a10865-1827-11e4-bda9-5404a629b83b

Error: (07/30/2014 08:35:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: tbhcn.exe1.0.0.95121f458ntdll.dll6.1.7601.18247521ea91cc000000500052d378b401cfac2515fb6ad8C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\windows\SYSTEM32\ntdll.dll584c9899-1818-11e4-bda9-5404a629b83b

Error: (07/30/2014 08:29:37 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dllC:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll0

Error: (07/30/2014 08:29:16 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dllC:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll0

Error: (07/30/2014 08:27:54 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dllC:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll0


==================== Memory info ===========================

Percentage of memory in use: 68%
Total physical RAM: 1014.18 MB
Available physical RAM: 315.08 MB
Total Pagefile: 2049.53 MB
Available Pagefile: 1055.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1927.19 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:69.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:183.07 GB) (Free:182.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: DAC69C79)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=183 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=16 MB) - (Type=EF)

==================== End Of Log ============================

Andyleinchen 31.07.2014 01:01
Und noch FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-07-2014
Ran by Andrea (administrator) on ANDREA-PC on 31-07-2014 01:45:58
Running from C:\Users\Andrea\Downloads
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Stardock Corporation) C:\Program Files\Stardock\MyColors\VistaSrv.exe
() C:\Program Files\Stardock\MyColors\WBVista.exe
() C:\Windows\System32\dmwu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe
() C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Blabbers Communications Ltd) C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
() C:\Windows\System32\jmdp\stij.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
() C:\Program Files\AVG Secure Search\vprot.exe
() C:\Users\Andrea\AppData\Roaming\BrowserCompanion\tbhcn.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3601385101-2140175397-1978509390-1000\...\MountPoints2: {9bba8ab2-87ee-11e2-8299-5404a629b83b} - E:\Startme.exe
AppInit_DLLs: C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll => C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll [1723320 2013-04-01] (Bandoo Media, inc)
AppInit_DLLs:  C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll => C:\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll [1185208 2012-08-06] (Bandoo Media, inc)
Startup: C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
ShortcutTarget: tbhcn.lnk -> C:\Users\Andrea\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk
ShortcutTarget: IconPackager.lnk -> C:\Program Files\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk
ShortcutTarget: IconPackager.lnk -> C:\Program Files\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MON00006/tb_v1?SearchSource=10&cc=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7FFBF5DA-D170-40D3-91A7-55FD28DB7790}&mid=937d7987183b47d19f81854de0cd51c8-a1eab306f4f7adae3faf3915e98e941f41c4ab04&lang=de&ds=AVG&pr=pr&d=2013-01-03 16:30:22&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=109867&babsrc=SP_ss&mntrId=b2e820680000000000005404a629b83b
SearchScopes: HKCU - {23BE01D0-C186-4456-A856-F33472C1EF2D} URL = hxxp://search.softonic.com/MON00006/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=201
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
SearchScopes: HKCU - {48E9923A-16C4-410A-9D2B-97CA7A6E9743} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={7FFBF5DA-D170-40D3-91A7-55FD28DB7790}&mid=937d7987183b47d19f81854de0cd51c8-a1eab306f4f7adae3faf3915e98e941f41c4ab04&lang=de&ds=AVG&pr=pr&d=2013-01-03 16:30:22&v=14.0.2.14&pid=avg&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=341&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb165/?search={searchTerms}&loc=IB_DS&a=6OyK0cewlx&i=26
BHO: Ginyas Browser Companion -> {00cbb66b-1d3b-46d3-9577-323a336acb50} -> C:\Program Files\BrowserCompanion\jsloader.dll ( )
BHO: I Want This -> {11111111-1111-1111-1111-110011221158} -> C:\Program Files\I Want This\I Want This.dll (215 Apps)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: Incredibar.com Helper Object -> {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} -> C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: DVDVideoSoftTB Toolbar -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO: BetterAds -> {BA56787C-729F-4715-8F11-EB2A16908B91} -> C:\Program Files\BetterAds\ScriptHost.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com)
BHO: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
Toolbar: HKLM - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKCU - DVDVideoSoftTB Toolbar - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=1.6.0_32 - C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-08-04]
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\Web Assistant\Firefox

Chrome:
=======
CHR HomePage: hxxp://search.babylon.com/?AF=109867&babsrc=HP_ss&mntrId=b2e820680000000000005404a629b83b
CHR DefaultSearchKeyword: t-online-shop.de
CHR DefaultNewTabURL:
CHR Extension: (Browser Companion Helper) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2013-07-30]
CHR Extension: (BetterAds) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cacclhdpfoingihegojhoipnihfnoaki [2013-07-30]
CHR Extension: (New tab for Chrome™) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2013-07-30]
CHR Extension: (I Want This) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk [2013-07-11]
CHR Extension: (AVG Security Toolbar) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-07-30]
CHR Extension: (Google Wallet) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files\BrowserCompanion\blabbers-ch.crx [2012-07-02]
CHR HKLM\...\Chrome\Extension: [cacclhdpfoingihegojhoipnihfnoaki] - C:\Users\Andrea\AppData\Local\MediaBA\betterads.crx [2012-08-21]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-08-04]
CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\newTab.crx [2012-08-04]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-08-04]
CHR HKLM\...\Chrome\Extension: [mpfapcdfbbledbojijcbcclmlieaoogk] - C:\Users\Andrea\AppData\Local\I Want This\Chrome\I Want This.crx [2012-02-21]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\17.2.0.38\avg.crx [2013-12-09]
CHR HKLM\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Andrea\AppData\Local\Temp\YontooLayers.crx [2013-12-09]
CHR StartMenuInternet: Google Chrome - C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 IBUpdaterService; C:\windows\system32\dmwu.exe [1432368 2013-10-15] ()
R2 vToolbarUpdater18.1.7; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1813528 2014-07-26] (AVG Secure Search)
R2 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2012-08-23] () [File not signed]
R2 WindowBlinds; C:\Program Files\Stardock\MyColors\VistaSrv.exe [230704 2009-06-09] (Stardock Corporation)
S2 AsusService; C:\windows\system32\AsusService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] ()
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] ()
R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [42784 2014-07-26] (AVG Technologies)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [102912 2010-07-21] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-27] (Malwarebytes Corporation)
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\system32\drivers\btwrchid.sys [X]
U3 uwdiqpob; \??\C:\Users\Andrea\AppData\Local\Temp\uwdiqpob.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2030-01-02 09:28 - 2010-11-20 14:40 - 00383786 __RSH () C:\bootmgr
2014-07-31 01:45 - 2014-07-31 01:46 - 00020602 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-07-31 01:40 - 2014-07-31 01:40 - 00030373 _____ () C:\Users\Andrea\Desktop\gmer log.log
2014-07-31 00:44 - 2014-07-31 00:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-31 00:19 - 2014-07-31 00:19 - 00380416 _____ () C:\Users\Andrea\Downloads\Gmer-19357.exe
2014-07-30 23:18 - 2014-07-30 23:18 - 00104960 _____ (GMER) C:\uwdiqpob.sys
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieUserList
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieSiteList
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Avg2013
2014-07-30 22:13 - 2014-07-30 22:13 - 00566960 _____ () C:\Users\Andrea\Downloads\setup.exe
2014-07-30 20:21 - 2014-07-31 01:46 - 00000000 ____D () C:\FRST
2014-07-30 20:19 - 2014-07-30 20:20 - 01084928 _____ (Farbar) C:\Users\Andrea\Downloads\FRST.exe
2014-07-27 18:34 - 2014-07-27 18:34 - 00095968 _____ () C:\Users\Andrea\Desktop\Malewarebytes log 1. scan.7z
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-27 17:45 - 2014-07-27 17:45 - 01110476 _____ () C:\Users\Andrea\Downloads\7z920.exe
2014-07-27 15:11 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-07-27 14:52 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-27 14:52 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-07-27 14:43 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-07-27 14:43 - 2014-01-01 01:05 - 00420008 _____ () C:\windows\system32\locale.nls
2014-07-27 14:42 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-07-27 14:42 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-07-27 14:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-07-27 14:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-07-27 14:42 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2014-07-27 14:42 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-07-27 14:42 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-07-27 14:42 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-07-27 14:41 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-27 14:41 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-27 14:41 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-07-27 14:41 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-07-27 14:41 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-07-27 14:41 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-07-27 14:41 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-07-27 14:41 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-07-27 14:41 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-07-27 14:41 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-07-27 14:41 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-07-27 14:41 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-07-27 14:39 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-27 14:38 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-27 13:58 - 2014-07-27 13:58 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 13:57 - 2014-07-27 13:57 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-27 13:57 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-27 13:57 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-27 13:57 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-27 13:54 - 2014-07-27 13:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Andrea\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-27 13:50 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 02179072 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01964544 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-27 13:13 - 2014-07-27 13:13 - 01791488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01139200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-07-27 13:13 - 2014-07-27 13:13 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-07-27 13:13 - 2014-07-27 13:13 - 00240824 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-07-27 13:13 - 2014-07-27 13:13 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 17276416 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 11742208 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-27 13:12 - 2014-07-27 13:12 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-27 13:08 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-07-27 13:08 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-07-27 13:07 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-07-27 13:07 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-07-27 13:07 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-07-26 15:13 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-26 15:13 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-07-26 15:13 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-07-26 15:13 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-07-26 15:13 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-07-26 15:13 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-07-26 15:13 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-07-26 15:13 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-07-26 15:13 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-07-26 15:13 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-07-26 15:13 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-07-26 15:13 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-07-26 15:13 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-07-26 15:13 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-07-26 15:13 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-07-26 15:13 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-07-26 15:06 - 2014-07-26 15:06 - 00000000 _____ () C:\windows\system32\shoCBC7.tmp
2014-07-26 15:01 - 2014-07-26 15:01 - 00000000 ____D () C:\windows\pss
2014-07-26 14:28 - 2014-07-26 14:28 - 06010880 _____ () C:\Program Files\GUTC64B.tmp
2014-07-26 14:28 - 2014-07-26 14:28 - 00000000 ____D () C:\Program Files\GUMC63B.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2030-01-02 09:28 - 2009-07-14 06:57 - 00029696 ___SH () C:\windows\system32\config\BCD-Template.LOG
2030-01-02 09:28 - 2009-07-14 06:52 - 00032768 _____ () C:\windows\system32\config\BCD-Template
2014-07-31 01:46 - 2014-07-31 01:45 - 00020602 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-07-31 01:46 - 2014-07-30 20:21 - 00000000 ____D () C:\FRST
2014-07-31 01:40 - 2014-07-31 01:40 - 00030373 _____ () C:\Users\Andrea\Desktop\gmer log.log
2014-07-31 01:40 - 2013-01-26 16:40 - 00001052 _____ () C:\windows\Tasks\GinyasBrowserCompanions Stats Report.job
2014-07-31 01:38 - 2013-02-18 19:38 - 00000992 _____ () C:\windows\Tasks\GinyasBrowserCompanion Runner.job
2014-07-31 01:37 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-07-31 01:34 - 2012-08-17 22:29 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\BrowserCompanion
2014-07-31 01:24 - 2013-02-18 19:38 - 00000924 _____ () C:\windows\Tasks\GinyasBrowserCompanion Update Checker.job
2014-07-31 01:20 - 2013-02-18 19:37 - 00001040 _____ () C:\windows\Tasks\GinyasBrowserCompanion Stats Report.job
2014-07-31 01:12 - 2011-12-15 00:12 - 01624075 _____ () C:\windows\WindowsUpdate.log
2014-07-31 01:11 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-31 01:11 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-31 01:05 - 2012-04-15 14:17 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-31 01:05 - 2012-02-23 21:11 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000UA.job
2014-07-31 01:04 - 2013-02-18 19:37 - 00000992 _____ () C:\windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
2014-07-31 01:04 - 2013-02-18 19:37 - 00000992 _____ () C:\windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
2014-07-31 01:04 - 2013-02-03 13:59 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-31 01:04 - 2013-01-26 16:40 - 00000936 _____ () C:\windows\Tasks\GinyasBrowserCompanions Update Checker.job
2014-07-31 01:04 - 2013-01-26 16:39 - 00001004 _____ () C:\windows\Tasks\GinyasBrowserCompanions FireFox Watcher.job
2014-07-31 01:04 - 2013-01-26 16:39 - 00001004 _____ () C:\windows\Tasks\GinyasBrowserCompanions Chrome Watcher.job
2014-07-31 01:03 - 2013-12-10 18:14 - 00001649 _____ () C:\windows\setupact.log
2014-07-31 01:03 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-31 01:03 - 2009-07-14 06:33 - 00289664 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-31 01:01 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-07-31 01:00 - 2013-12-10 18:13 - 00024444 _____ () C:\windows\PFRO.log
2014-07-31 00:51 - 2009-07-27 12:11 - 01674742 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-31 00:44 - 2014-07-31 00:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-31 00:32 - 2013-08-24 00:26 - 00000000 ____D () C:\windows\system32\MRT
2014-07-31 00:19 - 2014-07-31 00:19 - 00380416 _____ () C:\Users\Andrea\Downloads\Gmer-19357.exe
2014-07-31 00:02 - 2013-02-03 13:59 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-30 23:26 - 2012-02-01 19:38 - 00001414 _____ () C:\Users\Andrea\Desktop\Registry kostenlos entrümpeln!.lnk
2014-07-30 23:26 - 2012-01-26 00:26 - 00000274 _____ () C:\windows\Tasks\RegClean Pro_UPDATES.job
2014-07-30 23:21 - 2012-03-30 18:21 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Facebook
2014-07-30 23:18 - 2014-07-30 23:18 - 00104960 _____ (GMER) C:\uwdiqpob.sys
2014-07-30 23:15 - 2011-04-02 04:40 - 00000000 ____D () C:\Program Files\Intel
2014-07-30 22:50 - 2013-07-11 16:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-30 22:45 - 2011-04-02 04:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-07-30 22:41 - 2011-04-02 04:48 - 00000000 ____D () C:\Program Files\Asus
2014-07-30 22:41 - 2011-04-02 04:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-30 22:36 - 2011-04-02 04:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park
2014-07-30 22:32 - 2012-04-25 20:31 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Services
2014-07-30 22:29 - 2011-04-02 04:51 - 00000000 ____D () C:\Program Files\Adobe
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieUserList
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieSiteList
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Avg2013
2014-07-30 22:24 - 2011-12-14 09:46 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-30 22:13 - 2014-07-30 22:13 - 00566960 _____ () C:\Users\Andrea\Downloads\setup.exe
2014-07-30 20:20 - 2014-07-30 20:19 - 01084928 _____ (Farbar) C:\Users\Andrea\Downloads\FRST.exe
2014-07-27 18:34 - 2014-07-27 18:34 - 00095968 _____ () C:\Users\Andrea\Desktop\Malewarebytes log 1. scan.7z
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-27 17:45 - 2014-07-27 17:45 - 01110476 _____ () C:\Users\Andrea\Downloads\7z920.exe
2014-07-27 17:43 - 2013-01-03 17:30 - 00000000 ____D () C:\Users\Andrea\AppData\Local\AVG Secure Search
2014-07-27 16:34 - 2013-01-06 21:18 - 00000000 ____D () C:\Facade
2014-07-27 15:05 - 2012-02-23 21:11 - 00001072 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000Core.job
2014-07-27 15:02 - 2012-01-26 00:26 - 00000266 _____ () C:\windows\Tasks\RegClean Pro_DEFAULT.job
2014-07-27 14:55 - 2013-01-03 17:19 - 00000000 ____D () C:\ProgramData\AVG2013
2014-07-27 14:55 - 2012-08-31 10:21 - 00000000 ___HD () C:\$AVG
2014-07-27 14:06 - 2012-04-15 14:17 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-07-27 14:06 - 2011-12-14 10:04 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-27 13:58 - 2014-07-27 13:58 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 13:57 - 2014-07-27 13:57 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-27 13:55 - 2014-07-27 13:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Andrea\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-27 13:29 - 2013-12-15 15:09 - 00018872 _____ () C:\windows\IE11_main.log
2014-07-27 13:13 - 2014-07-27 13:13 - 02179072 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01964544 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-27 13:13 - 2014-07-27 13:13 - 01791488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01139200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-07-27 13:13 - 2014-07-27 13:13 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-07-27 13:13 - 2014-07-27 13:13 - 00240824 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-07-27 13:13 - 2014-07-27 13:13 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 17276416 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 11742208 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-27 13:12 - 2014-07-27 13:12 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-26 15:16 - 2013-02-03 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-26 15:06 - 2014-07-26 15:06 - 00000000 _____ () C:\windows\system32\shoCBC7.tmp
2014-07-26 15:01 - 2014-07-26 15:01 - 00000000 ____D () C:\windows\pss
2014-07-26 14:38 - 2011-12-14 09:17 - 00000000 ____D () C:\Users\Andrea
2014-07-26 14:34 - 2012-01-26 00:33 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Google
2014-07-26 14:32 - 2011-12-27 23:16 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\DVDVideoSoft
2014-07-26 14:28 - 2014-07-26 14:28 - 06010880 _____ () C:\Program Files\GUTC64B.tmp
2014-07-26 14:28 - 2014-07-26 14:28 - 00000000 ____D () C:\Program Files\GUMC63B.tmp
2014-07-26 14:28 - 2011-12-25 00:13 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Skype
2014-07-26 14:23 - 2013-01-03 17:30 - 00042784 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys
2014-07-26 14:23 - 2013-01-03 17:30 - 00000000 ____D () C:\Program Files\AVG Secure Search

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-20 19:33

==================== End Of Log ============================
--- --- ---

cosinus 31.07.2014 08:15
Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Andyleinchen 31.07.2014 19:08
adw cleaner:

Code:
# AdwCleaner v3.302 - Bericht erstellt am 31/07/2014 um 15:04:40
# Aktualisiert 30/07/2014 von Xplode
# Betriebssystem : Windows 7 Starter Service Pack 1 (32 bits)
# Benutzername : Andrea - ANDREA-PC
# Gestartet von : C:\Users\Andrea\Downloads\adwcleaner_3.302.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : IBUpdaterService
Dienst Gelöscht : vToolbarUpdater18.1.7
Dienst Gelöscht : Web Assistant Updater

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\GinyasBrowserCompanion
Ordner Gelöscht : C:\ProgramData\GinyasBrowserCompanions
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files\BabylonToolbar
Ordner Gelöscht : C:\Program Files\BetterAds
Ordner Gelöscht : C:\Program Files\BrowserCompanion
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\DVDVideoSoftTB
Ordner Gelöscht : C:\Program Files\GinyasBrowserCompanions
Ordner Gelöscht : C:\Program Files\I Want This
Ordner Gelöscht : C:\Program Files\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files\incredibar.com
Ordner Gelöscht : C:\Program Files\Perion
Ordner Gelöscht : C:\Program Files\Searchqu Toolbar
Ordner Gelöscht : C:\Program Files\Softonic
Ordner Gelöscht : C:\Program Files\Web Assistant
Ordner Gelöscht : C:\Program Files\Yontoo
Ordner Gelöscht : C:\Program Files\Common Files\AVG Secure Search
Ordner Gelöscht : C:\windows\system32\ARFC
Ordner Gelöscht : C:\windows\system32\jmdp
Ordner Gelöscht : C:\windows\system32\WNLT
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\I Want This
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\MediaBA
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\incredibar.com
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\Searchqutoolbar
Ordner Gelöscht : C:\Users\Andrea\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Andrea\AppData\Roaming\Babylon
[!] Ordner Gelöscht : C:\Users\Andrea\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\Andrea\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Andrea\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Andrea\Music\Documents\PCSpeedUp
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\cacclhdpfoingihegojhoipnihfnoaki
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
Ordner Gelöscht : C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Datei Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Datei Gelöscht : C:\windows\system32\dmwu.exe
Datei Gelöscht : C:\windows\system32\ImhxxpComm.dll
Datei Gelöscht : C:\windows\system32\roboot.exe
Datei Gelöscht : C:\Users\Andrea\AppData\LocalLow\SkwConfig.bin
Datei Gelöscht : C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\Babylon.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : GinyasBrowserCompanion Chrome Watcher
Task Gelöscht : GinyasBrowserCompanion FireFox Watcher
Task Gelöscht : GinyasBrowserCompanion Runner
Task Gelöscht : GinyasBrowserCompanion Stats Report
Task Gelöscht : GinyasBrowserCompanion Update Checker
Task Gelöscht : GinyasBrowserCompanions Chrome Watcher
Task Gelöscht : GinyasBrowserCompanions FireFox Watcher
Task Gelöscht : GinyasBrowserCompanions Stats Report
Task Gelöscht : GinyasBrowserCompanions Update Checker

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\cacclhdpfoingihegojhoipnihfnoaki
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\b
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BetterAds.ScriptHostObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BetterAds.ScriptHostObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DnsBHO.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\DnsBHO.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\I
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\dmwu_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\dmwu_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DVDVideoSoftTBToolbarHelper_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0002258.FBApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0002258.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_f-e-a-r-2-project-origin_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_f-e-a-r-2-project-origin_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_forget-me-not-annie_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_forget-me-not-annie_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photo-booth-fur-windows-7_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photo-booth-fur-windows-7_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_scp-087-b_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_scp-087-b_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9173F089-1A84-4023-B972-55A6EE7103B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA56787C-729F-4715-8F11-EB2A16908B91}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011221158}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022222258}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033223358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13A9E13B-139B-48D1-B698-9C3DFF726345}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA56787C-729F-4715-8F11-EB2A16908B91}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA56787C-729F-4715-8F11-EB2A16908B91}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA56787C-729F-4715-8F11-EB2A16908B91}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7176D1CD-2B68-4ADB-9EB5-7DA79194ECA1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{599394D1-8363-46A7-87EA-DE3818B9257D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Blabbers     
Schlüssel Gelöscht : HKCU\Software\BrowserCompanion
Schlüssel Gelöscht : HKCU\Software\Ciuvo
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\incredibar.com
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SweetIM
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\WNLT
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\I Want This
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKLM\Software\GinyasBrowserCompanion
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\incredibar.com
Schlüssel Gelöscht : HKLM\Software\SearchquMediabarTb
Schlüssel Gelöscht : HKLM\Software\simplitec
Schlüssel Gelöscht : HKLM\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\Tarma Installer
Schlüssel Gelöscht : HKLM\Software\Web Assistant
Schlüssel Gelöscht : HKLM\Software\WNLT
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GinyasBrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\499E8534DA7E759419D2048CB780D3D5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5DCE3C04E576AD15F972B67D0725120C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\930D9472A978D7A4EB16BF4DECB173B7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AEB93799E8B47D14CA356E4343D632A4

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17207

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\ybwtr2ec.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=341&systemid=406&sr=0&q={searchTerms}
Gelöscht [Search Provider] : hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
Gelöscht [Search Provider] : hxxp://isearch.avg.com/search?cid={7FFBF5DA-D170-40D3-91A7-55FD28DB7790}&mid=937d7987183b47d19f81854de0cd51c8-a1eab306f4f7adae3faf3915e98e941f41c4ab04&lang=de&ds=AVG&pr=pr&d=2013-01-03 16:30:22&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
Gelöscht [Homepage] : hxxp://search.babylon.com/?AF=109867&babsrc=HP_ss&mntrId=b2e820680000000000005404a629b83b
Gelöscht [Extension] : bodddioamolcibagionmmobehnbhiakf
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gelöscht [Extension] : cacclhdpfoingihegojhoipnihfnoaki
Gelöscht [Extension] : jifflliplgeajjdhmkcfnngfpgbjonjg
Gelöscht [Extension] : mpfapcdfbbledbojijcbcclmlieaoogk
Gelöscht [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

AdwCleaner[R0].txt - [47875 octets] - [31/07/2014 14:50:28]
AdwCleaner[R1].txt - [47574 octets] - [31/07/2014 14:59:33]
AdwCleaner[S0].txt - [46078 octets] - [31/07/2014 15:04:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [46139 octets] ##########
JRT:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Starter x86
Ran by Andrea on 31.07.2014 at 19:23:50,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3601385101-2140175397-1978509390-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440044224458}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440044224458}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{23BE01D0-C186-4456-A856-F33472C1EF2D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{48E9923A-16C4-410A-9D2B-97CA7A6E9743}



~~~ Files

Successfully deleted: [File] "C:\Users\Andrea\appdata\locallow\SkwConfig.bin"
Successfully deleted: [File] C:\windows\system32\sho16EB.tmp
Successfully deleted: [File] C:\windows\system32\sho48F3.tmp
Successfully deleted: [File] C:\windows\system32\sho4927.tmp
Successfully deleted: [File] C:\windows\system32\sho842D.tmp
Successfully deleted: [File] C:\windows\system32\sho9BA5.tmp
Successfully deleted: [File] C:\windows\system32\shoAB52.tmp
Successfully deleted: [File] C:\windows\system32\shoB23F.tmp
Successfully deleted: [File] C:\windows\system32\shoB28D.tmp
Successfully deleted: [File] C:\windows\system32\shoBD98.tmp
Successfully deleted: [File] C:\windows\system32\shoCBC7.tmp
Successfully deleted: [File] C:\windows\system32\shoD01B.tmp
Successfully deleted: [File] C:\windows\system32\shoF1FE.tmp



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\simplitec"
Successfully deleted: [Folder] "C:\Users\Andrea\AppData\Roaming\simplitec"
Successfully deleted: [Folder] "C:\Program Files\simplitec"



~~~ FireFox

Successfully deleted: [File] C:\user.js



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.07.2014 at 19:32:06,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-07-2014
Ran by Andrea (administrator) on ANDREA-PC on 31-07-2014 19:59:50
Running from C:\Users\Andrea\Desktop
Platform: Microsoft Windows 7 Starter  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Stardock Corporation) C:\Program Files\Stardock\MyColors\VistaSrv.exe
() C:\Program Files\Stardock\MyColors\WBVista.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Boingo Wireless, Inc.) C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3601385101-2140175397-1978509390-1000\...\MountPoints2: {9bba8ab2-87ee-11e2-8299-5404a629b83b} - E:\Startme.exe
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk
ShortcutTarget: IconPackager.lnk -> C:\Program Files\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IconPackager.lnk
ShortcutTarget: IconPackager.lnk -> C:\Program Files\Stardock\MyColors\IconPackager.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://eeepc.asus.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://eeepc.asus.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKCU - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Andrea\AppData\Roaming\Mozilla\Firefox\Profiles\ybwtr2ec.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_32 - C:\windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-31]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: t-online-shop.de
CHR DefaultNewTabURL:
CHR Extension: (Google Wallet) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-03]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-31]
CHR StartMenuInternet: Google Chrome - C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-31] (AVAST Software)
R2 WindowBlinds; C:\Program Files\Stardock\MyColors\VistaSrv.exe [230704 2009-06-09] (Stardock Corporation)
S2 AsusService; C:\windows\system32\AsusService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] ()
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] ()
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-07-31] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [67824 2014-07-31] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-07-31] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-07-31] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [779536 2014-07-31] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [414520 2014-07-31] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [71944 2014-07-31] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [192352 2014-07-31] ()
R1 avgtp; C:\windows\system32\drivers\avgtpx86.sys [42784 2014-07-26] (AVG Technologies)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [102912 2010-07-21] (ELAN Microelectronic Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] ( )
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-27] (Malwarebytes Corporation)
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; \SystemRoot\system32\drivers\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; \SystemRoot\system32\drivers\btwrchid.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2030-01-02 09:28 - 2010-11-20 14:40 - 00383786 __RSH () C:\bootmgr
2014-07-31 19:59 - 2014-07-31 20:02 - 00011847 _____ () C:\Users\Andrea\Desktop\FRST.txt
2014-07-31 19:42 - 2014-07-31 19:42 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\AVAST Software
2014-07-31 19:41 - 2014-07-31 19:41 - 00002123 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-31 19:41 - 2014-07-31 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-31 19:40 - 2014-07-31 19:40 - 00779536 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00414520 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00276432 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-07-31 19:40 - 2014-07-31 19:40 - 00192352 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00071944 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-31 19:40 - 2014-07-31 19:40 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-07-31 19:39 - 2014-07-31 19:39 - 03453210 _____ () C:\Users\Andrea\Downloads\avg_remover4116.zip
2014-07-31 19:38 - 2014-07-31 19:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-31 19:34 - 2014-07-31 19:38 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-31 19:32 - 2014-07-31 19:32 - 00002484 _____ () C:\Users\Andrea\Desktop\JRT.txt
2014-07-31 19:23 - 2014-07-31 19:23 - 00000000 ____D () C:\windows\ERUNT
2014-07-31 19:20 - 2014-07-31 19:21 - 01016261 _____ (Thisisu) C:\Users\Andrea\Downloads\JRT.exe
2014-07-31 15:09 - 2014-07-31 15:12 - 91906368 _____ (AVAST Software) C:\Users\Andrea\Downloads\avast_free_antivirus_setup_9.0.2021 (1).exe
2014-07-31 15:09 - 2014-07-31 15:10 - 32047680 _____ () C:\Users\Andrea\Downloads\Firefox_Setup_de31.0 (1).exe
2014-07-31 15:01 - 2014-07-31 15:04 - 91906368 _____ (AVAST Software) C:\Users\Andrea\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-07-31 14:56 - 2014-07-31 14:56 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-31 14:56 - 2014-07-31 14:56 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-31 14:56 - 2014-07-31 14:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-31 14:53 - 2014-07-31 14:54 - 32047680 _____ () C:\Users\Andrea\Downloads\Firefox_Setup_de31.0.exe
2014-07-31 14:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\system32\sqlite3.dll
2014-07-31 14:49 - 2014-07-31 15:05 - 00000000 ____D () C:\AdwCleaner
2014-07-31 14:48 - 2014-07-31 14:48 - 01361309 _____ () C:\Users\Andrea\Downloads\adwcleaner_3.302.exe
2014-07-31 01:48 - 2014-07-31 01:49 - 00042218 _____ () C:\Users\Andrea\Downloads\Addition.txt
2014-07-31 01:45 - 2014-07-31 01:49 - 00052522 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-07-31 01:40 - 2014-07-31 01:40 - 00030373 _____ () C:\Users\Andrea\Desktop\gmer log.log
2014-07-31 00:44 - 2014-07-31 00:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-31 00:19 - 2014-07-31 00:19 - 00380416 _____ () C:\Users\Andrea\Downloads\Gmer-19357.exe
2014-07-30 23:18 - 2014-07-30 23:18 - 00104960 _____ (GMER) C:\uwdiqpob.sys
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieUserList
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieSiteList
2014-07-30 22:13 - 2014-07-30 22:13 - 00566960 _____ () C:\Users\Andrea\Downloads\setup.exe
2014-07-30 20:21 - 2014-07-31 20:00 - 00000000 ____D () C:\FRST
2014-07-30 20:19 - 2014-07-30 20:20 - 01084928 _____ (Farbar) C:\Users\Andrea\Desktop\FRST.exe
2014-07-27 18:34 - 2014-07-27 18:34 - 00095968 _____ () C:\Users\Andrea\Desktop\Malewarebytes log 1. scan.7z
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-27 17:45 - 2014-07-27 17:45 - 01110476 _____ () C:\Users\Andrea\Downloads\7z920.exe
2014-07-27 15:11 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-07-27 14:52 - 2014-06-19 01:16 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-27 14:52 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-07-27 14:43 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-07-27 14:43 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-07-27 14:43 - 2014-01-01 01:05 - 00420008 _____ () C:\windows\system32\locale.nls
2014-07-27 14:42 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-07-27 14:42 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-07-27 14:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-07-27 14:42 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-07-27 14:42 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2014-07-27 14:42 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-07-27 14:42 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2014-07-27 14:42 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2014-07-27 14:42 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2014-07-27 14:41 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-27 14:41 - 2014-06-18 02:52 - 02350080 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-27 14:41 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-07-27 14:41 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-07-27 14:41 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-07-27 14:41 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-07-27 14:41 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-07-27 14:41 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-07-27 14:41 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2014-07-27 14:41 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-07-27 14:41 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2014-07-27 14:41 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2014-07-27 14:39 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-27 14:38 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-27 13:58 - 2014-07-27 13:58 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 13:57 - 2014-07-27 13:57 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-27 13:57 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-27 13:57 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-27 13:57 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-27 13:54 - 2014-07-27 13:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Andrea\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-27 13:50 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 02179072 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01964544 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-27 13:13 - 2014-07-27 13:13 - 01791488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01139200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-07-27 13:13 - 2014-07-27 13:13 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-07-27 13:13 - 2014-07-27 13:13 - 00240824 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-07-27 13:13 - 2014-07-27 13:13 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 17276416 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 11742208 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-27 13:12 - 2014-07-27 13:12 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-27 13:08 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-07-27 13:08 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-07-27 13:07 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-07-27 13:07 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2014-07-27 13:07 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2014-07-27 13:07 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-07-26 15:13 - 2014-06-05 16:26 - 01059840 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-26 15:13 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2014-07-26 15:13 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2014-07-26 15:13 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2014-07-26 15:13 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2014-07-26 15:13 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2014-07-26 15:13 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2014-07-26 15:13 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-07-26 15:13 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-07-26 15:13 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-07-26 15:13 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-07-26 15:13 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-07-26 15:13 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-07-26 15:13 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-07-26 15:13 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-07-26 15:13 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-07-26 15:01 - 2014-07-26 15:01 - 00000000 ____D () C:\windows\pss
2014-07-26 14:28 - 2014-07-26 14:28 - 06010880 _____ () C:\Program Files\GUTC64B.tmp
2014-07-26 14:28 - 2014-07-26 14:28 - 00000000 ____D () C:\Program Files\GUMC63B.tmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2030-01-02 09:28 - 2009-07-14 06:57 - 00029696 ___SH () C:\windows\system32\config\BCD-Template.LOG
2030-01-02 09:28 - 2009-07-14 06:52 - 00032768 _____ () C:\windows\system32\config\BCD-Template
2014-07-31 20:02 - 2014-07-31 19:59 - 00011847 _____ () C:\Users\Andrea\Desktop\FRST.txt
2014-07-31 20:02 - 2013-02-03 13:59 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-31 20:00 - 2014-07-30 20:21 - 00000000 ____D () C:\FRST
2014-07-31 19:57 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-31 19:57 - 2009-07-14 06:34 - 00009696 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-31 19:56 - 2011-12-15 00:12 - 01698591 _____ () C:\windows\WindowsUpdate.log
2014-07-31 19:51 - 2013-02-03 13:59 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-31 19:49 - 2013-12-10 18:14 - 00002041 _____ () C:\windows\setupact.log
2014-07-31 19:49 - 2013-12-10 18:13 - 00025510 _____ () C:\windows\PFRO.log
2014-07-31 19:49 - 2009-07-14 06:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-31 19:42 - 2014-07-31 19:42 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\AVAST Software
2014-07-31 19:41 - 2014-07-31 19:41 - 00002123 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-31 19:41 - 2014-07-31 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-31 19:40 - 2014-07-31 19:40 - 00779536 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00414520 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00276432 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-07-31 19:40 - 2014-07-31 19:40 - 00192352 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00081768 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00071944 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00067824 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00049944 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-07-31 19:40 - 2014-07-31 19:40 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-31 19:40 - 2014-07-31 19:40 - 00024184 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-07-31 19:39 - 2014-07-31 19:39 - 03453210 _____ () C:\Users\Andrea\Downloads\avg_remover4116.zip
2014-07-31 19:38 - 2014-07-31 19:38 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-31 19:38 - 2014-07-31 19:34 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-31 19:32 - 2014-07-31 19:32 - 00002484 _____ () C:\Users\Andrea\Desktop\JRT.txt
2014-07-31 19:23 - 2014-07-31 19:23 - 00000000 ____D () C:\windows\ERUNT
2014-07-31 19:21 - 2014-07-31 19:20 - 01016261 _____ (Thisisu) C:\Users\Andrea\Downloads\JRT.exe
2014-07-31 15:12 - 2014-07-31 15:09 - 91906368 _____ (AVAST Software) C:\Users\Andrea\Downloads\avast_free_antivirus_setup_9.0.2021 (1).exe
2014-07-31 15:10 - 2014-07-31 15:09 - 32047680 _____ () C:\Users\Andrea\Downloads\Firefox_Setup_de31.0 (1).exe
2014-07-31 15:05 - 2014-07-31 14:49 - 00000000 ____D () C:\AdwCleaner
2014-07-31 15:05 - 2012-04-15 14:17 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-31 15:05 - 2012-02-23 21:11 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000UA.job
2014-07-31 15:05 - 2012-02-23 21:11 - 00001072 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000Core.job
2014-07-31 15:04 - 2014-07-31 15:01 - 91906368 _____ (AVAST Software) C:\Users\Andrea\Downloads\avast_free_antivirus_setup_9.0.2021.exe
2014-07-31 15:04 - 2011-12-29 05:06 - 00000000 ____D () C:\ProgramData\ICQ
2014-07-31 14:57 - 2011-12-14 09:55 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Mozilla
2014-07-31 14:56 - 2014-07-31 14:56 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-31 14:56 - 2014-07-31 14:56 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-31 14:56 - 2014-07-31 14:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-31 14:55 - 2013-07-11 16:10 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-31 14:54 - 2014-07-31 14:53 - 32047680 _____ () C:\Users\Andrea\Downloads\Firefox_Setup_de31.0.exe
2014-07-31 14:48 - 2014-07-31 14:48 - 01361309 _____ () C:\Users\Andrea\Downloads\adwcleaner_3.302.exe
2014-07-31 14:43 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\NDF
2014-07-31 14:34 - 2011-12-25 00:13 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\Skype
2014-07-31 01:49 - 2014-07-31 01:48 - 00042218 _____ () C:\Users\Andrea\Downloads\Addition.txt
2014-07-31 01:49 - 2014-07-31 01:45 - 00052522 _____ () C:\Users\Andrea\Downloads\FRST.txt
2014-07-31 01:40 - 2014-07-31 01:40 - 00030373 _____ () C:\Users\Andrea\Desktop\gmer log.log
2014-07-31 01:37 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\Microsoft.NET
2014-07-31 01:03 - 2009-07-14 06:33 - 00289664 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-31 01:01 - 2009-07-14 04:37 - 00000000 ____D () C:\windows\system32\de-DE
2014-07-31 00:51 - 2009-07-27 12:11 - 01674742 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-31 00:44 - 2014-07-31 00:44 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-07-31 00:32 - 2013-08-24 00:26 - 00000000 ____D () C:\windows\system32\MRT
2014-07-31 00:19 - 2014-07-31 00:19 - 00380416 _____ () C:\Users\Andrea\Downloads\Gmer-19357.exe
2014-07-30 23:21 - 2012-03-30 18:21 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Facebook
2014-07-30 23:18 - 2014-07-30 23:18 - 00104960 _____ (GMER) C:\uwdiqpob.sys
2014-07-30 23:15 - 2011-04-02 04:40 - 00000000 ____D () C:\Program Files\Intel
2014-07-30 22:45 - 2011-04-02 04:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-07-30 22:41 - 2011-04-02 04:48 - 00000000 ____D () C:\Program Files\Asus
2014-07-30 22:41 - 2011-04-02 04:41 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-30 22:36 - 2011-04-02 04:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Park
2014-07-30 22:32 - 2012-04-25 20:31 - 00000000 ____D () C:\Program Files\Common Files\MAGIX Services
2014-07-30 22:29 - 2011-04-02 04:51 - 00000000 ____D () C:\Program Files\Adobe
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieUserList
2014-07-30 22:24 - 2014-07-30 22:24 - 00000000 __SHD () C:\Users\Andrea\AppData\Local\EmieSiteList
2014-07-30 22:13 - 2014-07-30 22:13 - 00566960 _____ () C:\Users\Andrea\Downloads\setup.exe
2014-07-30 20:20 - 2014-07-30 20:19 - 01084928 _____ (Farbar) C:\Users\Andrea\Desktop\FRST.exe
2014-07-27 18:34 - 2014-07-27 18:34 - 00095968 _____ () C:\Users\Andrea\Desktop\Malewarebytes log 1. scan.7z
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-27 17:46 - 2014-07-27 17:46 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-27 17:45 - 2014-07-27 17:45 - 01110476 _____ () C:\Users\Andrea\Downloads\7z920.exe
2014-07-27 16:34 - 2013-01-06 21:18 - 00000000 ____D () C:\Facade
2014-07-27 14:06 - 2012-04-15 14:17 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2014-07-27 14:06 - 2011-12-14 10:04 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2014-07-27 13:58 - 2014-07-27 13:58 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 13:57 - 2014-07-27 13:57 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-27 13:57 - 2014-07-27 13:57 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-27 13:55 - 2014-07-27 13:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Andrea\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-27 13:29 - 2013-12-15 15:09 - 00018872 _____ () C:\windows\IE11_main.log
2014-07-27 13:13 - 2014-07-27 13:13 - 02179072 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01964544 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-27 13:13 - 2014-07-27 13:13 - 01791488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01139200 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 01068032 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2014-07-27 13:13 - 2014-07-27 13:13 - 00595968 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00367616 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2014-07-27 13:13 - 2014-07-27 13:13 - 00240824 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2014-07-27 13:13 - 2014-07-27 13:13 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2014-07-27 13:13 - 2014-07-27 13:13 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-27 13:13 - 2014-07-27 13:13 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 17276416 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 11742208 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 04254720 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-27 13:12 - 2014-07-27 13:12 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00592896 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2014-07-27 13:12 - 2014-07-27 13:12 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-07-27 13:12 - 2014-07-27 13:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-26 15:16 - 2013-02-03 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-26 15:01 - 2014-07-26 15:01 - 00000000 ____D () C:\windows\pss
2014-07-26 14:38 - 2011-12-14 09:17 - 00000000 ____D () C:\Users\Andrea
2014-07-26 14:34 - 2012-01-26 00:33 - 00000000 ____D () C:\Users\Andrea\AppData\Local\Google
2014-07-26 14:32 - 2011-12-27 23:16 - 00000000 ____D () C:\Users\Andrea\AppData\Roaming\DVDVideoSoft
2014-07-26 14:28 - 2014-07-26 14:28 - 06010880 _____ () C:\Program Files\GUTC64B.tmp
2014-07-26 14:28 - 2014-07-26 14:28 - 00000000 ____D () C:\Program Files\GUMC63B.tmp
2014-07-26 14:23 - 2013-01-03 17:30 - 00042784 _____ (AVG Technologies) C:\windows\system32\Drivers\avgtpx86.sys

Some content of TEMP:
====================
C:\Users\Andrea\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-10-20 19:33

==================== End Of Log ============================
--- --- ---

--- --- ---

Andyleinchen 31.07.2014 20:07
Hier die letzte Logdatei und vielen Dank für die bisherige Hilfe!

addition:

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-07-2014
Ran by Andrea at 2014-07-31 20:03:29
Running from C:\Users\Andrea\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.06.02 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Client Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.35 - Atheros Communications Inc.)
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)
BetterAds (HKLM\...\BetterAds) (Version: 1.5 - BetterAds.org)
Boingo Wi-Fi (HKLM\...\{84C2B80B-64A2-4B22-93EC-F30C3D6BF7D8}) (Version: 1.7.0048 - Boingo Wireless, Inc.)
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.7 - AsusTek Computer)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Chicken Invaders 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.3.0 - AzureWave)
Eee Docking 3.8.3 (HKLM\...\Eee Docking_is1) (Version: 3.8.3 - ASUSTek Computer Inc.)
EeeSplendid (HKLM\...\{6333FC29-BFE5-4024-AC78-958A1A7555D1}) (Version: 5.1.2.0011 - ASUS)
EeeSplendid (Version: 5.1.2.0011 - ASUS) Hidden
ETDWare PS/2-x86 7.0.5.13_WHQL (HKLM\...\Elantech) (Version: 7.0.5.13 - ELAN Microelectronics Corp.)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
InstantOn (HKLM\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 1.0.2 - ASUS)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.14.10.2117 - Intel Corporation)
Java Auto Updater (Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 32 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LocaleMe (HKLM\...\{F58C1D44-4AC9-48E8-9049-7A6CDFCB415C}) (Version: 1.3 - ASUS)
LogonStudio (HKLM\...\{5C46518A-F797-4973-A257-F3F60F2FC61E}) (Version: 1.51.12 - Stardock)
MAGIX Foto Manager MX (HKLM\...\MAGIX_{30D2BC25-D905-48FE-AA2C-98E11AC3A081}) (Version: 9.0.1.238 - MAGIX AG)
MAGIX Foto Manager MX (Version: 9.0.1.238 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM\...\MAGIX_{6662A179-33A4-407D-B57D-736E6BF765B1}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OpenOffice 4.0.0 (HKLM\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
Raccolta foto (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.1.0 - Ralink)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0159 - REALTEK Semiconductor Corp.)
simplitec simplicheck (HKLM\...\{B73AFF76-53AD-464D-93D5-5A4E6CAAB893}) (Version: 1.2.3.0 - simplitec GmbH)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Stardock MyColors (HKLM\...\Stardock MyColors) (Version: 2.7 - Stardock Corporation)
Stardock MyColors (Version: 2.7 - Stardock Corporation) Hidden
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.17 - AsusTek Computer)
Times Reader (HKLM\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
Times Reader (Version: 2.055 - The New York Times Company) Hidden
Windows Driver Package - Broadcom Bluetooth  (07/17/2009 6.2.0.9403) (HKLM\...\B41C7C96D83162A676DA7365ADEFD6C1AF62A4EE) (Version: 07/17/2009 6.2.0.9403 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/29/2009 6.1.7100.0) (HKLM\...\B5C82F3814F82FB37F1513B3185399BD88892B08) (Version: 07/29/2009 6.1.7100.0 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Xvid MPEG-4 Video Codec (HKLM\...\Xvid_is1) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{30A2652A-DDF7-45e7-ACA6-3EAB26FC8A4E}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{41662FC2-0D57-4aff-AB27-AD2E12E7C273}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{448BB771-CFE2-47C4-BCDF-1FBF378E202C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Chrome\Application\36.0.1985.125\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{7B342DC4-139A-4a46-8A93-DB0827CCEE9C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\ooofilt.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{7FA8AE11-B3E3-4D88-AABF-255526CD1CE8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{82154420-0FBF-11d4-8313-005004526AB4}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\propertyhdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files\OpenOffice 4\program\shlxthdl\shlxthdl.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{D0484DE6-AAEE-468a-991F-8D4B0737B57A}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{D2D59CD1-0A6A-4D36-AE20-47817077D57C}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{E5A0B632-DFBA-4549-9346-E414DA06E6F8}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{EE5D1EA4-D445-4289-B2FC-55FC93693917}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{F616B81F-7BB8-4F22-B8A5-47428D59F8AD}\localserver32 -> C:\Program Files\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\FileSyncApi.dll No File
CustomCLSID: HKU\S-1-5-21-3601385101-2140175397-1978509390-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Andrea\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File

==================== Restore Points  =========================

27-07-2014 11:46:07 Windows Update
27-07-2014 12:52:12 Removed AVG 2013
27-07-2014 12:55:40 Removed AVG 2013
27-07-2014 14:30:47 Removed Façade
30-07-2014 19:04:07 Windows Update
30-07-2014 20:28:43 Removed Acrobat.com
30-07-2014 20:30:38 Removed Facebook Video Calling 2.0.0.447
30-07-2014 20:31:14 Removed Firebird SQL Server - MAGIX Edition
30-07-2014 20:33:39 Removed FontResizer
30-07-2014 20:37:01 ICQ Sparberater wird entfernt
30-07-2014 20:40:48 Removed Hotkey Service
30-07-2014 20:44:01 Removed LiveUpdate.
30-07-2014 20:46:33 Removed Microsoft Silverlight
30-07-2014 20:47:56 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
30-07-2014 22:25:36 Windows Update
31-07-2014 17:36:48 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {279B68EC-7C77-4746-B43C-53E129272508} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-31] (AVAST Software)
Task: {3AC26CE1-FAAC-4CA4-933F-1A4A7BEE3F57} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000Core => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-23] (Google Inc.)
Task: {4176131F-21E9-4835-B31E-A3719243C43B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: {507AD962-93DB-462D-A8C9-5254E20ECD6C} - System32\Tasks\{45369E78-DC3E-4556-B91B-58151EF25307} => Chrome.exe
Task: {53F1A6DF-F93D-45DE-9788-669A9F527A41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {61BE41AD-E80E-44B2-B32A-7360FAC33257} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-03] (Google Inc.)
Task: {7C003877-A4F8-4271-B3E5-10894BD34BA7} - System32\Tasks\{B3F1EFB7-0F6B-4354-95DF-D7EAB1940561} => Chrome.exe
Task: {A2FE6341-29F8-479F-95F1-A8219CE39871} - System32\Tasks\{5D00A04D-C9F6-40BA-96AE-7DC3DCC5C8C1} => Chrome.exe
Task: {AB2122C3-0053-4D6C-BC82-9936493BD5AE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-27] (Adobe Systems Incorporated)
Task: {D0E6D060-655F-40DA-9089-2A8116626CAE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000UA => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-23] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000Core.job => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3601385101-2140175397-1978509390-1000UA.job => C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-06-09 10:56 - 2009-06-09 10:56 - 00099632 _____ () C:\Program Files\Stardock\MyColors\WBVista.exe
2009-06-09 10:55 - 2009-06-09 10:55 - 00057904 _____ () C:\windows\system32\wbload.dll
2014-07-31 19:39 - 2014-07-31 19:39 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-31 19:48 - 2014-07-31 19:48 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14073100\algo.dll
2009-06-09 10:55 - 2009-06-09 10:55 - 00057904 _____ () C:\Windows\System32\wbload.dll
2014-07-31 19:39 - 2014-07-31 19:40 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-27 18:11 - 2014-07-15 11:24 - 08537928 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-27 18:11 - 2014-07-15 11:24 - 00353096 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-27 18:11 - 2014-07-15 11:24 - 01732936 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-30 21:00 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-07-30 21:00 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-07-27 18:11 - 2014-07-15 11:24 - 14664008 _____ () C:\Users\Andrea\AppData\Local\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:AB689DEA

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk => C:\windows\pss\AsusVibeLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Stardock MyColors.lnk => C:\windows\pss\Stardock MyColors.lnk.CommonStartup
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files\AVG\AVG2012\avgtray.exe"
MSCONFIG\startupreg: Eee Docking => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Andrea\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\Andrea\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Guard.Mail.ru.gui => "C:\Program Files\Guard-ICQ\GuardICQ.exe" /gui
MSCONFIG\startupreg: PCSpeedUp => C:\Program Files\PC Beschleunigen\PCSpeedUp.lnk
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/31/2014 07:54:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 36.0.1985.125 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 69c

Startzeit: 01cface856c39b29

Endzeit: 60

Anwendungspfad: C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exe

Berichts-ID: b49faa08-18db-11e4-ac94-5404a629b83b

Error: (07/31/2014 07:36:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary nhefoqbz.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (07/31/2014 07:36:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {9217c1ea-c3bc-4449-ae7c-272b4e430bdc}


System errors:
=============
Error: (07/31/2014 07:49:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (07/31/2014 07:49:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Asus Launcher Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/31/2014 07:45:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (07/31/2014 07:45:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Asus Launcher Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (07/31/2014 07:54:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe36.0.1985.12569c01cface856c39b2960C:\Users\Andrea\AppData\Local\Google\Chrome\Application\chrome.exeb49faa08-18db-11e4-ac94-5404a629b83b

Error: (07/31/2014 07:36:54 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary nhefoqbz.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (07/31/2014 07:36:47 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {9217c1ea-c3bc-4449-ae7c-272b4e430bdc}


==================== Memory info ===========================

Percentage of memory in use: 78%
Total physical RAM: 1014.18 MB
Available physical RAM: 218.41 MB
Total Pagefile: 2038.18 MB
Available Pagefile: 936.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1927.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:68.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:183.07 GB) (Free:182.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: DAC69C79)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=183 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=16 MB) - (Type=EF)

==================== End Of Log ============================
Ich habe nochmals einen Malewarebytes Scan durchgeführt und einige Ergebnisse bekommen, ich werde die Logdatei zusätzlich posten:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 31.07.2014
Scan Time: 20:41:42
Logfile: mwbam 2 scan log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.31.07
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Andrea

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 264615
Time Elapsed: 21 min, 41 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 4
Adware.GamePlayLab, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{11111111-1111-1111-1111-110011221158}, , [25eebbeb39425bdbfa530c68768c8b75],
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, , [7e950c9a314ab68015676b7b29d9619f],
PUP.GamesPlayLab, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mpfapcdfbbledbojijcbcclmlieaoogk, , [f91a881e8af1fc3a942fb84dfd0651af],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [9f74c1e5483371c53dd7ef276d973ec2],

Registry Values: 4
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{336D0C35-8A85-403a-B9D2-65C292C39087}, , [8b88d9cdc8b322142fbcf06ead559070],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{336D0C35-8A85-403A-B9D2-65C292C39087}, C:\Program Files\Web Assistant\Firefox, , [8b88d9cdc8b322142fbcf06ead559070]
PUP.Optional.Incredibar, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}, C:\Program Files\Web Assistant\Firefox, , [1af98323abd0c076176eed2dfd077888]
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, , [9f74c1e5483371c53dd7ef276d973ec2]

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.CrossRider.A, C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0, , [50c3cfd78eed61d5a7888e2730d2837d],

Files: 8
PUP.Optional.OpenCandy, C:\Users\Andrea\Desktop\PhotoScape_V3.6.3.exe, , [cd46297daccf3afc262cc41c788c49b7],
PUP.Optional.Outbrowse, C:\Users\Andrea\Downloads\setup.exe, , [6ea53373651635018baf2779b24ff907],
PUP.FakeFlash.Domaiq, C:\Users\Andrea\Downloads\FlashPlayer_V.143524008c.exe, , [3bd8693dfa81dc5a8ceed31d1de354ac],
PUP.Optional.Incredibar.A, C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage, , [22f154522b50a195453610d66d95619f],
PUP.Optional.CrossRider.A, C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0.localstorage, , [c251f2b4d2a975c1e9797177d82a46ba],
PUP.Optional.Searchqu.A, C:\Users\Andrea\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}, , [5cb7a9fdcbb03ff7bcbbd23de22206fa],
PUP.Optional.CrossRider.A, C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0\3, , [50c3cfd78eed61d5a7888e2730d2837d],
PUP.Optional.CrossRider.A, C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0\4, , [50c3cfd78eed61d5a7888e2730d2837d],

Physical Sectors: 0
(No malicious items detected)


(end)

cosinus 31.07.2014 22:46
Reste. Funde mit MBAM entfernt?

Andyleinchen 31.07.2014 23:06
Nein nur gescannt und nichts in quarantäne verschoben oder entfernt.

cosinus 31.07.2014 23:32
Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Alle Zeitangaben in WEZ +1. Es ist jetzt 18:52 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131