Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   ADWcleaner lässt sich nicht mehr starten. (https://www.trojaner-board.de/156046-adwcleaner-laesst-mehr-starten.html)

Jojobin 03.07.2014 20:15
ADWcleaner lässt sich nicht mehr starten.
 
Ich habe mir auf Ratschlag eines freundes den ADWcleaner heruntergeladen, weil sich ständig nervige Leere Pop-up´s beim Surfen geöffnet haben und mein Browser (nutzte Firefox und Googlechrom, mittlerweile nur noch Chrom) extrem langsam und schwer fällig wurden. Mittlerweile ist es viel besser geworden, doch ich würde mein System (Vista 64bit) gerne regelmäßig mit ADWcleaner überprüfen können. Ich habe schon die Quarantäne in Avira gelöscht weil da ein Eintrag zum ADWcleaner drin war. Auch die Registry Reinigung mit CCleaner hat nichts gebracht. Ich bin wirklich Ratlos und Hoffe das Ihr mir helfen könnt.

Mfg Jojobin

deeprybka 03.07.2014 21:00
Zitat:
Zitat von Jojobin (Beitrag 1325475)
Auch die Registry Reinigung mit CCleaner hat nichts gebracht.
Sowas besser nicht machen!

Schauen wir mal genauer nach...

:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

Jojobin 04.07.2014 12:30
Hallo Jürgen, hier sind die gewünschten LogFiles:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by Maddin at 2014-07-04 13:19:29
Running from C:\Users\Maddin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alice Software 4.9.2 (HKLM-x32\...\Alice Software) (Version: 4.9.2 - HanseNet Telekommunikation GmbH)
Alice-Installationsdateien entfernen (HKLM-x32\...\Alice) (Version:  - )
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-4300-A758B70C0A00}) (Version: 12.10.0.2951 - APN, LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
Corel Home Office 5.0.36 (HKLM-x32\...\{080FE95E-5A89-4A54-BAAA-D769971B7C2D}) (Version: 5 - Corel)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 130.0.406.000 - Hewlett-Packard) Hidden
D-Link DWA-140 (HKLM-x32\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version:  - D-Link)
Energy Settings (HKLM-x32\...\{7613592F-B20C-4E1B-B2DD-67F0784D4373}) (Version: 1.0.7 - Fujitsu Siemens Computers)
F4500 (x32 Version: 130.0.406.000 - Hewlett-Packard) Hidden
Free YouTube Download version 3.2.0.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.0.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.1698.5652 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4500 Printer Driver Software 13.0 Rel .6 (HKLM\...\{7F08A772-2816-4F46-84F1-49578502AD28}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.01.1015 - Logitech Inc.)
Logitech® Camera-Treiber (HKLM-x32\...\QcDrv) (Version:  - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Nero 7 Demo (HKLM-x32\...\{C7E1449D-7638-6832-426D-589655951031}) (Version: 7.00.1466 - Nero AG)
Nero Reloaded PlugIn Pack 2.0.4 by GEAR (HKLM-x32\...\{F3D7915D-6B42-49FA-9FC8-5020479A6A57}) (Version: 2.0.4 - GoldEsel)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.59.37 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 (HKLM-x32\...\{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1) (Version:  - Orban, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5772 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 5.9 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.9.123 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sniper Elite: Zombie Army (HKLM-x32\...\Steam App 235700) (Version:  - Rebellion)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SynWrite version 6.4.760 (HKLM-x32\...\SynWrite_is1) (Version: 6.4.760 - UVViewSoft)
SystemDiagnostics (HKLM-x32\...\{EF59DB7F-7426-426E-B862-7031F83ED304}) (Version: 2.04.0006 - Fujitsu Technology Solutions)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TerraTec Aureon 5.1 Audio Driver (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Tukui Client (HKLM-x32\...\{510CF4AB-E9C8-4F48-BB02-CDC11B880D68}) (Version: 2.2.7 - Tukui)
Tukui Client (HKLM-x32\...\{6517882E-E5E0-40DC-B3B0-A531FF2A06E8}) (Version: 2.4.5 - Tukui)
TuneUp Utilities (HKLM-x32\...\TuneUp Utilities) (Version: 9.0.6030.1 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.6030.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.6030.1 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Vista Demo Screen Saver (HKLM-x32\...\{9605D5C2-F545-40F2-B39A-0462E4CD3811}) (Version: 1.1.5 - Ventuz Technology)
Works Suite-Betriebssystem-Pack (x32 Version: 1.0.0.0000 - Microsoft Corporation) Hidden
WorldofTanks (HKCU\...\WorldofTanks) (Version:  - WorldofTanks)

==================== Restore Points  =========================

23-05-2014 18:17:07 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
23-05-2014 18:18:45 OpenOffice 4.1.0 wird installiert
31-05-2014 17:30:38 Windows Update
04-06-2014 00:15:05 Windows Update
10-06-2014 07:49:10 Windows Update
11-06-2014 17:32:58 Windows Update
17-06-2014 11:32:54 Windows Update
20-06-2014 17:38:26 Windows Update
20-06-2014 18:06:13 Entfernt Tom Clancy's Splinter Cell
22-06-2014 19:25:08 Geplanter Prüfpunkt
24-06-2014 06:10:19 Windows Update
02-07-2014 17:37:26 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03734EA4-6886-4FFF-BDC9-10BDB40D1B41} - System32\Tasks\Google Updater and Installer => C:\Users\Maddin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {0C53DB7C-3292-41C6-BBE2-E09C1AAC656F} - System32\Tasks\WOT WFRI1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {0D60C924-08F7-4AAE-A8C9-72FED50DAF8A} - \Plus-HD-2.2-chromeinstaller No Task File <==== ATTENTION
Task: {133D8A4C-D133-4BB1-BE06-633AFE748C9C} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {1C26A2D5-BD29-4388-B66D-DD6D4A40B7A1} - System32\Tasks\WOT WMON1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {1F6F6465-1B1C-4B6C-BFFA-08B7DB938F46} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {213121A8-BEDD-4D7E-AFAD-04C9767D7779} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {22082927-5B18-4E51-9D24-37C1DC881406} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {36A0BB86-DA41-4B87-B65D-1FF7F4604AE7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {39913DE5-5F6F-4DE9-BD8D-CF1DC0BC674E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {48C17C53-73B2-4132-863F-B783839616A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {4C4EE77B-4F44-4CF1-9882-6653C0FB77D3} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-27] (Google)
Task: {5B8E1D3C-500B-4185-9858-B8AE3B9B1B20} - \Plus-HD-2.2-updater No Task File <==== ATTENTION
Task: {5BB20900-5D7E-4327-904C-767A634A161A} - System32\Tasks\WOT T => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {6372E08D-540D-440A-8D2F-5167B33D2D9A} - \Plus-HD-2.2-enabler No Task File <==== ATTENTION
Task: {739DCE2D-7420-48CD-B30B-8091A8CBC200} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {753EB692-0B14-4B0D-9B07-BC11ED29F8A8} - \HDvid Codec V1-enabler No Task File <==== ATTENTION
Task: {7642C8FD-D96B-4CE9-9D00-6FAFFB248A0E} - \Plus-HD-2.2-firefoxinstaller No Task File <==== ATTENTION
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {80A71535-3608-4738-9FE8-7DE6C5FE5A14} - System32\Tasks\WOT W2 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {83EACCD6-FB00-4468-987B-40903B45B1EB} - System32\Tasks\{0E0B6708-828E-4F31-8073-8CCE8A0A7924} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-06-05] (Skype Technologies S.A.)
Task: {9126A9BD-3BA0-45B2-8937-37FD34B7808C} - \DealPly No Task File <==== ATTENTION
Task: {92FCC7E2-AF62-4EF6-BE58-3DB1365A90B8} - \HDvid Codec V1-codedownloader No Task File <==== ATTENTION
Task: {A97048A0-D205-49CE-8A2B-A98D2BEB34D3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AF91A651-088C-4086-9CD4-384F3BA1067B} - System32\Tasks\WOT WWED1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {B13A788C-6EA7-46F5-858E-990B10A0C088} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {B6206A65-57D9-4506-AEF6-ABE2596CA1F9} - System32\Tasks\WOT WTUE1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {C8AED9DC-FEAF-4B53-BB4B-2B200DFAF959} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe [2011-11-21] (TuneUp Software)
Task: {D16C2F03-A27C-4D2E-B36C-D0064F83838E} - System32\Tasks\WOT W1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {E08A976F-F4F8-476D-AF80-CCF028FC15F6} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E335426E-2CFB-4C9F-ACA1-534DF8D85D45} - \HDvid Codec V1-updater No Task File <==== ATTENTION
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EA9AA878-5CA3-4D7B-A5E1-E9CBCEF9A53D} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Maddin => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-21] (Microsoft Corporation)
Task: {EDE5B0EC-8FF1-4476-A6D2-F191E23DF60B} - \Plus-HD-2.2-codedownloader No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-10 20:12 - 2010-06-03 14:36 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
2012-06-18 20:29 - 2010-01-21 01:53 - 00496232 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2012-06-18 20:29 - 2010-01-21 01:52 - 00076392 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2012-06-18 20:29 - 2010-01-21 01:53 - 00731752 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2012-06-18 20:29 - 2010-01-21 01:53 - 00209000 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2011-01-03 23:00 - 2008-07-11 16:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 01287456 _____ () C:\Program Files (x86)\Corel Home Office\A4W195.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 00546080 _____ () C:\Program Files (x86)\Corel Home Office\abdbcmn.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00808224 _____ () C:\Program Files (x86)\Corel Home Office\ABShare.DLL
2008-08-28 12:09 - 2008-08-28 12:09 - 00111904 _____ () C:\Program Files (x86)\Corel Home Office\ABViewForms.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00378144 _____ () C:\Program Files (x86)\Corel Home Office\ABMCmn.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00152864 _____ () C:\Program Files (x86)\Corel Home Office\abspel.dll
2008-08-28 12:10 - 2008-08-28 12:10 - 00066848 _____ () C:\Program Files (x86)\Corel Home Office\THXX.dll
2008-08-28 12:10 - 2008-08-28 12:10 - 00107808 _____ () C:\Program Files (x86)\Corel Home Office\VEXX.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 00288032 _____ () C:\Program Files (x86)\Corel Home Office\abcomctrl.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00255264 _____ () C:\Program Files (x86)\Corel Home Office\IMAGE.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00230688 _____ () C:\Program Files (x86)\Corel Home Office\abpivot.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00980256 _____ () C:\Program Files (x86)\Corel Home Office\abo.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00787744 _____ () C:\Program Files (x86)\Corel Home Office\abow.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00161056 _____ () C:\Program Files (x86)\Corel Home Office\abimgsrc.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 12563744 _____ () C:\Program Files (x86)\Corel Home Office\ABGerman.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 01561888 _____ () C:\Program Files (x86)\Corel Home Office\abdrwngs.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00242976 _____ () C:\Program Files (x86)\Corel Home Office\abgfx.dll
2014-01-30 15:28 - 2014-01-23 07:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-30 15:28 - 2014-01-23 07:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-30 15:28 - 2014-01-23 07:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: ANIWZCS2Service => "C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe"
MSCONFIG\startupreg: GDFirewallTray => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
MSCONFIG\startupreg: ROC_roc_dec12 => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #2
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2014 01:12:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 08:25:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2014 07:45:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2014 07:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avcenter.exe, Version 14.0.5.396 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: fc8
Anfangszeit: 01cf9616cde16379
Zeitpunkt der Beendigung: 51262

Error: (07/02/2014 06:54:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 07:52:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 02:01:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 09:00:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2014 07:55:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/26/2014 09:57:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058

Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: KtmRm für Distributed Transaction Coordinator2147942438 (0x80070026)

Error: (07/04/2014 01:12:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058

Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058

Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: KtmRm für Distributed Transaction Coordinator2147942438 (0x80070026)

Error: (07/03/2014 08:25:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058


Microsoft Office Sessions:
=========================
Error: (07/04/2014 01:12:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 08:25:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2014 07:45:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2014 07:43:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avcenter.exe14.0.5.396fc801cf9616cde1637951262

Error: (07/02/2014 06:54:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 07:52:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 02:01:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 09:00:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2014 07:55:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/26/2014 09:57:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2012-11-19 12:16:20.136
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-12-15 16:24:42.006
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-12-15 16:24:41.906
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\GameHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-12-15 16:24:41.802
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-12-15 16:24:41.698
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\GameHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-12-15 16:24:41.582
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-12-15 16:24:41.464
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\GameHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-12-15 16:24:41.354
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-12-15 16:24:41.254
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\GameHook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-12-15 16:24:41.153
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 48%
Total physical RAM: 4094.32 MB
Available physical RAM: 2123.83 MB
Total Pagefile: 8391.92 MB
Available Pagefile: 6228.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:327.54 GB) (Free:162.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (DATA) (Fixed) (Total:592.25 GB) (Free:428.3 GB) NTFS
Drive f: (DJ_AIO_06_F4500_) (CDROM) (Total:0.32 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: C347115F)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=328 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=592 GB) - (Type=07 NTFS)

==================== End Of Log ============================
und

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Maddin (administrator) on MARTIN on 04-07-2014 13:24:18
Running from C:\Users\Maddin\Downloads
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
() C:\Windows\SysWOW64\HsMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Corel) C:\Program Files (x86)\Corel Home Office\CORELC~1.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cmaudio8768GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\.DEFAULT\...\Run: [Picasa Media Detector] => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
HKU\.DEFAULT\...\Run: [fsc-reg] => c:\fsc-reg\fscreg.exe [380688 2008-08-01] (Fujitsu Siemens)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3559629360-2871224288-528010784-1000\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1000\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe
Startup: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
BootExecute:

==================== Internet (Whitelisted) ====================

URLSearchHook: HKLM-x32 - (No Name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {301B60B5-4EE1-421E-95C2-22CB96AA0A8F} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=501549&p={searchTerms}
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} -  No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} -  No File
Toolbar: HKCU - No Name - {62D40876-DF18-411F-9D34-A9DD7A197BC5} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=13 - C:\Program Files (x86)\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: FoxyDeal - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-05-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-20]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-20]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-20]
CHR Extension: (Google Drive) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-20]
CHR Extension: (YouTube) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-20]
CHR Extension: (Adblock Plus) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-05]
CHR Extension: (Google-Suche) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-20]
CHR Extension: (Google Wallet) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (Google Mail) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-20]
CHR HKLM-x32\...\Chrome\Extension: [bbecdmcnlcoebdcidcfdkoimbjkcegbc] - C:\Users\Maddin\AppData\Roaming\Browser Extensions\amazonsh_1.0.crx [2013-11-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM-x32\...\Chrome\Extension: [nlcphjankhppgohedpkjonpadimhaoof] - C:\Users\Maddin\AppData\Roaming\Browser Extensions\sh_1.0.crx [2012-03-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [801872 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-01] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 D-Link Wireless N DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-06-03] ()
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
R2 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions)
S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2013-05-14] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-11-21] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-25] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2009-05-22] (C-Media Inc)
R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1035104 2010-04-29] (Ralink Technology Corp.)
S3 PDNMp50; C:\Windows\SysWOW64\drivers\PDNMp50.sys [28224 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PDNSp50; C:\Windows\SysWOW64\drivers\PDNSp50.sys [27072 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
R1 {55685567-4840-4a91-962b-49a412e9485a}Gt64; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gt64.sys [60088 2014-05-28] (StdLib)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 LVcKap64; system32\DRIVERS\LVcKap64.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PDNSp50a64; System32\Drivers\PDNSp50a64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 13:19 - 2014-07-04 13:24 - 00038379 _____ () C:\Users\Maddin\Downloads\Addition.txt
2014-07-04 13:17 - 2014-07-04 13:24 - 00016025 _____ () C:\Users\Maddin\Downloads\FRST.txt
2014-07-04 13:17 - 2014-07-04 13:24 - 00000000 ____D () C:\FRST
2014-07-04 13:16 - 2014-07-04 13:16 - 02083840 _____ (Farbar) C:\Users\Maddin\Downloads\FRST64.exe
2014-07-02 19:41 - 2014-07-02 19:41 - 00537974 _____ () C:\Users\Maddin\Downloads\noscript-2.6.8.31.xpi.zip
2014-06-26 22:09 - 2014-06-26 22:09 - 00000921 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-26 22:07 - 2014-06-26 22:08 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\Maddin\Downloads\TeamSpeak3-Client-win64-3.0.15.exe
2014-06-26 10:13 - 2014-06-26 10:13 - 00000000 ____D () C:\New Folder
2014-06-26 10:10 - 2014-07-02 19:41 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\SynWrite
2014-06-26 10:10 - 2014-07-02 19:41 - 00000000 ____D () C:\SynWrite
2014-06-26 10:10 - 2014-06-26 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SynWrite
2014-06-26 10:08 - 2014-06-26 10:10 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite (1).exe
2014-06-26 10:04 - 2014-06-26 10:06 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite.exe
2014-06-25 22:29 - 2014-06-26 08:02 - 00000666 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-06-25 22:28 - 2014-07-01 14:11 - 00000000 ____D () C:\Users\Maddin\Documents\StarCraft II
2014-06-25 22:28 - 2014-06-26 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-24 20:55 - 2014-06-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-24 20:46 - 2014-06-24 20:46 - 01342659 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.213.exe
2014-06-24 20:42 - 2014-06-24 21:44 - 00002114 _____ () C:\Windows\PFRO.log
2014-06-24 08:28 - 2014-06-24 08:28 - 02804344 _____ (TeamViewer GmbH) C:\Users\Maddin\Downloads\customermodule_avira_support_de.exe
2014-06-24 08:28 - 2014-06-24 08:28 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TeamViewer
2014-06-23 11:04 - 2014-06-23 11:04 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212 (1).exe
2014-06-19 21:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-19 21:57 - 2014-06-19 21:57 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212.exe
2014-06-19 15:52 - 2014-06-19 15:52 - 00011965 _____ () C:\Users\Maddin\Documents\Unbenannt 1.ods
2014-06-19 14:35 - 2014-06-19 14:35 - 00448512 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\TFC (1).exe
2014-06-12 21:57 - 2014-06-12 21:57 - 00000000 ____D () C:\ProgramData\HPSSUPPLY
2014-06-11 08:54 - 2014-05-28 20:53 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 08:54 - 2014-05-28 20:37 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 08:54 - 2014-05-28 20:35 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 08:54 - 2014-05-28 20:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 08:54 - 2014-05-28 20:31 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 08:54 - 2014-05-28 20:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 08:54 - 2014-05-28 20:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 08:54 - 2014-05-28 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 08:54 - 2014-05-28 20:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-11 08:54 - 2014-05-28 20:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-11 08:54 - 2014-05-28 20:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 08:54 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 08:54 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 08:54 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 08:54 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 08:54 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 08:54 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 08:54 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-11 08:54 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 08:54 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-11 08:54 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 08:54 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 08:54 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 08:54 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-11 08:54 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-11 08:54 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 08:54 - 2014-04-26 20:21 - 00622592 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 08:54 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 08:54 - 2014-04-05 11:10 - 01422784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 08:54 - 2014-03-10 08:26 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 08:54 - 2014-03-10 08:26 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 08:54 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 08:54 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-05 15:25 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\Program Files\iTunes
2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-05 15:24 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2014-07-04 13:24 - 2014-07-04 13:19 - 00038379 _____ () C:\Users\Maddin\Downloads\Addition.txt
2014-07-04 13:24 - 2014-07-04 13:17 - 00016025 _____ () C:\Users\Maddin\Downloads\FRST.txt
2014-07-04 13:24 - 2014-07-04 13:17 - 00000000 ____D () C:\FRST
2014-07-04 13:16 - 2014-07-04 13:16 - 02083840 _____ (Farbar) C:\Users\Maddin\Downloads\FRST64.exe
2014-07-04 13:15 - 2014-05-09 19:49 - 01243299 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 13:14 - 2009-12-04 19:15 - 00004140 _____ () C:\Windows\System32\Tasks\Google Software Updater
2014-07-04 13:14 - 2009-08-27 21:27 - 00001034 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-07-04 13:12 - 2014-01-30 15:27 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 13:11 - 2009-01-26 12:49 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-04 13:11 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-04 13:11 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 13:11 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 21:17 - 2009-07-04 16:33 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\CorelHomeOffice
2014-07-03 21:17 - 2006-11-02 17:42 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-03 21:04 - 2014-01-30 15:27 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-03 20:55 - 2013-01-29 20:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 23:07 - 2014-04-19 00:19 - 00000000 ____D () C:\Users\Maddin\AppData\Local\Battle.net
2014-07-02 23:07 - 2010-11-19 21:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-02 23:07 - 2009-12-30 21:40 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TS3Client
2014-07-02 19:41 - 2014-07-02 19:41 - 00537974 _____ () C:\Users\Maddin\Downloads\noscript-2.6.8.31.xpi.zip
2014-07-02 19:41 - 2014-06-26 10:10 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\SynWrite
2014-07-02 19:41 - 2014-06-26 10:10 - 00000000 ____D () C:\SynWrite
2014-07-02 19:33 - 2011-05-19 18:49 - 00003686 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D93DBACB-AE77-466D-9B91-FD8EC005C83B}
2014-07-01 14:11 - 2014-06-25 22:28 - 00000000 ____D () C:\Users\Maddin\Documents\StarCraft II
2014-07-01 14:05 - 2013-03-27 20:49 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-26 22:09 - 2014-06-26 22:09 - 00000921 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-26 22:08 - 2014-06-26 22:07 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\Maddin\Downloads\TeamSpeak3-Client-win64-3.0.15.exe
2014-06-26 22:06 - 2009-12-30 21:39 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-06-26 10:13 - 2014-06-26 10:13 - 00000000 ____D () C:\New Folder
2014-06-26 10:10 - 2014-06-26 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SynWrite
2014-06-26 10:10 - 2014-06-26 10:08 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite (1).exe
2014-06-26 10:06 - 2014-06-26 10:04 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite.exe
2014-06-26 08:02 - 2014-06-25 22:29 - 00000666 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-06-26 08:02 - 2014-06-25 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-25 22:29 - 2010-04-07 14:41 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-25 22:26 - 2014-04-19 00:18 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-24 21:44 - 2014-06-24 20:42 - 00002114 _____ () C:\Windows\PFRO.log
2014-06-24 20:55 - 2014-06-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-24 20:48 - 2013-02-16 13:14 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-06-24 20:47 - 2013-12-13 16:22 - 00000000 ____D () C:\AdwCleaner
2014-06-24 20:46 - 2014-06-24 20:46 - 01342659 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.213.exe
2014-06-24 08:28 - 2014-06-24 08:28 - 02804344 _____ (TeamViewer GmbH) C:\Users\Maddin\Downloads\customermodule_avira_support_de.exe
2014-06-24 08:28 - 2014-06-24 08:28 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TeamViewer
2014-06-23 11:04 - 2014-06-23 11:04 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212 (1).exe
2014-06-22 20:37 - 2014-04-28 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-06-22 20:37 - 2013-05-31 04:21 - 00003786 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-06-20 20:07 - 2014-03-24 16:39 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-06-20 20:07 - 2009-04-09 17:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-20 20:01 - 2013-11-13 18:15 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-06-20 19:59 - 2014-01-30 15:27 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 19:59 - 2014-01-30 15:27 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 19:42 - 2013-03-27 20:49 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-19 22:01 - 2009-04-09 17:00 - 00000000 ____D () C:\ProgramData\ICQ
2014-06-19 22:00 - 2009-04-03 16:44 - 00000000 ____D () C:\Users\Maddin
2014-06-19 21:57 - 2014-06-19 21:57 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212.exe
2014-06-19 15:52 - 2014-06-19 15:52 - 00011965 _____ () C:\Users\Maddin\Documents\Unbenannt 1.ods
2014-06-19 15:41 - 2010-11-27 21:19 - 00009725 _____ () C:\ProgramData\hpzinstall.log
2014-06-19 15:26 - 2010-11-27 21:19 - 00225436 _____ () C:\Windows\hpoins46.dat
2014-06-19 15:26 - 2006-11-02 14:34 - 00000281 _____ () C:\Windows\win.ini
2014-06-19 14:35 - 2014-06-19 14:35 - 00448512 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\TFC (1).exe
2014-06-17 13:33 - 2013-12-20 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-13 08:44 - 2008-01-21 13:10 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-13 08:44 - 2008-01-21 13:09 - 00674024 _____ () C:\Windows\system32\perfh007.dat
2014-06-13 08:44 - 2008-01-21 13:09 - 00146036 _____ () C:\Windows\system32\perfc007.dat
2014-06-12 21:57 - 2014-06-12 21:57 - 00000000 ____D () C:\ProgramData\HPSSUPPLY
2014-06-11 19:40 - 2013-08-14 14:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 19:37 - 2006-11-02 14:35 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-06-11 12:02 - 2012-06-19 11:45 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-06-05 15:25 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iTunes
2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-05 15:24 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iPod
2014-06-05 15:24 - 2014-04-28 11:15 - 00000000 ____D () C:\ProgramData\Apple Computer

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.4500.dll


Some content of TEMP:
====================
C:\Users\Maddin\AppData\Local\Temp\avgnt.exe
C:\Users\Maddin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-07-04 13:24

==================== End Of Log ============================
--- --- ---
1111111[/CODE]

Bitte schön, die angeforderten LogFiles

Mfg Jojobin

deeprybka 04.07.2014 12:39
Hi,

Schritt 1

http://filepony.de/icon/malwarebytes_anti_malware.png Malwarebytes Antimalware
  • Download-Link
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
  • Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Jojobin 04.07.2014 13:18
Hallo, sobald ich den Button drücken will "In Zwischenablage kopieren" stürzt MBAM ab. Keine Ahnung wieso

Mfg Jojobin

deeprybka 04.07.2014 13:24
Hi,
dann mache es so wie hier:

http://bootsektor.trojaner-board.de/...enmitpfeil.png

http://www.trojaner-board.de/51187-a...i-malware.html

Jojobin 04.07.2014 13:27
Okay, dann lasse ich das Programm nochmal durchlaufen

deeprybka 04.07.2014 13:31
Nee, mußte nicht. Gehe einfach statt auf "In Zwischenablage kopieren" links daneben auf Exportieren.


Lesestoff
http://filepony.de/icon/malwarebytes_anti_malware.pngMBAM-Funde posten: So gehts...
Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden.
Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.
  • Starte MBAM.
  • Klicke auf Verlauf.
  • Klicke auf Anwendungsprotokolle.
  • Klicke auf das letzte Suchlaufprotokoll mit Funden.
  • Klicke auf "In Zwischenablage kopieren".
  • Poste den Inhalt in Code-Tags [CODE] [/CODE] durch Einfügen mit Strg+V als Antwort in Deinen Thread.
http://deeprybka.trojaner-board.de/b...mbamposten.gif

Jojobin 04.07.2014 13:35
Klappt nicht, sobald ich den Knopf drücke, hängt sich das programm auf

deeprybka 04.07.2014 13:39
Ok,
wenn Du das Suchlaufprotokoll anklickst, kannst dann einen Screenshot machen, damit ich sehe was Du alles in Quarantäne geschoben hast?

Zusätzlich:
Schritt 1
Downloade Dir HitmanProhttp://deeprybka.trojaner-board.de/b.../hitmanpro.pngauf Deinen Desktop:

HitmanPro-32 Bit Version
HitmanPro-64 Bit Version

Jojobin 04.07.2014 13:55
Ne Blöde Frage, aber wie bekomme ich den Screenshot ins Forum?

deeprybka 04.07.2014 13:56
Das Bild mit dem Büroklammersymbol anhängen... ;)

Jojobin 04.07.2014 14:06
Muss ich das irgendwo hochladen? Der will ne URL haben.

Sorry für die ganzen fragen aber ich bin nicht grad der Überflieger wenns um Computer geht

Hier die LogFile von HitmanPro

Code:

       
Code:

       
HitmanPro 3.7.9.220
www.hitmanpro.com

   Computer name . . . . : MARTIN
   Windows . . . . . . . : 6.0.2.6002.X64/4
   User name . . . . . . : Martin\Maddin
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-07-04 14:55:02
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 7m 23s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 1
   Traces  . . . . . . . : 593

   Objects scanned . . . : 4.896.435
   Files scanned . . . . : 33.273
   Remnants scanned  . . : 409.660 files / 4.453.502 keys

Malware _____________________________________________________________________

   C:\Windows\system32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gt64.sys
      Size . . . . . . . : 60.088 bytes
      Age  . . . . . . . : 35.8 days (2014-05-29 19:53:26)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : F8E9328EB466F4A4DB4A945A4F9A5045ED454886C6BB6E6D598FD7EDC8AEB3F7
      Product  . . . . . : StdLib
      Publisher  . . . . : StdLib
      Description  . . . : StdLib
      Version  . . . . . : 1.4.3.1
      Copyright  . . . . : Copyright © 2013 StdLib
      RSA Key Size . . . : 2048
      Service  . . . . . : {55685567-4840-4a91-962b-49a412e9485a}Gt64
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Bitdefender  . . . : Adware.SwiftBrowse.L
      Fuzzy  . . . . . . : 98.0
      Startup
         HKLM\SYSTEM\CurrentControlSet\Services\{55685567-4840-4a91-962b-49a412e9485a}Gt64\


Suspicious files ____________________________________________________________

   C:\Users\Maddin\Downloads\FRST64.exe
      Size . . . . . . . : 2.083.840 bytes
      Age  . . . . . . . : 0.1 days (2014-07-04 13:16:01)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : C0B38814FBC800F94241355B7FE8D437727C60F5CF846543FDB2638E3AF389A6
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      References
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Maddin\Downloads\FRST64.exe


Potential Unwanted Programs _________________________________________________

   C:\Program Files (x86)\AskPartnerNetwork\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe (AskBar)
      Size . . . . . . . : 166.352 bytes
      Age  . . . . . . . : 195.7 days (2013-12-20 23:02:25)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : C3081358313A982F53CAD54C214AFECAD9660A59FB4A3DDFE068724E83041AF8
      Product  . . . . . : APN Updater
      Publisher  . . . . : APN LLC.
      Description  . . . : APN Updater
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      Service  . . . . . : APNMCP
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -18.0
      Startup
         HKLM\SYSTEM\CurrentControlSet\Services\APNMCP\

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe (AskBar)
      Size . . . . . . . : 509.872 bytes
      Age  . . . . . . . : 236.7 days (2013-11-09 21:00:24)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 01D0C3E9722ED6979335F50C8791B46529CAA1AD62A2774A7261AF3618E7291A
      Product  . . . . . : Stub Installer
      Publisher  . . . . : Ask Partner Network
      Description  . . . : Stub Installer
      Version  . . . . . : 7.5.0.5
      Copyright  . . . . : Copyright © 2013 Ask Partner Network.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (AskBar)
      Size . . . . . . . : 12.240 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:51)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : 26DD353E636B8ABE2739CEB97A04220F1964E8951C93386D5CFAACE823874898
      Product  . . . . . : Passport
      Publisher  . . . . : APN LLC.
      Description  . . . : Passport
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0
      Startup
         HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-4300-7A786E7484D7}
         HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}\
         HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}\
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{41564952-412D-5637-4300-7A786E7484D7}
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{41564952-412D-5637-4300-7A786E7484D7}
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{41564952-412D-5637-4300-7A786E7484D7}
      References
         HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{41564952-412D-5637-4300-7A786E7484D7}\
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7}\
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7}\
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7}\

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (AskBar)
      Size . . . . . . . : 13.776 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.0
      SHA-256  . . . . . : 5C86C854487467F74A8A86C9F268EF8898AAA1B48D43026CECD49740CD3D4CCD
      Product  . . . . . : Passport
      Publisher  . . . . : APN LLC.
      Description  . . . : Passport
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0
      Startup
         HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-4300-7A786E7484D7}
         HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}\
         HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}\
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{41564952-412D-5637-4300-7A786E7484D7}
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{41564952-412D-5637-4300-7A786E7484D7}
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{41564952-412D-5637-4300-7A786E7484D7}
      References
         HKLM\SOFTWARE\Classes\CLSID\{41564952-412D-5637-4300-7A786E7484D7}\
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7}\
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7}\
         HKU\S-1-5-21-3559629360-2871224288-528010784-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7}\

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1031.mst (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1033.mst (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1034.mst (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1036.mst (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1040.mst (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1041.mst (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1043.mst (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1045.mst (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1049.mst (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\2070.mst (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7C@apn.ask.com.xpi (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\AskToolbarInstaller-12.10.0_AVIRA-V7C.msi (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\ToolbarCR.crx (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\Update.xml (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\Toolbar.crx (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe (AskBar)
      Size . . . . . . . : 166.352 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : C3081358313A982F53CAD54C214AFECAD9660A59FB4A3DDFE068724E83041AF8
      Product  . . . . . : APN Updater
      Publisher  . . . . : APN LLC.
      Description  . . . : APN Updater
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll (AskBar)
      Size . . . . . . . : 74.704 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : E1853B5640881511544A9B6C9F2227BD639B279B281A8612746BE07040E3B013
      Product  . . . . . : Search Hook
      Publisher  . . . . : APN LLC.
      Description  . . . : Search Hook
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe (AskBar)
      Size . . . . . . . : 115.664 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 4B919C48DD074B802488864BB266E2B1D980A1E73C3FFAE36FEE79874E884FDC
      Product  . . . . . : Service Locator
      Publisher  . . . . : APN LLC.
      Description  . . . : Service Locator
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\SO.dll (AskBar)
      Size . . . . . . . : 428.496 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 9D34E70B5CA1DE2D4FDD8DD0AB5987A60EC620D2DFEDE7F89443FFFFDBF6A60A
      Product  . . . . . : Object Model
      Publisher  . . . . : APN LLC.
      Description  . . . : Object Model
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll (AskBar)
      Size . . . . . . . : 204.752 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : C7BC280CA198B10252BBE8EB1DB0A78AB8CB5DC7C6BAD1497690D141221CFBE0
      Product  . . . . . : Toolbar
      Publisher  . . . . : APN LLC.
      Description  . . . : Toolbar
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe (AskBar)
      Size . . . . . . . : 366.032 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 5.7
      SHA-256  . . . . . : BE6CA90E00B1F2D7C8A9D86D8FC9AB92F124D1D59D0A94F3BEA8552D15DDDD9A
      Product  . . . . . : Toolbar Core
      Publisher  . . . . : APN LLC.
      Description  . . . : Toolbar Core
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll (AskBar)
      Size . . . . . . . : 249.808 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : B971FFE3A9662BEACF7B4DC2B397A8C674C75F22115AE85DD850FBB73A35BCB1
      Product  . . . . . : Toolbar
      Publisher  . . . . : APN LLC.
      Description  . . . : Toolbar
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll (AskBar)
      Size . . . . . . . : 45.520 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 137538E3C6CD7044B24B9A2428DD5E0B3949CAD6808E1CDC4E6A24AECE8265B2
      Product  . . . . . : Toolbar PS
      Publisher  . . . . : APN LLC.
      Description  . . . : Toolbar PS
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe (AskBar)
      Size . . . . . . . : 114.128 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : DCB7FE544B967787BB1515F9CD344688B9234D188BC50DAE5C966BBD9D5E8836
      Product  . . . . . : Update Manager
      Publisher  . . . . : APN LLC.
      Description  . . . : Update Manager
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\ask-search.xml (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (AskBar)
      Size . . . . . . . : 1.778.640 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 854C61EBC86A5C8C0373EAF3791C6F336727F707884847F116890CDB136ABEE4
      Product  . . . . . : Ask TBNotifier
      Publisher  . . . . : APN
      Description  . . . : Ask Toolbar Notifier
      Version  . . . . . : 31.6.0.3083
      Copyright  . . . . : (c) Ask.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}\config.xml (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll (AskBar)
      Size . . . . . . . : 12.240 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : 26DD353E636B8ABE2739CEB97A04220F1964E8951C93386D5CFAACE823874898
      Product  . . . . . : Passport
      Publisher  . . . . : APN LLC.
      Description  . . . : Passport
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll (AskBar)
      Size . . . . . . . : 13.776 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.0
      SHA-256  . . . . . : 5C86C854487467F74A8A86C9F268EF8898AAA1B48D43026CECD49740CD3D4CCD
      Product  . . . . . : Passport
      Publisher  . . . . : APN LLC.
      Description  . . . : Passport
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\content.zip (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\vntldr.exe (AskBar)
      Size . . . . . . . : 202.192 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : 95486887E59B12B3AA86D211B77E9BA8F0A890592B45AE1E04E27F0FFB7EA60F
      Product  . . . . . : Virtual New Tab
      Publisher  . . . . : APN LLC.
      Description  . . . : Virtual New Tab Loader
      Version  . . . . . : 1.0.0.3013
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\vntsrv.dll (AskBar)
      Size . . . . . . . : 92.672 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : C88291E8C5B285BDB0B8E7E289B42388C24E9EBA57D1969F27AA463F53DC580D
      Product  . . . . . : Virtual New Tab
      Publisher  . . . . : APN LLC.
      Description  . . . : Virtual New Tab Server
      Version  . . . . . : 1.0.0.3013
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      LanguageID . . . . : 1033
      Fuzzy  . . . . . . : -8.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (AskBar)
      Size . . . . . . . : 74.704 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:51)
      Entropy  . . . . . : 6.3
      SHA-256  . . . . . : E1853B5640881511544A9B6C9F2227BD639B279B281A8612746BE07040E3B013
      Product  . . . . . : Search Hook
      Publisher  . . . . : APN LLC.
      Description  . . . : Search Hook
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -19.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe (AskBar)
      Size . . . . . . . : 115.664 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:51)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 4B919C48DD074B802488864BB266E2B1D980A1E73C3FFAE36FEE79874E884FDC
      Product  . . . . . : Service Locator
      Publisher  . . . . : APN LLC.
      Description  . . . : Service Locator
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -19.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SO.dll (AskBar)
      Size . . . . . . . : 428.496 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:51)
      Entropy  . . . . . : 6.5
      SHA-256  . . . . . : 9D34E70B5CA1DE2D4FDD8DD0AB5987A60EC620D2DFEDE7F89443FFFFDBF6A60A
      Product  . . . . . : Object Model
      Publisher  . . . . : APN LLC.
      Description  . . . : Object Model
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -19.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar.dll (AskBar)
      Size . . . . . . . : 204.752 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:51)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : C7BC280CA198B10252BBE8EB1DB0A78AB8CB5DC7C6BAD1497690D141221CFBE0
      Product  . . . . . : Toolbar
      Publisher  . . . . : APN LLC.
      Description  . . . : Toolbar
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -19.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe (AskBar)
      Size . . . . . . . : 366.032 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:51)
      Entropy  . . . . . : 5.7
      SHA-256  . . . . . : BE6CA90E00B1F2D7C8A9D86D8FC9AB92F124D1D59D0A94F3BEA8552D15DDDD9A
      Product  . . . . . : Toolbar Core
      Publisher  . . . . : APN LLC.
      Description  . . . : Toolbar Core
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -19.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar_x64.dll (AskBar)
      Size . . . . . . . : 249.808 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:52)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : B971FFE3A9662BEACF7B4DC2B397A8C674C75F22115AE85DD850FBB73A35BCB1
      Product  . . . . . : Toolbar
      Publisher  . . . . : APN LLC.
      Description  . . . : Toolbar
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -19.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll (AskBar)
      Size . . . . . . . : 45.520 bytes
      Age  . . . . . . . : 194.7 days (2013-12-21 21:30:51)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 137538E3C6CD7044B24B9A2428DD5E0B3949CAD6808E1CDC4E6A24AECE8265B2
      Product  . . . . . : Toolbar PS
      Publisher  . . . . : APN LLC.
      Description  . . . : Toolbar PS
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -19.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe (AskBar)
      Size . . . . . . . : 114.128 bytes
      Age  . . . . . . . : 195.7 days (2013-12-20 23:02:25)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : DCB7FE544B967787BB1515F9CD344688B9234D188BC50DAE5C966BBD9D5E8836
      Product  . . . . . : Update Manager
      Publisher  . . . . : APN LLC.
      Description  . . . : Update Manager
      Version  . . . . . : 21.5.0.2560
      Copyright  . . . . : (c) APN LLC.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -19.0

   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\ask-search.xml (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\AVIRA-V7C\ (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\AVIRA-V7C\config.xml (AskBar)
   C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (AskBar)
      Size . . . . . . . : 1.778.640 bytes
      Age  . . . . . . . : 195.7 days (2013-12-20 23:02:16)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : 854C61EBC86A5C8C0373EAF3791C6F336727F707884847F116890CDB136ABEE4
      Product  . . . . . : Ask TBNotifier
      Publisher  . . . . : APN
      Description  . . . : Ask Toolbar Notifier
      Version  . . . . . : 31.6.0.3083
      Copyright  . . . . : (c) Ask.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -19.0

   C:\ProgramData\APN\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\background-options.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\background.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\background.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\browser-action.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\cache-config.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\ChromeUtilPlugin.dll (AskBar)
      Size . . . . . . . : 46.592 bytes
      Age  . . . . . . . : 171.0 days (2014-01-14 14:19:29)
      Entropy  . . . . . : 5.9
      SHA-256  . . . . . : 10406E0531BBA2671E3D7A0111378781BDB88E46B2CE2B5364CFD16FC99DE9E9
      Product  . . . . . : ChromeUtilPlugin
      Publisher  . . . . : APN
      Description  . . . : APN Chrome utility plugin
      Version  . . . . . : 1.0.0.0
      Copyright  . . . . : Copyright (C) 2011-2012 APN
      LanguageID . . . . : 1033
      Fuzzy  . . . . . . : -8.0

   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\cookies.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\feeds.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\fixup-jquery-for-ie.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\history.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\ie-bg-shim.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\init-bg-messaging.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\keywordSearch.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\lifecycle.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\localStorage.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\OneTimeCode.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\popup.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\preference.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\rebuttal.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\registry.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\reporting.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\search.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\security.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\sideByside.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\tabs.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\background\utils.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\build.json (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\lang-config.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\chrome-options.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\content-script.xul (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\chrome-options.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\containers.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\hp-new-tab.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\new-tab.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\searchbox.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\avira\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\avira\avira.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\imesh\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\imesh\imesh.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\mindspark\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\mindspark\mindspark.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\mindspark\new-search-button-mid.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\mindspark\new-search-button-sides.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\plain\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\plain\plain.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\taskbar\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\taskbar\taskbar.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\v5parity\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\themes\v5parity\v5parity.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\css\toolbar.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\IDR_WEBSTORE_ICON.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\logo\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\logo\logo_128x.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\logo\logo_19x.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\logo\logo_19x_grey.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\logo\logo_24x.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\logo\logo_32x.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\logo\toolbar-icons.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\newtab\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\newtab\homepage_logo.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\newtab\thirdparty_icons.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\search\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\search\btn_search_ask_taskbar.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\search\logo_cobrand_18px.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\search\logo_cobrand_24px.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\search\new-search-button-mid.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\search\new-search-button-sides.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\search\search-button-mid.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\search\search-button-sides.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_1.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_10.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_10plus.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_2.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_3.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_4.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_5.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_6.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_7.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_8.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_9.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_exclaim.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\badge_numbers.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\bdg-gradient.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\bg.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\curved-divider.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\images\vanilla\left-bg.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\init-tb-stuff.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\new-tab-page.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\newtab-overlay.xul (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\newtab-subscript.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\toolbar.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\toolbar.xul (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widget-bundled.xul (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widget-hosted.xul (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\ask-avira-homepage\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\ask-avira-homepage\button.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\avira-homepage\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\avira-homepage\button.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\avira-url-cloud\5.0\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\avira-url-cloud\5.0\contentScript.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\avira-webguard\1.0\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\avira-webguard\1.0\button.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\browser-security\3.0\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\browser-security\3.0\button.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\background.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\blank.gif (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\blank.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\button.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\button.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\components\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\components\AviraContentPolicy.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\components\IAviraContentPolicy.xpt (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\config.json (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\css\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\css\button.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\css\window.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\avira_abine_btn.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\btn-bg.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\dd-arrow.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\footer.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\header-top-plain.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\header-top.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\like.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\linkedin.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\on-off-knob.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\on-off.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\plus-minus.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\plusone.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\settings.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\images\tweet.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\background\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\background\auto-update.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\background\background.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\background\config.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\background\content-policy.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\background\rules.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\background\tab-data.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\button.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\common.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\content-script\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\content-script\common.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\content-script\inpage.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\content-script\social-button.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\ie-messaging-hack.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\lang-config.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\messaging.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\window\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\window\config.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\window\template.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\window\templates\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\window\templates\all.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\window\view.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\window\view_alert.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\window\view_global.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\js\window\window.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\lib\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\lib\ContentPolicy.dll (AskBar)
      Size . . . . . . . : 594.920 bytes
      Age  . . . . . . . : 171.0 days (2014-01-14 14:19:30)
      Entropy  . . . . . : 6.6
      SHA-256  . . . . . : 40566DC427262B4A7EC88D0E32A509345630ED6E978D40C793FBE70BA0651F8C
      Product  . . . . . : Avira Do Not Track
      Publisher  . . . . : Abine, Inc.
      Description  . . . : Avira IE Content Policy
      Version  . . . . . : 1.0.0.1
      Copyright  . . . . : (c) Abine Inc.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\lib\ContentPolicy_x64.dll (AskBar)
      Size . . . . . . . : 721.896 bytes
      Age  . . . . . . . : 171.0 days (2014-01-14 14:19:30)
      Entropy  . . . . . : 6.2
      SHA-256  . . . . . : 9A2C7752AC71B3465E7246F01B96ACC3392C873FFA81CF82376EEC22647C85A3
      Product  . . . . . : Avira Do Not Track
      Publisher  . . . . : Abine, Inc.
      Description  . . . : Avira IE Content Policy
      Version  . . . . . : 1.0.0.1
      Copyright  . . . . : (c) Abine Inc.  All rights reserved.
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : -15.0

   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\com.avira.dnt\widget\window.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\facebook\5.0\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\facebook\5.0\button.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\simple-email-list\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\simple-email-list\button.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\simple-email-list\gmail.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\simple-email-list\hotmail.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\simple-email-list\outlook.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\simple-email-list\yahoo!.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\css\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\css\options.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\images\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\images\button-blue-1x20.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\images\button-grey-1x26.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\images\button.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\images\icons.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\images\lightblue-1x43.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\js\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\js\options.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\skin\widgets\toolbar-options\options.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\tb-config.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\test-widget-config.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\config\widget-config.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\content-script.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\hack\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\hack\facebook.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\hack\relative.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\hack\static.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\injector.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\inline-html.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\notify-presence.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\positioning.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\toolbar.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\widget-hosted.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\content_script\widget.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\icon.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\async-gate.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\browser-shim.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\constant.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\DataStore.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\default-config.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\i18n.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\jquery.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\json.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\polyfill.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\protocol.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\shims\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\shims\console.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\state-machine.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\tb-config-update.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\tb-message.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\widget-config-update.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\widget-messaging.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\lib\window-position.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\manifest.json (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\chrome-options.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\ieCS.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\IFrameButton.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\init-toolbar.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\new-tab-page.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\rebuttal.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\reel.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\searchbox.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\shimIE.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\SimpleButton.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\tb_ux\toolbar.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\Toolbar.crx (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\options\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\options\images\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\options\images\button-blue-1x20.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\options\images\button-grey-1x26.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\options\images\button.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\options\images\icons.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\options\images\lightblue-1x43.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\options\options.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\options\options.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\options\options.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\rebuttal\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\rebuttal\images\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\rebuttal\images\warning.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\rebuttal\rebuttal.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\rebuttal\rebuttal.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\rebuttal\rebuttal.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\search-suggestion\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\search-suggestion\search-suggestion.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\search-suggestion\search-suggestion.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\search-suggestion\search-suggestion.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\css\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\css\images\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\css\images\footer_gradient.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\css\images\footer_shadow.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\css\images\image_placeholder.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\css\images\item-bg.png (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\css\menu.css (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\feed.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\js\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\js\api.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\js\feed.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\js\menu.js (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\30.1\widgets\templates\menu.html (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Config\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Config\Config.31.6.0.0-4.xml (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Response\ (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Response\Response.31.6.0.0-15.xml (AskBar)
   C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Response\Response.31.6.0.0-16.xml (AskBar)
   C:\Users\Maddin\AppData\Local\AskPartnerNetwork\ (AskBar)
   C:\Users\Maddin\AppData\Local\AskPartnerNetwork\Toolbar\AVIRA-V7C\ (AskBar)
   C:\Users\Maddin\AppData\Local\AskPartnerNetwork\Toolbar\AVIRA-V7C\APNStorage.stg (AskBar)
   C:\Windows\System32\Tasks\Browser Updater\ (BrowserSecurity)
   C:\Windows\System32\Tasks\SystemSockets\ (BrowserSecurity)
   HKLM\SOFTWARE\AskPartnerNetwork\ (AskBar)
   HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}\ (Softonic)
   HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}\ (AskBar)
   HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}\ (AskBar)
   HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF\ (AskBar)
   HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}\ (AskBar)
   HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}\ (AskBar)
   HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player)
   HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player)
   HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player)
   HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player)
   HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ (CertifiedToolbar)
   HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}\ (AskBar)
   HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}\ (AskBar)
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}\ (Softonic)
   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}\ (AskBar)
   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}\ (AskBar)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}\ (AskBar)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}\ (AskBar)
   HKLM\SOFTWARE\Classes\Wow6432Node\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}\ (FLV Player)
   HKLM\SOFTWARE\Classes\Wow6432Node\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}\ (FLV Player)
   HKLM\SOFTWARE\Classes\Wow6432Node\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}\ (FLV Player)
   HKLM\SOFTWARE\Classes\Wow6432Node\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}\ (FLV Player)
   HKLM\SOFTWARE\Classes\Wow6432Node\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ (CertifiedToolbar)
   HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}\ (AskBar)
   HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater\ (BrowserSecurity)
   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemSockets\ (BrowserSecurity)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06B42F08F6F40FA4F83EA94EF9F03F63\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06FCEE940712E4B4C8A7362CD8D249A1\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\085CE460BADC1D14EA94D8A62E517577\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B2690283E07C9B4085B3B794202E7F7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12D3738E79C70C74E9D808E162BD6691\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\189F6D048E923EA48B11D15B30CDAC81\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F0968491626AD249A2A6CBAC4DE352D\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22A78C977EC431247B2ECECC374DFE13\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2CAC1D959B4188B4F8E8C251A25DA9DB\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\33990057697C62f47BB9FFD59CB4AEEB\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41BF64DDE5C2457478691CB0675759BA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42F5B13BF4BAD8D409578286A354E360\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4374E71C5355C4B4AACC93BBBF40E99F\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4410C9B6FF0094C418865CD2B243B258\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45B0A4620F799834C82DE0BD4E90E40B\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4859A93046C917F408248F3C16F75E77\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A3D29BA507550f4F87F6F33D42B24D6\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4E28C30B25E21BF4C9418857AEB2AF7C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50390A9E27AD04A4698BF297EF564973\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D5D3B13CCBA08C479F107E50BD81C8A\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\661134B612233374391C95E8AC373BA3\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\734F787B99D52824EAB6CA1A89F801F7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73A172B6C18A3594A9FA363311A187A3\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A0CF0C6A9F9B8642A392A1896DCCCF2\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE43E6BAE0DC0B43883C669D8DCE8B1\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7EC46CC5C43127A45A99762BF7A9C9E5\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFDE7BEC9977ac46B41B0A2BF7D88CD\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8011A895DAAC4CC45AF1397E3CE9CA16\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\81EE804DA9066C64A859E01A38075C59\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\879DDA62492E58A40898AD146BBB572E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88761D7BAC02ccc428CD5EF352BB933C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CB53AD495D2C5443B95C9EE29E47902\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F85A4D374D5bf245B8722C062C2D00E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9516FC331A505934FA76C22DCFFEC47E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A08449608E3Ca1f4ABF236256A256754\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A431C8F3F57D7844B89242F5F7A5F62C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A66E2D84F93A9E94FBA6AB3524D85958\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA27FE018F87f5e4F97F31C09E7C5370\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC049320EE27170499EC0B6124142ED7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B448F401EF39C8346BF7BE9B8D1C7060\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5211271DD585A740AA28576B137D09D\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B58469E2C54833741B90BAD9CE5A1159\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6DA77032731EEE40B463A325128D613\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCC2BCA248E19F74F9AEDE4D1EFEFBC9\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C70C6F53DEE245249956FC291D801A71\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C7C0052DD04CBC84C81C0AC586485E50\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C879DCC3D00BE8E4282F02F1735E78DF\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9FBD8E8A2691564FA012512BCC3748C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB3AEBFFA9E907145906294AB669B1F2\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE142BFA81B72674892EB318BD603CB0\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE90A73A5D5A01a43A2EDCCF04BA9487\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D05B2B3F5629f9d41A7E57FB534168CA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D158B0E5D051EA046B8E08BF6B004842\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D45A81F48EF19334EABB33FF8871C4F5\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D538E650623CB2C43AD5FBF587227D55\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D8D06C15BF8AFCD449EFF90B935AEF7C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB1AE396B3BBfe940922C55C6EEF740A\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDF89DEE0C7E9A5448382117C4436818\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E55AA93871A0fde4490A708053AC6501\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E954A03F45EC92B419A55A0D4815C0A3\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E97C12D46BF588241856422D760336B4\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EA1332016439DD54C840C7D45CFB2705\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EFBB6B0872B0DBB4D912A0F52986399D\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\AskPartnerNetwork\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater\ (BrowserSecurity)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SystemSockets\ (BrowserSecurity)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06B42F08F6F40FA4F83EA94EF9F03F63\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06FCEE940712E4B4C8A7362CD8D249A1\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\085CE460BADC1D14EA94D8A62E517577\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B2690283E07C9B4085B3B794202E7F7\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12D3738E79C70C74E9D808E162BD6691\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\189F6D048E923EA48B11D15B30CDAC81\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F0968491626AD249A2A6CBAC4DE352D\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22A78C977EC431247B2ECECC374DFE13\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2CAC1D959B4188B4F8E8C251A25DA9DB\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964\ (FLV Player)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\33990057697C62f47BB9FFD59CB4AEEB\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41BF64DDE5C2457478691CB0675759BA\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42F5B13BF4BAD8D409578286A354E360\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4374E71C5355C4B4AACC93BBBF40E99F\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4410C9B6FF0094C418865CD2B243B258\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45B0A4620F799834C82DE0BD4E90E40B\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4859A93046C917F408248F3C16F75E77\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A3D29BA507550f4F87F6F33D42B24D6\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4E28C30B25E21BF4C9418857AEB2AF7C\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50390A9E27AD04A4698BF297EF564973\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D5D3B13CCBA08C479F107E50BD81C8A\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467\ (FLV Player)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\661134B612233374391C95E8AC373BA3\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\734F787B99D52824EAB6CA1A89F801F7\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73A172B6C18A3594A9FA363311A187A3\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A0CF0C6A9F9B8642A392A1896DCCCF2\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE43E6BAE0DC0B43883C669D8DCE8B1\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7EC46CC5C43127A45A99762BF7A9C9E5\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFDE7BEC9977ac46B41B0A2BF7D88CD\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8011A895DAAC4CC45AF1397E3CE9CA16\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\81EE804DA9066C64A859E01A38075C59\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\879DDA62492E58A40898AD146BBB572E\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88761D7BAC02ccc428CD5EF352BB933C\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CB53AD495D2C5443B95C9EE29E47902\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F85A4D374D5bf245B8722C062C2D00E\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9516FC331A505934FA76C22DCFFEC47E\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A08449608E3Ca1f4ABF236256A256754\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A431C8F3F57D7844B89242F5F7A5F62C\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A66E2D84F93A9E94FBA6AB3524D85958\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA27FE018F87f5e4F97F31C09E7C5370\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC049320EE27170499EC0B6124142ED7\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B448F401EF39C8346BF7BE9B8D1C7060\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5211271DD585A740AA28576B137D09D\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B58469E2C54833741B90BAD9CE5A1159\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6DA77032731EEE40B463A325128D613\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCC2BCA248E19F74F9AEDE4D1EFEFBC9\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C70C6F53DEE245249956FC291D801A71\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C7C0052DD04CBC84C81C0AC586485E50\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C879DCC3D00BE8E4282F02F1735E78DF\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9FBD8E8A2691564FA012512BCC3748C\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB3AEBFFA9E907145906294AB669B1F2\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE142BFA81B72674892EB318BD603CB0\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE90A73A5D5A01a43A2EDCCF04BA9487\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D05B2B3F5629f9d41A7E57FB534168CA\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D158B0E5D051EA046B8E08BF6B004842\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D45A81F48EF19334EABB33FF8871C4F5\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D538E650623CB2C43AD5FBF587227D55\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D8D06C15BF8AFCD449EFF90B935AEF7C\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB1AE396B3BBfe940922C55C6EEF740A\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDF89DEE0C7E9A5448382117C4436818\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E55AA93871A0fde4490A708053AC6501\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E954A03F45EC92B419A55A0D4815C0A3\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E97C12D46BF588241856422D760336B4\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EA1332016439DD54C840C7D45CFB2705\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EFBB6B0872B0DBB4D912A0F52986399D\ (AskBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646\ (AskBar)
   HKLM\SYSTEM\ControlSet001\Services\APNMCP\ (AskBar)
   HKLM\SYSTEM\ControlSet001\Services\Eventlog\Application\Wpm\ (FTDownloader)
   HKLM\SYSTEM\ControlSet002\Services\APNMCP\ (AskBar)
   HKLM\SYSTEM\ControlSet002\Services\Eventlog\Application\Wpm\ (FTDownloader)
   HKLM\SYSTEM\CurrentControlSet\Services\APNMCP\ (AskBar)
   HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm\ (FTDownloader)
   HKU\.DEFAULT\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-18\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\Conduit\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\Smartbar\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Conduit\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Conduit\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\PriceGong\ (PriceGong)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Smartbar\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Conduit\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AppDataLow\Software\Conduit\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Conduit\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Conduit\ (Conduit)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AppDataLow\Software\Crossrider\ (iPumper)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AskPartnerNetwork\ (AskBar)
   HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Conduit\ (Conduit)

Mfg Jojobin

deeprybka 04.07.2014 14:22
Liste der Anhänge anzeigen (Anzahl: 1)
Nö, geht so...

http://www.trojaner-board.de/attachm...1&d=1404480086


Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Jojobin 04.07.2014 19:02
Esset Log
Code:
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=b8fb1c511dd121499f6596361388b400
# engine=19022
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-07-04 05:33:56
# local_time=2014-07-04 07:33:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 904945 242019142 0 0
# scanned=213580
# found=105
# cleaned=0
# scan_time=14486
sh=297834C3BA7DDC4ED4662C56468655B25C7B0D62 ft=1 fh=c7091104e653332e vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll.vir"
sh=9B62FB6B35E95AF7CBA9E6D862C2981ACC53F95E ft=1 fh=3a4703d3e461e003 vn="Variante von Win32/Toolbar.CrossRider.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bg.exe.vir"
sh=024EFC6650D86DBBF0E2253F885E814AD0D4AA55 ft=1 fh=4b650565e700c147 vn="Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-bho64.dll.vir"
sh=F7EAF3844A2FA167F1B3D5514B5E95B7FE2EB584 ft=1 fh=3d74ec294a8747eb vn="Variante von Win32/Toolbar.CrossRider.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil.exe.vir"
sh=2B4570CBF54B53B94F8A6FDCA4B668CFCC228892 ft=1 fh=c71c0011db67283c vn="möglicherweise Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil64.dll.vir"
sh=4867658EBE979AFDB081378ECEE7EAFA521EEE90 ft=1 fh=3d74ec29dcde0a77 vn="möglicherweise Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-buttonutil64.exe.vir"
sh=9081272059283C29EA6399FEDA5C8F2259D1D27D ft=1 fh=b4e3473111de4047 vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-codedownloader.exe.vir"
sh=646462BADEC3189BAF4BD7BF72DA38FE4E4DDDB3 ft=1 fh=75c4d8404236fdba vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-enabler.exe.vir"
sh=E0D174DD3160397559899BF96E08C71159B13D53 ft=1 fh=9c36fb84f91539bc vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\HDvid Codec V1-updater.exe.vir"
sh=24165C1DD00ACE869F1BD75885E6C8CAAE374809 ft=1 fh=1ce77273f922b6a7 vn="Win32/Packed.VMDetector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvid Codec V1\utils.exe.vir"
sh=78B657E2CFB4833BB489C9CD4C75F2221886EBFE ft=1 fh=627bc7b48335d3b2 vn="Win32/Packed.ScrambleWrapper.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvidCodec.com\HDvidCodecIE.exe.vir"
sh=DFE43AD6B4B6E815442723162D307C4D15D6E83E ft=1 fh=dbdf43c41bcd540b vn="Win32/Packed.ScrambleWrapper.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDvidCodec.com\hdvidextsetup.exe.vir"
sh=709D5E1CE0B870E11AACABC3CF0522071EF4C026 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\33036.crx.vir"
sh=7BD13D5690CD812FC9B811CB004AE37E40E9D444 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\33036.xpi.vir"
sh=1D6F12EBD2BF0535CA11ED3CD5CDC38679D722E2 ft=1 fh=4dcd4b473cf7ddae vn="Variante von Win32/Toolbar.CrossRider.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho.dll.vir"
sh=00933B5933E1107D24FDDFC8B0A2D31A16C57935 ft=1 fh=f2a5cf74b45ae7a8 vn="Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-bho64.dll.vir"
sh=F7667725C4641FE94BC1CC05D2DBE32D42A956EA ft=1 fh=4f182d81264934b1 vn="möglicherweise Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-buttonutil64.dll.vir"
sh=EF4353472B3D27A841392B8AB48A3D4F20249CE3 ft=1 fh=7bda7a14e0b62f7e vn="möglicherweise Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-buttonutil64.exe.vir"
sh=AC97CEDAD226F33E4C2AD936E8FDD7750235C8B0 ft=1 fh=a877c2ea96e3c90a vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-chromeinstaller.exe.vir"
sh=2529974DBE6E0C679B8F7392F5D28DF73EAB88FE ft=1 fh=741cdb47a6210c97 vn="Variante von Win32/Toolbar.CrossRider.T evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-codedownloader.exe.vir"
sh=ACA0F6C38D7AA605914CFF2C4A6753A753F20428 ft=1 fh=c86d96adef0c5495 vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-enabler.exe.vir"
sh=9D989CEF71E0E8CCEC77DB2427FF84363D569A19 ft=1 fh=5b6006e2634990d4 vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-firefoxinstaller.exe.vir"
sh=B8D7F5484360F42AE0052242C5D05D327C6F4787 ft=1 fh=a23594fed862e14e vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-2.2\Plus-HD-2.2-updater.exe.vir"
sh=C7C0F42A23562AA6DCCD60326FD8CC2AA41B5448 ft=1 fh=c053642cee9f3def vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=125B1C393F2104CBA08183E495C0907BFF7EDA22 ft=1 fh=ea25908c8365106f vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=8E85792765D0E0BF52107CFF4A6620995DB19BB0 ft=1 fh=627da500ea2e265f vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterfacef32.dll.vir"
sh=6043D1ACD51FD373472020FBB748C405AAF22397 ft=1 fh=4c716dbbae6c21b9 vn="Win32/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=FF431CD8693F4045BD7BD87DBCE54B820F000FC0 ft=1 fh=16c2e1bd3fd6b7e2 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=5836A5DF3860241F6B69F2292ABCE592A13689B6 ft=1 fh=a3db04555f559ea8 vn="Variante von Win32/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir"
sh=9DC13DB9C123270C2356ED410128E11D5ADF7C6E ft=1 fh=023ab782f0a9b07d vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=BEFC0099864AA52ABB0A3B99793A5A1BF525401D ft=1 fh=64b34719c3735e0d vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\winzipersvc.exe.vir"
sh=56659F7FF1F1FA7906A77228E315F65F38BCEF73 ft=1 fh=0ff759dfc352fd03 vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir"
sh=662B9923F7C796C1766AF1488302447F9216061A ft=1 fh=fff34c570ca51c53 vn="Variante von MSIL/Adware.PullUpdate.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\InternetUpdater\InternetUpdaterService.exe.vir"
sh=F0C172550AA4ED9255C4D7AFCC650991F29AB7AA ft=1 fh=f4da2b89fff0e940 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Updater\Uninstall.exe.vir"
sh=A70C63312CBCD0D975236E48372A5F3275A01554 ft=1 fh=b3500ac9ac48c1c9 vn="Variante von Win32/ELEX.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WPM\wprotectmanager.exe.vir"
sh=9EFDE89A61BAAA7D5D5D4B08214BE3D2EE505248 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\102_dealply_m.js.vir"
sh=57F445259F179510FE1EACAAD27A82E87305756C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\103_intext_5_m.js.vir"
sh=30630D311A124BA372D209C02247D8A4238E3610 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\104_jollywallet_m.js.vir"
sh=04253E738106628805978963C1648F429CD2A08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\105_corticas_m.js.vir"
sh=D7B46B5A4169AC7B179A70D92A6139EA9C4EAE6F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\108_icm_m.js.vir"
sh=DA209282A25696B4D678B78442C261C5D81DC81B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\119_similar_web_m.js.vir"
sh=E5DA6BC389AFE8C4BE0D4BDF007094964623BEE4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\123_intext_adv_m.js.vir"
sh=B8B5897BC3983B6CE75447868BDAE3EB1441E61C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\155_ibario_pops_m.js.vir"
sh=00211CE73FB698A04BEF6622CB5B086D520B896D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js.vir"
sh=DB730C30AB384D45E22D00304F1103E934CB33B9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\178_revizer_ws_dynamic_m.js.vir"
sh=94D9025E35A51C71746811F94F4AA5EFC9133252 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\179_revizer_p_dynamic_m.js.vir"
sh=E87ABD87A6168E160F36A5CE9E444C1719F203DC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\180_bpo_serp_m.js.vir"
sh=B4853CCBF4F400FB3A12155815CFFD0D74C8EEAC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\184_noproblemppc_m.js.vir"
sh=AF993393F8553D67CDA46A7E16D768A12464A7C7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\189_active_sanity.js.vir"
sh=39D85F60370A7E5065A9BDC9D83216476D768A60 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\191_ciuvo_m.js.vir"
sh=7F88F1865FBE0A134FAEA5DA7B88C7264BBC1606 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\194_retargeting_bi_m.js.js.vir"
sh=705F7674C554A2BDA26E88C6776C54FDBF379002 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\195_icm_convertmedia_m.js.vir"
sh=BAFD0049395B7968BFFBC54723176162D6687D58 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\208_gam_manager.js.vir"
sh=D767D39DA00E1507AB72DF2BBF0DF984E5F67F87 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\221_icm_downloads_m.js.vir"
sh=2DC335A206411AD5B2CB8E8AB2B1333596493CB9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\226_set_campaign_id_m.js.vir"
sh=99ED957925C94680B2842F0C146CF7F28A86CCD0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Claudia\AppData\Roaming\Mozilla\Firefox\Profiles\2wkvtexf.default\Extensions\4fdacf00-e9c4-4ad5-b4cf-bf9800f184f6@36857116-74e0-4973-936f-860cd2a102a9.com\extensionData\plugins\93_superfish_no_coupons_m.js.vir"
sh=9D7E00EC736140394D5885417303D94D44553A41 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo\1.26.215_0\extensionData\plugins\194.js.vir"
sh=465A61F1CA60AA5CC6B395A524A560FBEFF6F798 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfakeonomonapccoamcmdgpoaicnpnoo\1.26.215_0\extensionData\plugins\91.js.vir"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\LocalLow\softonic-de3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll.vir"
sh=CCAA0FF50DB699E9A228346CD413AAB42E358CD9 ft=1 fh=e07319f97f2359ad vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\15B58DC5C7724C2F8A94970D73D245B5\LatestDLMgr.exe.vir"
sh=6578328F5E21CD553EF80BB218F5F0012A404580 ft=1 fh=3011ffa59345c6eb vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\2BF74664463843378BDF4B5212CC8090\Iminent_CB_p1v4.exe.vir"
sh=CCAA0FF50DB699E9A228346CD413AAB42E358CD9 ft=1 fh=e07319f97f2359ad vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\2BF74664463843378BDF4B5212CC8090\LatestDLMgr.exe.vir"
sh=A4F319312C51671C3A95C478B1006769263996A9 ft=1 fh=886ae4ceae92d42e vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\2BF74664463843378BDF4B5212CC8090\OCBrowserHelper_1.0.3.85.dll.vir"
sh=A4F319312C51671C3A95C478B1006769263996A9 ft=1 fh=886ae4ceae92d42e vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\970DB58AA60F4204828738487A6F1FF7\OCBrowserHelper_1.0.3.85.dll.vir"
sh=515646FFCED3B23D908C7F0E417B631F3B07A056 ft=1 fh=89f1249ae3e9df25 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Maddin\AppData\Roaming\OpenCandy\FBCFE37D39F64CBF90D57F405DA1F2E6\HSS-2.67-install-p76-335-conduit.exe.vir"
sh=BEE96291323D129CF104D0FA8ECBE8AAB5E4BCA5 ft=1 fh=c71c001156299171 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="C:\Nero_Move_it_Essentials\Nero Move it Essentials\unit_app_75\Toolbar.exe"
sh=0AB7E14045C76206A8733C6E4D36220A58C85A77 ft=1 fh=9f671b8e7a289dd3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
sh=B506B2465FD10608020D30ED9047B5E11DE63FA0 ft=1 fh=10102a51b62618f2 vn="Win32/Bundled.Toolbar.Ask.E potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe"
sh=408E55A7D2D56C02EF844CA63C1EA8D440D1F8B2 ft=1 fh=cf5f3ba9cab9d1c3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll"
sh=EC5913DE16698FF281FE1F1108602BD300AFDA91 ft=1 fh=400322602d09beb6 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe"
sh=4E3A9EF57C71B5829AC8CD185CBED27AF6610C13 ft=1 fh=83a0e01ca2b69786 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SO.dll"
sh=698FB11D2C5D96C744D8602AD22309F10509063A ft=1 fh=c3312308a781a9fa vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar.dll"
sh=0111559B94F5572B6777EBE3E85CB9F9C94BC85B ft=1 fh=76e883fd9357c7a4 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe"
sh=BB237CE0031AFF6ABD4E3626D7C6AE3D6ABEDB5A ft=1 fh=2522929e49563be6 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll"
sh=9C835C702D070F54C59E36FED31696261FEBFDA3 ft=1 fh=29643e02259e76bc vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar_x64.dll"
sh=B27AA1F8303815E20CE148744957CB3726BCDE96 ft=1 fh=e7bb97c341e31fcc vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe"
sh=6CDE6B1DD298CA47510EB79334AE149F60FEFFCE ft=1 fh=0241d1e8e3e9ed03 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll"
sh=84987AF48F5107F84A12BB7418C0A7A2106906B0 ft=1 fh=6e62188c597b6ea7 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll"
sh=1D8EC6612F09B82BE7D61BB29C69D5E78DD9D677 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\AskToolbarInstaller-12.10.0_AVIRA-V7C.msi"
sh=0AB7E14045C76206A8733C6E4D36220A58C85A77 ft=1 fh=9f671b8e7a289dd3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe"
sh=408E55A7D2D56C02EF844CA63C1EA8D440D1F8B2 ft=1 fh=cf5f3ba9cab9d1c3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll"
sh=EC5913DE16698FF281FE1F1108602BD300AFDA91 ft=1 fh=400322602d09beb6 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe"
sh=4E3A9EF57C71B5829AC8CD185CBED27AF6610C13 ft=1 fh=83a0e01ca2b69786 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\SO.dll"
sh=698FB11D2C5D96C744D8602AD22309F10509063A ft=1 fh=c3312308a781a9fa vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll"
sh=0111559B94F5572B6777EBE3E85CB9F9C94BC85B ft=1 fh=76e883fd9357c7a4 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe"
sh=BB237CE0031AFF6ABD4E3626D7C6AE3D6ABEDB5A ft=1 fh=2522929e49563be6 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll"
sh=9C835C702D070F54C59E36FED31696261FEBFDA3 ft=1 fh=29643e02259e76bc vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll"
sh=B27AA1F8303815E20CE148744957CB3726BCDE96 ft=1 fh=e7bb97c341e31fcc vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe"
sh=0F17C64E7D6FEE1347019A0A7E2C78DFA98B5E55 ft=1 fh=a3e012e963e0f858 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
sh=6CDE6B1DD298CA47510EB79334AE149F60FEFFCE ft=1 fh=0241d1e8e3e9ed03 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll"
sh=84987AF48F5107F84A12BB7418C0A7A2106906B0 ft=1 fh=6e62188c597b6ea7 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll"
sh=3EFB0D2DE276FB8A10A07F04E326481095CB78AA ft=1 fh=d53919b725032eb4 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\vntldr.exe"
sh=0F17C64E7D6FEE1347019A0A7E2C78DFA98B5E55 ft=1 fh=a3e012e963e0f858 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
sh=FD0483A45EF23EB4DEF1523906A28A4A5D3C0D77 ft=1 fh=fcf2e467b851cbbd vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe"
sh=C8B96034415ABE6FDBA82FF60E8157E97DED8CC6 ft=1 fh=afea4f88be0404c6 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Maddin\Downloads\ccsetup410pro.exe"
sh=F36AAC832975A632FA8BE587E5777777245FFA69 ft=1 fh=ae8eb907f63eab71 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maddin\Downloads\Firefox - CHIP-Installer.exe"
sh=6595EBE98D06263EDBB10C84DD857DF6CB932800 ft=1 fh=8177540bcf935086 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maddin\Downloads\OpenOffice - CHIP-Installer(1).exe"
sh=B48B1E6B136CF17C143DC15485A2ECBF8403D6EB ft=1 fh=4480f35869d896ea vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maddin\Downloads\OpenOffice - CHIP-Installer(2).exe"
sh=7FC797F92BE743F580CBC7F4DB1D64A8B82890E9 ft=1 fh=a254ad6ed11136b5 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maddin\Downloads\OpenOffice - CHIP-Installer.exe"
sh=6DA77E62AF75D8A8BD1307C3BC4320CA7976049A ft=1 fh=ed04f9185abe4587 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Maddin\Downloads\YTDSetup_4.8.0.4.exe"
sh=D65C9B8B90C17471B595F97F547003EC5B5028C1 ft=0 fh=0000000000000000 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\18e07.msi"
sh=C70872D7B4F48D529A179C0FA54AB65FB1B982F4 ft=1 fh=f2e2b15faf5e28f3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\MSIBC30.tmp"
FRST Log

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by Maddin (administrator) on MARTIN on 04-07-2014 19:52:02
Running from C:\Users\Maddin\Downloads
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe
() C:\Windows\SysWOW64\HsMgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Corel) C:\Program Files (x86)\Corel Home Office\CORELC~1.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\FirewallControlPanel.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Cmaudio8768GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [54072 2014-05-12] (Malwarebytes Corporation)
HKU\.DEFAULT\...\Run: [Picasa Media Detector] => C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
HKU\.DEFAULT\...\Run: [fsc-reg] => c:\fsc-reg\fscreg.exe [380688 2008-08-01] (Fujitsu Siemens)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3559629360-2871224288-528010784-1000\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1000\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Setup.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_Plugin.exe -update plugin
HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Installer.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10v_Plugin.exe -update plugin
HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {171db5d8-f2aa-11dd-ad52-806e6f6e6963} - F:\Installer.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7ebde948-31da-11de-b5c8-00242110eaf6} - D:\SH3Autorun.exe
HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3559629360-2871224288-528010784-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Updater] => C:\ProgramData\Updater\updater.exe
Startup: C:\Users\Maddin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
BootExecute:

==================== Internet (Whitelisted) ====================

URLSearchHook: HKLM-x32 - (No Name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {301B60B5-4EE1-421E-95C2-22CB96AA0A8F} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=501549&p={searchTerms}
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg64.dll (Google Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - No Name - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} -  No File
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKCU - No Name - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} -  No File
Toolbar: HKCU - No Name - {62D40876-DF18-411F-9D34-A9DD7A197BC5} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pack.google.com/Google Updater;version=13 - C:\Program Files (x86)\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: FoxyDeal - C:\Users\Maddin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-05-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-03]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-20]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-20]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Extension: (Google Docs) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-20]
CHR Extension: (Google Drive) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-20]
CHR Extension: (YouTube) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-20]
CHR Extension: (Adblock Plus) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-05]
CHR Extension: (Google-Suche) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-20]
CHR Extension: (Google Wallet) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (Google Mail) - C:\Users\Maddin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-03-02]
CHR HKLM-x32\...\Chrome\Extension: [nlcphjankhppgohedpkjonpadimhaoof] - C:\Users\Maddin\AppData\Roaming\Browser Extensions\sh_1.0.crx [2012-03-02]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [801872 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-01] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 D-Link Wireless N DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-06-03] ()
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-07-04] (SurfRight B.V.)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
R2 TestHandler; C:\Program Files (x86)\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [341264 2009-02-19] (Fujitsu Technology Solutions)
U3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2013-05-14] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-11-21] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
S4 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-25] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2009-05-22] (C-Media Inc)
R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1035104 2010-04-29] (Ralink Technology Corp.)
S3 PDNMp50; C:\Windows\SysWOW64\drivers\PDNMp50.sys [28224 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PDNSp50; C:\Windows\SysWOW64\drivers\PDNSp50.sys [27072 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2009-10-14] (TuneUp Software)
U0 wfgcbea; C:\Windows\System32\drivers\suklhuxe.sys [79064 2014-07-04] (Malwarebytes Corporation)
R1 {55685567-4840-4a91-962b-49a412e9485a}Gt64; C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gt64.sys [60088 2014-05-28] (StdLib)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 LVcKap64; system32\DRIVERS\LVcKap64.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PDNSp50a64; System32\Drivers\PDNSp50a64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 15:29 - 2014-07-04 15:29 - 02347384 _____ (ESET) C:\Users\Maddin\Downloads\esetsmartinstaller_deu (1).exe
2014-07-04 15:26 - 2014-07-04 15:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 15:25 - 2014-07-04 15:25 - 02347384 _____ (ESET) C:\Users\Maddin\Downloads\esetsmartinstaller_deu.exe
2014-07-04 15:05 - 2014-07-04 15:05 - 00186726 _____ () C:\Users\Maddin\Desktop\HitmanPro_20140704_1505.log
2014-07-04 14:53 - 2014-07-04 14:54 - 00001750 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-07-04 14:53 - 2014-07-04 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-07-04 14:53 - 2014-07-04 14:53 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-04 14:52 - 2014-07-04 14:53 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-04 14:52 - 2014-07-04 14:52 - 11185664 _____ (SurfRight B.V.) C:\Users\Maddin\Downloads\HitmanPro_x64.exe
2014-07-04 14:10 - 2014-07-04 14:10 - 00000255 _____ () C:\Users\Maddin\Desktop\Suchlauf.txt
2014-07-04 14:09 - 2014-07-04 14:09 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\suklhuxe.sys
2014-07-04 13:46 - 2014-07-04 14:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 13:45 - 2014-07-04 13:45 - 00000947 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-04 13:45 - 2014-07-04 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-04 13:45 - 2014-07-04 13:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-04 13:45 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-04 13:45 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-04 13:44 - 2014-07-04 13:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Maddin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 13:19 - 2014-07-04 13:26 - 00038376 _____ () C:\Users\Maddin\Downloads\Addition.txt
2014-07-04 13:17 - 2014-07-04 19:52 - 00019493 _____ () C:\Users\Maddin\Downloads\FRST.txt
2014-07-04 13:17 - 2014-07-04 19:52 - 00000000 ____D () C:\FRST
2014-07-04 13:16 - 2014-07-04 13:16 - 02083840 _____ (Farbar) C:\Users\Maddin\Downloads\FRST64.exe
2014-07-02 19:41 - 2014-07-02 19:41 - 00537974 _____ () C:\Users\Maddin\Downloads\noscript-2.6.8.31.xpi.zip
2014-06-26 22:09 - 2014-06-26 22:09 - 00000921 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-26 22:07 - 2014-06-26 22:08 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\Maddin\Downloads\TeamSpeak3-Client-win64-3.0.15.exe
2014-06-26 10:13 - 2014-06-26 10:13 - 00000000 ____D () C:\New Folder
2014-06-26 10:10 - 2014-07-02 19:41 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\SynWrite
2014-06-26 10:10 - 2014-07-02 19:41 - 00000000 ____D () C:\SynWrite
2014-06-26 10:10 - 2014-06-26 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SynWrite
2014-06-26 10:08 - 2014-06-26 10:10 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite (1).exe
2014-06-26 10:04 - 2014-06-26 10:06 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite.exe
2014-06-25 22:29 - 2014-06-26 08:02 - 00000666 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-06-25 22:28 - 2014-07-01 14:11 - 00000000 ____D () C:\Users\Maddin\Documents\StarCraft II
2014-06-25 22:28 - 2014-06-26 08:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-24 20:55 - 2014-06-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-24 20:46 - 2014-06-24 20:46 - 01342659 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.213.exe
2014-06-24 20:42 - 2014-06-24 21:44 - 00002114 _____ () C:\Windows\PFRO.log
2014-06-24 08:28 - 2014-06-24 08:28 - 02804344 _____ (TeamViewer GmbH) C:\Users\Maddin\Downloads\customermodule_avira_support_de.exe
2014-06-24 08:28 - 2014-06-24 08:28 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TeamViewer
2014-06-23 11:04 - 2014-06-23 11:04 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212 (1).exe
2014-06-19 21:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-19 21:57 - 2014-06-19 21:57 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212.exe
2014-06-19 15:52 - 2014-06-19 15:52 - 00011965 _____ () C:\Users\Maddin\Documents\Unbenannt 1.ods
2014-06-19 14:35 - 2014-06-19 14:35 - 00448512 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\TFC (1).exe
2014-06-12 21:57 - 2014-06-12 21:57 - 00000000 ____D () C:\ProgramData\HPSSUPPLY
2014-06-11 08:54 - 2014-05-28 20:53 - 17857536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 08:54 - 2014-05-28 20:37 - 02338816 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 08:54 - 2014-05-28 20:35 - 10890240 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 08:54 - 2014-05-28 20:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 08:54 - 2014-05-28 20:31 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 08:54 - 2014-05-28 20:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 08:54 - 2014-05-28 20:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 02148352 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 08:54 - 2014-05-28 20:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 08:54 - 2014-05-28 20:29 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 08:54 - 2014-05-28 20:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-11 08:54 - 2014-05-28 20:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-11 08:54 - 2014-05-28 20:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-11 08:54 - 2014-05-28 20:27 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 08:54 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 08:54 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 08:54 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 08:54 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 08:54 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 08:54 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 08:54 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-11 08:54 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 08:54 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 08:54 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-11 08:54 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 08:54 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 08:54 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 08:54 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-11 08:54 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-11 08:54 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 08:54 - 2014-04-26 20:21 - 00622592 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 08:54 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 08:54 - 2014-04-05 11:10 - 01422784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 08:54 - 2014-03-10 08:26 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 08:54 - 2014-03-10 08:26 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 08:54 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 08:54 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-05 15:25 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\Program Files\iTunes
2014-06-05 15:24 - 2014-06-05 15:25 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-05 15:24 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2014-07-04 19:52 - 2014-07-04 13:17 - 00019493 _____ () C:\Users\Maddin\Downloads\FRST.txt
2014-07-04 19:52 - 2014-07-04 13:17 - 00000000 ____D () C:\FRST
2014-07-04 19:11 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 19:11 - 2006-11-02 17:22 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-04 19:04 - 2014-01-30 15:27 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 19:00 - 2014-05-09 19:49 - 01254195 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 18:55 - 2013-01-29 20:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 15:29 - 2014-07-04 15:29 - 02347384 _____ (ESET) C:\Users\Maddin\Downloads\esetsmartinstaller_deu (1).exe
2014-07-04 15:26 - 2014-07-04 15:26 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-04 15:25 - 2014-07-04 15:25 - 02347384 _____ (ESET) C:\Users\Maddin\Downloads\esetsmartinstaller_deu.exe
2014-07-04 15:05 - 2014-07-04 15:05 - 00186726 _____ () C:\Users\Maddin\Desktop\HitmanPro_20140704_1505.log
2014-07-04 14:54 - 2014-07-04 14:53 - 00001750 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-07-04 14:53 - 2014-07-04 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-07-04 14:53 - 2014-07-04 14:53 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-04 14:53 - 2014-07-04 14:52 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-04 14:52 - 2014-07-04 14:52 - 11185664 _____ (SurfRight B.V.) C:\Users\Maddin\Downloads\HitmanPro_x64.exe
2014-07-04 14:40 - 2014-07-04 13:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 14:10 - 2014-07-04 14:10 - 00000255 _____ () C:\Users\Maddin\Desktop\Suchlauf.txt
2014-07-04 14:09 - 2014-07-04 14:09 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\suklhuxe.sys
2014-07-04 14:09 - 2014-01-31 13:13 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\52eb85fbe56da19e5803d976
2014-07-04 14:09 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\MSAgent
2014-07-04 13:45 - 2014-07-04 13:45 - 00000947 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-04 13:45 - 2014-07-04 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-04 13:45 - 2014-07-04 13:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-04 13:45 - 2010-07-25 21:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-04 13:44 - 2014-07-04 13:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Maddin\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-04 13:37 - 2009-12-04 19:15 - 00004140 _____ () C:\Windows\System32\Tasks\Google Software Updater
2014-07-04 13:37 - 2009-08-27 21:27 - 00001034 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-07-04 13:26 - 2014-07-04 13:19 - 00038376 _____ () C:\Users\Maddin\Downloads\Addition.txt
2014-07-04 13:16 - 2014-07-04 13:16 - 02083840 _____ (Farbar) C:\Users\Maddin\Downloads\FRST64.exe
2014-07-04 13:12 - 2014-01-30 15:27 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 13:11 - 2009-01-26 12:49 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-04 13:11 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-03 21:17 - 2009-07-04 16:33 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\CorelHomeOffice
2014-07-03 21:17 - 2006-11-02 17:42 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-02 23:07 - 2014-04-19 00:19 - 00000000 ____D () C:\Users\Maddin\AppData\Local\Battle.net
2014-07-02 23:07 - 2010-11-19 21:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-02 23:07 - 2009-12-30 21:40 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TS3Client
2014-07-02 19:41 - 2014-07-02 19:41 - 00537974 _____ () C:\Users\Maddin\Downloads\noscript-2.6.8.31.xpi.zip
2014-07-02 19:41 - 2014-06-26 10:10 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\SynWrite
2014-07-02 19:41 - 2014-06-26 10:10 - 00000000 ____D () C:\SynWrite
2014-07-02 19:33 - 2011-05-19 18:49 - 00003686 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D93DBACB-AE77-466D-9B91-FD8EC005C83B}
2014-07-01 14:11 - 2014-06-25 22:28 - 00000000 ____D () C:\Users\Maddin\Documents\StarCraft II
2014-07-01 14:05 - 2013-03-27 20:49 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-26 22:09 - 2014-06-26 22:09 - 00000921 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-26 22:09 - 2014-06-26 22:09 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-06-26 22:08 - 2014-06-26 22:07 - 29256752 _____ (TeamSpeak Systems GmbH) C:\Users\Maddin\Downloads\TeamSpeak3-Client-win64-3.0.15.exe
2014-06-26 22:06 - 2009-12-30 21:39 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-06-26 10:13 - 2014-06-26 10:13 - 00000000 ____D () C:\New Folder
2014-06-26 10:10 - 2014-06-26 10:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SynWrite
2014-06-26 10:10 - 2014-06-26 10:08 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite (1).exe
2014-06-26 10:06 - 2014-06-26 10:04 - 13642531 _____ (UVViewSoft ) C:\Users\Maddin\Downloads\synwrite.exe
2014-06-26 08:02 - 2014-06-25 22:29 - 00000666 _____ () C:\Users\Public\Desktop\StarCraft II.lnk
2014-06-26 08:02 - 2014-06-25 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2014-06-25 22:29 - 2010-04-07 14:41 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-25 22:26 - 2014-04-19 00:18 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-06-24 21:44 - 2014-06-24 20:42 - 00002114 _____ () C:\Windows\PFRO.log
2014-06-24 20:55 - 2014-06-24 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-24 20:48 - 2013-02-16 13:14 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-06-24 20:47 - 2013-12-13 16:22 - 00000000 ____D () C:\AdwCleaner
2014-06-24 20:46 - 2014-06-24 20:46 - 01342659 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.213.exe
2014-06-24 08:28 - 2014-06-24 08:28 - 02804344 _____ (TeamViewer GmbH) C:\Users\Maddin\Downloads\customermodule_avira_support_de.exe
2014-06-24 08:28 - 2014-06-24 08:28 - 00000000 ____D () C:\Users\Maddin\AppData\Roaming\TeamViewer
2014-06-23 11:04 - 2014-06-23 11:04 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212 (1).exe
2014-06-22 20:37 - 2014-04-28 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-06-22 20:37 - 2013-05-31 04:21 - 00003786 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2014-06-20 20:07 - 2014-03-24 16:39 - 00000000 ____D () C:\Program Files (x86)\Ubi Soft
2014-06-20 20:07 - 2009-04-09 17:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-20 20:01 - 2013-11-13 18:15 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-06-20 19:59 - 2014-01-30 15:27 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 19:59 - 2014-01-30 15:27 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 19:42 - 2013-03-27 20:49 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-19 22:01 - 2009-04-09 17:00 - 00000000 ____D () C:\ProgramData\ICQ
2014-06-19 22:00 - 2009-04-03 16:44 - 00000000 ____D () C:\Users\Maddin
2014-06-19 21:57 - 2014-06-19 21:57 - 01333465 _____ () C:\Users\Maddin\Downloads\adwcleaner_3.212.exe
2014-06-19 15:52 - 2014-06-19 15:52 - 00011965 _____ () C:\Users\Maddin\Documents\Unbenannt 1.ods
2014-06-19 15:41 - 2010-11-27 21:19 - 00009725 _____ () C:\ProgramData\hpzinstall.log
2014-06-19 15:26 - 2010-11-27 21:19 - 00225436 _____ () C:\Windows\hpoins46.dat
2014-06-19 15:26 - 2006-11-02 14:34 - 00000281 _____ () C:\Windows\win.ini
2014-06-19 14:35 - 2014-06-19 14:35 - 00448512 _____ (OldTimer Tools) C:\Users\Maddin\Downloads\TFC (1).exe
2014-06-17 13:33 - 2013-12-20 21:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-13 08:44 - 2008-01-21 13:10 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-13 08:44 - 2008-01-21 13:09 - 00674024 _____ () C:\Windows\system32\perfh007.dat
2014-06-13 08:44 - 2008-01-21 13:09 - 00146036 _____ () C:\Windows\system32\perfc007.dat
2014-06-12 21:57 - 2014-06-12 21:57 - 00000000 ____D () C:\ProgramData\HPSSUPPLY
2014-06-11 19:40 - 2013-08-14 14:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 19:37 - 2006-11-02 14:35 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-06-11 12:02 - 2012-06-19 11:45 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-06-05 15:25 - 2014-06-05 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iTunes
2014-06-05 15:25 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-05 15:24 - 2014-06-05 15:24 - 00000000 ____D () C:\Program Files\iPod
2014-06-05 15:24 - 2014-04-28 11:15 - 00000000 ____D () C:\ProgramData\Apple Computer

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.4500.dll


Some content of TEMP:
====================
C:\Users\Maddin\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-07-04 13:24

==================== End Of Log ============================
--- --- ---


Addition Log
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by Maddin at 2014-07-04 19:52:40
Running from C:\Users\Maddin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alice Software 4.9.2 (HKLM-x32\...\Alice Software) (Version: 4.9.2 - HanseNet Telekommunikation GmbH)
Alice-Installationsdateien entfernen (HKLM-x32\...\Alice) (Version:  - )
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-4300-A758B70C0A00}) (Version: 12.10.0.2951 - APN, LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Copy (x32 Version: 130.0.366.000 - Hewlett-Packard) Hidden
Corel Home Office 5.0.36 (HKLM-x32\...\{080FE95E-5A89-4A54-BAAA-D769971B7C2D}) (Version: 5 - Corel)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 130.0.406.000 - Hewlett-Packard) Hidden
D-Link DWA-140 (HKLM-x32\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version:  - D-Link)
Energy Settings (HKLM-x32\...\{7613592F-B20C-4E1B-B2DD-67F0784D4373}) (Version: 1.0.7 - Fujitsu Siemens Computers)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
F4500 (x32 Version: 130.0.406.000 - Hewlett-Packard) Hidden
Free YouTube Download version 3.2.0.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.0.128 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Updater (HKLM-x32\...\Google Updater) (Version: 2.4.1698.5652 - Google Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.220 - SurfRight B.V.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4500 Printer Driver Software 13.0 Rel .6 (HKLM\...\{7F08A772-2816-4F46-84F1-49578502AD28}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.01.1015 - Logitech Inc.)
Logitech® Camera-Treiber (HKLM-x32\...\QcDrv) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
Nero 7 Demo (HKLM-x32\...\{C7E1449D-7638-6832-426D-589655951031}) (Version: 7.00.1466 - Nero AG)
Nero Reloaded PlugIn Pack 2.0.4 by GEAR (HKLM-x32\...\{F3D7915D-6B42-49FA-9FC8-5020479A6A57}) (Version: 2.0.4 - GoldEsel)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.59.37 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7325.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 (HKLM-x32\...\{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1) (Version:  - Orban, Inc.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5772 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 5.9 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.9.123 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sniper Elite: Zombie Army (HKLM-x32\...\Steam App 235700) (Version:  - Rebellion)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SynWrite version 6.4.760 (HKLM-x32\...\SynWrite_is1) (Version: 6.4.760 - UVViewSoft)
SystemDiagnostics (HKLM-x32\...\{EF59DB7F-7426-426E-B862-7031F83ED304}) (Version: 2.04.0006 - Fujitsu Technology Solutions)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TerraTec Aureon 5.1 Audio Driver (HKLM\...\C-Media PCI Audio Driver) (Version:  - )
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Tukui Client (HKLM-x32\...\{510CF4AB-E9C8-4F48-BB02-CDC11B880D68}) (Version: 2.2.7 - Tukui)
Tukui Client (HKLM-x32\...\{6517882E-E5E0-40DC-B3B0-A531FF2A06E8}) (Version: 2.4.5 - Tukui)
TuneUp Utilities (HKLM-x32\...\TuneUp Utilities) (Version: 9.0.6030.1 - TuneUp Software)
TuneUp Utilities (x32 Version: 9.0.6030.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 9.0.6030.1 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Vista Demo Screen Saver (HKLM-x32\...\{9605D5C2-F545-40F2-B39A-0462E4CD3811}) (Version: 1.1.5 - Ventuz Technology)
Works Suite-Betriebssystem-Pack (x32 Version: 1.0.0.0000 - Microsoft Corporation) Hidden
WorldofTanks (HKCU\...\WorldofTanks) (Version:  - WorldofTanks)

==================== Restore Points  =========================

31-05-2014 17:30:38 Windows Update
04-06-2014 00:15:05 Windows Update
10-06-2014 07:49:10 Windows Update
11-06-2014 17:32:58 Windows Update
17-06-2014 11:32:54 Windows Update
20-06-2014 17:38:26 Windows Update
20-06-2014 18:06:13 Entfernt Tom Clancy's Splinter Cell
22-06-2014 19:25:08 Geplanter Prüfpunkt
24-06-2014 06:10:19 Windows Update
02-07-2014 17:37:26 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03734EA4-6886-4FFF-BDC9-10BDB40D1B41} - System32\Tasks\Google Updater and Installer => C:\Users\Maddin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {0C53DB7C-3292-41C6-BBE2-E09C1AAC656F} - System32\Tasks\WOT WFRI1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {0D60C924-08F7-4AAE-A8C9-72FED50DAF8A} - \Plus-HD-2.2-chromeinstaller No Task File <==== ATTENTION
Task: {133D8A4C-D133-4BB1-BE06-633AFE748C9C} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {1C26A2D5-BD29-4388-B66D-DD6D4A40B7A1} - System32\Tasks\WOT WMON1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {1F6F6465-1B1C-4B6C-BFFA-08B7DB938F46} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {213121A8-BEDD-4D7E-AFAD-04C9767D7779} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {22082927-5B18-4E51-9D24-37C1DC881406} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {36A0BB86-DA41-4B87-B65D-1FF7F4604AE7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {39913DE5-5F6F-4DE9-BD8D-CF1DC0BC674E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {48C17C53-73B2-4132-863F-B783839616A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {4C4EE77B-4F44-4CF1-9882-6653C0FB77D3} - System32\Tasks\Google Software Updater => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-27] (Google)
Task: {5B8E1D3C-500B-4185-9858-B8AE3B9B1B20} - \Plus-HD-2.2-updater No Task File <==== ATTENTION
Task: {5BB20900-5D7E-4327-904C-767A634A161A} - System32\Tasks\WOT T => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {6372E08D-540D-440A-8D2F-5167B33D2D9A} - \Plus-HD-2.2-enabler No Task File <==== ATTENTION
Task: {739DCE2D-7420-48CD-B30B-8091A8CBC200} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {753EB692-0B14-4B0D-9B07-BC11ED29F8A8} - \HDvid Codec V1-enabler No Task File <==== ATTENTION
Task: {7642C8FD-D96B-4CE9-9D00-6FAFFB248A0E} - \Plus-HD-2.2-firefoxinstaller No Task File <==== ATTENTION
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {80A71535-3608-4738-9FE8-7DE6C5FE5A14} - System32\Tasks\WOT W2 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {83EACCD6-FB00-4468-987B-40903B45B1EB} - System32\Tasks\{0E0B6708-828E-4F31-8073-8CCE8A0A7924} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-06-05] (Skype Technologies S.A.)
Task: {9126A9BD-3BA0-45B2-8937-37FD34B7808C} - \DealPly No Task File <==== ATTENTION
Task: {92FCC7E2-AF62-4EF6-BE58-3DB1365A90B8} - \HDvid Codec V1-codedownloader No Task File <==== ATTENTION
Task: {A97048A0-D205-49CE-8A2B-A98D2BEB34D3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AF91A651-088C-4086-9CD4-384F3BA1067B} - System32\Tasks\WOT WWED1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {B13A788C-6EA7-46F5-858E-990B10A0C088} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {B6206A65-57D9-4506-AEF6-ABE2596CA1F9} - System32\Tasks\WOT WTUE1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {C8AED9DC-FEAF-4B53-BB4B-2B200DFAF959} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe [2011-11-21] (TuneUp Software)
Task: {D16C2F03-A27C-4D2E-B36C-D0064F83838E} - System32\Tasks\WOT W1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {E08A976F-F4F8-476D-AF80-CCF028FC15F6} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {E335426E-2CFB-4C9F-ACA1-534DF8D85D45} - \HDvid Codec V1-updater No Task File <==== ATTENTION
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EA9AA878-5CA3-4D7B-A5E1-E9CBCEF9A53D} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Maddin => C:\Program Files\Windows Calendar\WinCal.exe [2008-01-21] (Microsoft Corporation)
Task: {EDE5B0EC-8FF1-4476-A6D2-F191E23DF60B} - \Plus-HD-2.2-codedownloader No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-10 20:12 - 2010-06-03 14:36 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
2012-06-18 20:29 - 2010-01-21 01:53 - 00496232 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
2012-06-18 20:29 - 2010-01-21 01:52 - 00076392 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
2012-06-18 20:29 - 2010-01-21 01:53 - 00731752 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll
2012-06-18 20:29 - 2010-01-21 01:53 - 00209000 _____ () C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
2011-01-03 23:00 - 2008-07-11 16:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 01287456 _____ () C:\Program Files (x86)\Corel Home Office\A4W195.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 00546080 _____ () C:\Program Files (x86)\Corel Home Office\abdbcmn.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00808224 _____ () C:\Program Files (x86)\Corel Home Office\ABShare.DLL
2008-08-28 12:09 - 2008-08-28 12:09 - 00111904 _____ () C:\Program Files (x86)\Corel Home Office\ABViewForms.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00378144 _____ () C:\Program Files (x86)\Corel Home Office\ABMCmn.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00152864 _____ () C:\Program Files (x86)\Corel Home Office\abspel.dll
2008-08-28 12:10 - 2008-08-28 12:10 - 00066848 _____ () C:\Program Files (x86)\Corel Home Office\THXX.dll
2008-08-28 12:10 - 2008-08-28 12:10 - 00107808 _____ () C:\Program Files (x86)\Corel Home Office\VEXX.dll
2008-08-28 12:08 - 2008-08-28 12:08 - 00288032 _____ () C:\Program Files (x86)\Corel Home Office\abcomctrl.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00255264 _____ () C:\Program Files (x86)\Corel Home Office\IMAGE.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00230688 _____ () C:\Program Files (x86)\Corel Home Office\abpivot.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00980256 _____ () C:\Program Files (x86)\Corel Home Office\abo.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00787744 _____ () C:\Program Files (x86)\Corel Home Office\abow.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00161056 _____ () C:\Program Files (x86)\Corel Home Office\abimgsrc.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 12563744 _____ () C:\Program Files (x86)\Corel Home Office\ABGerman.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 01561888 _____ () C:\Program Files (x86)\Corel Home Office\abdrwngs.dll
2008-08-28 12:09 - 2008-08-28 12:09 - 00242976 _____ () C:\Program Files (x86)\Corel Home Office\abgfx.dll
2014-01-30 15:28 - 2014-01-23 07:56 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
2014-01-30 15:28 - 2014-01-23 07:57 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
2014-01-30 15:28 - 2014-01-23 07:55 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: ANIWZCS2Service => "C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe"
MSCONFIG\startupreg: GDFirewallTray => C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
MSCONFIG\startupreg: ROC_roc_dec12 => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 6TO4 Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #2
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #3
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-6zu4-Adapter #4
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2014 07:51:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (07/04/2014 07:51:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (07/04/2014 07:44:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (07/04/2014 03:29:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (07/04/2014 03:29:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (07/04/2014 03:26:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (07/04/2014 03:25:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (07/04/2014 02:34:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.0.0.532, Zeitstempel 0x53518532, fehlerhaftes Modul MSVCR100.dll, Version 10.0.40219.325, Zeitstempel 0x4df2be1e, Ausnahmecode 0x40000015, Fehleroffset 0x0008d6fd,
Prozess-ID 0xdc, Anwendungsstartzeit mbam.exe0.

Error: (07/04/2014 02:31:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.0.0.532, Zeitstempel 0x53518532, fehlerhaftes Modul MSVCR100.dll, Version 10.0.40219.325, Zeitstempel 0x4df2be1e, Ausnahmecode 0x40000015, Fehleroffset 0x0008d6fd,
Prozess-ID 0xcac, Anwendungsstartzeit mbam.exe0.

Error: (07/04/2014 02:26:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung mbam.exe, Version 1.0.0.532, Zeitstempel 0x53518532, fehlerhaftes Modul MSVCR100.dll, Version 10.0.40219.325, Zeitstempel 0x4df2be1e, Ausnahmecode 0x40000015, Fehleroffset 0x0008d6fd,
Prozess-ID 0xfe8, Anwendungsstartzeit mbam.exe0.


System errors:
=============
Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058

Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (07/04/2014 01:13:55 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: KtmRm für Distributed Transaction Coordinator2147942438 (0x80070026)

Error: (07/04/2014 01:12:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058

Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058

Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (07/03/2014 08:27:48 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: KtmRm für Distributed Transaction Coordinator2147942438 (0x80070026)

Error: (07/03/2014 08:25:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058


Microsoft Office Sessions:
=========================
Error: (07/04/2014 07:51:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu.exe

Error: (07/04/2014 07:51:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu (1).exe

Error: (07/04/2014 07:44:55 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (07/04/2014 03:29:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu (1).exe

Error: (07/04/2014 03:29:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu (1).exe

Error: (07/04/2014 03:26:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu.exe

Error: (07/04/2014 03:25:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifestC:\Users\Maddin\Downloads\esetsmartinstaller_deu.exe

Error: (07/04/2014 02:34:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fddc01cf9783e9a2f6a8

Error: (07/04/2014 02:31:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdcac01cf978354b09f78

Error: (07/04/2014 02:26:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdfe801cf9783144142f8


CodeIntegrity Errors:
===================================
  Date: 2014-07-04 19:52:34.983
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-04 19:52:34.612
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-04 19:52:34.234
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-04 19:52:33.858
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-04 19:52:33.375
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-04 19:52:33.002
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-04 19:52:32.628
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-04 19:52:32.256
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-04 14:29:49.246
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-04 14:29:48.723
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 63%
Total physical RAM: 4094.32 MB
Available physical RAM: 1500.77 MB
Total Pagefile: 8391.92 MB
Available Pagefile: 5888.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:327.54 GB) (Free:162.97 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (DATA) (Fixed) (Total:592.25 GB) (Free:428.3 GB) NTFS
Drive f: (DJ_AIO_06_F4500_) (CDROM) (Total:0.32 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: C347115F)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=328 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=592 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Mfg Jojobin


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:12 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131