Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Opera Problem. Unsichtbare Internetseite mit nervender Werbung (https://www.trojaner-board.de/159013-opera-problem-unsichtbare-internetseite-nervender-werbung.html)

Blitzi 23.09.2014 12:26
Opera Problem. Unsichtbare Internetseite mit nervender Werbung
 
Hallo erstmals

Seit einigen Tagen habe ich das Problem,dass ich wenn ich im Internet eine Seite betrete plötzlich aus dem Hintergrund Werbung zu hören ist selbst wenn ich die Seite und den Browser Schließe hört es nicht auf.

Mein Werbeblocker kann dies nicht Beenden und ich hab wirklich alles schon probiert.

Durch meine Testversion von MCAfee weiß ich das es sich um eine Internetseite handelt doch wie soll ich das beenden mit der Nerv Werbung davon?

Help

deeprybka 23.09.2014 13:10
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

Blitzi 23.09.2014 13:26

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by Spieler (administrator) on HEIKEHARDER-HP on 23-09-2014 14:22:10
Running from C:\Users\Spieler.HeikeHarder-HP\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
() C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\VOPackage\VOsrv.exe
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
() C:\Program Files (x86)\ver0BlockAndSurf\BlockAndSurf.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe
(LookThisUp) C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp\LookThisUp.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat\inetstat.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Dropbox, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
() C:\Program Files (x86)\Opera\24.0.1558.61\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Users\Heike Harder\Documents\Downloads\Creative Suite 2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [Aeria Ignite] => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ConvertAd] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\ConvertAd\ConvertAd.exe [2068992 2014-09-21] ()
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2355925718-3238339638-3018866954-1001\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2013-08-19] (Raptr, Inc)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Akamai NetSession Interface] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [39712 2014-09-21] (Overwolf LTD)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [vm6] => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe [175424 2014-03-19] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Browser Infrastructure Helper] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\SafeFinder.exe startup
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [LookThisUp] => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp\LookThisUp.exe [1848976 2014-09-21] (LookThisUp)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [InetStat] => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat\inetstat.exe [700430 2014-09-21] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\MountPoints2: {ae8f9719-3d80-11e3-91bb-6c626d9ce7a5} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\VoiceClient.exe
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1012\...\MountPoints2: {5b54d4cf-1aaf-11e0-874c-806e6f6e6963} - E:\start.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [224728 2014-09-02] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [181720 2014-09-02] (Client Connect LTD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: CloudIcon_DOWNLOAD -> {C3DBFBE2-A521-4619-9F32-502318CB4EC2} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_ERROR -> {851C758E-C636-4045-B323-059931A3A331} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_INSYNC -> {580030D3-492E-45EA-A1C9-A0AC525BEB26} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_REFRESH -> {FEBF62C8-B6B3-43B7-BEC4-1A9CD61BDCD2} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_UPLOAD -> {EBED3602-8915-43F9-81F7-CAA6FC4F70D6} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:60245;https=127.0.0.1:60245
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3325578&octid=EB_ORIGINAL_CTID&ISID=MD15F8B10-3BB8-4EB0-ABDF-66BCF70295B7&SearchSource=55&CUI=&UM=2&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&SSPV=
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M9947CE73-A15F-4F49-BF1D-45E2E50585A7&SearchSource=58&CUI=&UM=6&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&q={searchTerms}&SSPV=
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M9947CE73-A15F-4F49-BF1D-45E2E50585A7&SearchSource=58&CUI=&UM=6&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&q={searchTerms}&SSPV=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL =
BHO: BlockAndSurf -> {034A356D-1278-4F29-B449-8CCC36B1C0CC} -> C:\Program Files (x86)\ver0BlockAndSurf\178_x64.dll ()
BHO: Feven 2.5 -> {11111111-1111-1111-1111-110411901108} -> C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho64.dll No File
BHO: SafeFinder SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: SafeFinder SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: SmarterPower -> {bd7c9b62-a7d9-4405-be51-7fd633f08791} -> C:\Program Files (x86)\SmarterPower\SmarterPowerbho.dll No File
BHO-x32: Soda PDF 2012 Helper -> {ebe8b562-cba0-40d8-b920-af7cfe0c9d94} -> C:\Program Files (x86)\Soda PDF 2012\PDFIEHelper.dll (LULU Software)
BHO-x32: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} ->  No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - No Name - !{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} -  No File
Toolbar: HKLM - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -  No File
Toolbar: HKLM - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKLM - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} -  No File
Toolbar: HKLM - SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Soda PDF 2012 Toolbar - {a8c9d542-fd91-4834-a2e8-adb9ae692b8b} - C:\Program Files (x86)\Soda PDF 2012\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - No Name - !{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} -  No File
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -  No File
Toolbar: HKLM-x32 - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKLM-x32 - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} -  No File
Toolbar: HKLM-x32 - SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} -  No File
Toolbar: HKCU - No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} -  No File
Toolbar: HKCU - No Name - {32B29DF0-2237-4370-9A29-37CEBB730E9B} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\user.js
FF Extension: media enhance - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com [2014-03-21]
FF Extension: Feven 2.5 - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com [2014-02-27]
FF Extension: I Want This - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\crossriderapp2258@crossrider.com [2012-06-08]
FF Extension: Extension_Protected - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack [2014-01-25]
FF Extension: FineDeaLSoft - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\lvgnow@dnhktwg.co.uk [2014-03-15]
FF Extension: Internet Turbo - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{17372c46-39f1-4c28-8f8c-b25d9b57d042} [2014-01-25]
FF Extension: Wincore Mediabar - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} [2012-07-23]
FF Extension: Lightning Speed Dial - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\lightningnewtab@gmail.com.xpi [2014-01-25]
FF Extension: WEB.DE MailCheck - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\toolbar@web.de.xpi [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-11]
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDFConverter2012@sodapdf.com] - C:\Program Files (x86)\Soda PDF 2012\FFSodaExt2012
FF Extension: Soda PDF 2012 Converter For Firefox - C:\Program Files (x86)\Soda PDF 2012\FFSodaExt2012 [2012-06-04]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha718.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1479.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff
FF Extension: Media Viewer - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff [2014-02-23]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha3700.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff [2014-02-27]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha9390.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff
FF Extension: Media View - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff [2014-03-15]
FF HKCU\...\Firefox\Extensions: [{56ECA8F3-137B-5B92-3D29-079D46759E21}] - C:\Program Files (x86)\ver0BlockAndSurf\178.xpi
FF Extension: BlockAndSurf - C:\Program Files (x86)\ver0BlockAndSurf\178.xpi [2014-09-21]
FF Extension: No Name - C:\Program Files (x86)\Better-Surf\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\SuperLyrics\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta541\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha701\ff [Not Found]
FF Extension: No Name - C:\Program Files\Video downloader\Firefox [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\e46480cf-7cf6-495e-af69-573053f52c72@b33ab36d-5952-49aa-adb2-a41b3dbe51a5.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@babylon.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@funmoods.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325578&octid=EB_ORIGINAL_CTID&ISID=MD15F8B10-3BB8-4EB0-ABDF-66BCF70295B7&SearchSource=55&CUI=&UM=2&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3325578&octid=EB_ORIGINAL_CTID&ISID=MD15F8B10-3BB8-4EB0-ABDF-66BCF70295B7&SearchSource=55&CUI=&UM=2&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchProvider: Default -> Trovi search
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M9947CE73-A15F-4F49-BF1D-45E2E50585A7&SearchSource=58&CUI=&UM=6&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-24]
CHR Extension: (Google Drive) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-24]
CHR Extension: (YouTube) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-24]
CHR Extension: (Google-Suche) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-24]
CHR Extension: (Avira Browser Safety) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-23]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-06-24]
CHR Extension: (Google Wallet) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Google Mail) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-24]
CHR Extension: (Extutil) - C:\Users\SPIELE~1.HEI\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-09-23]
CHR Extension: (Managera) - C:\Users\SPIELE~1.HEI\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-09-23]
CHR HKLM-x32\...\Chrome\Extension: [fcaiicgcjkjiagjocmccmcmncckndcmh] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ch\MediaViewV1alpha3700.crx []
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-11]
CHR HKLM-x32\...\Chrome\Extension: [laaciepchcabcfgpniblbiecldehkbae] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ch\MediaViewV1alpha9390.crx [2012-05-11]
CHR HKLM-x32\...\Chrome\Extension: [mlnobaakadehgcjbhieegodlndablmao] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ch\MediaViewerV1alpha1479.crx [2012-05-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [814344 2009-12-22] (ABBYY)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-01] (Adobe Systems) [File not signed]
S4 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-24] ()
S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2998232 2014-09-02] (Client Connect LTD)
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-08-26] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-08-26] (CyberLink)
R2 DokanMounter; C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe [14848 2012-02-15] () [File not signed]
S4 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-01-27] (Macrovision Europe Ltd.) [File not signed]
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-06] (Hewlett-Packard)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
S2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34072 2014-06-15] ()
R3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998176 2014-09-21] (Overwolf LTD)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] ()
R2 servervo; C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-09-21] () [File not signed]
S3 Soda PDF 2012 Helper Service; C:\Program Files (x86)\Soda PDF 2012\HelperService.exe [827224 2012-01-27] (LULU Software)
R2 Soda PDF 2012 Service; C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe [905560 2012-01-27] (LULU Software)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [303616 2014-08-31] (Wajam Internet Technologies Inc.) [File not signed]
S2 V-bates Updater; C:\Program Files\Video downloader\ExtensionUpdaterService.exe [X]
S2 vToolbarUpdater15.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [558592 2007-05-16] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-17] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-03-19] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-06-17] (Avira Operations GmbH & Co. KG)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2012-02-15] (Windows (R) Win 7 DDK provider)
S3 GrabsterSeries.X64; C:\Windows\System32\DRIVERS\GrabsterSeries.X64.SYS [377152 2010-01-22] ()
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation) [File not signed]
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation) [File not signed]
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation) [File not signed]
S3 iComp; C:\Windows\System32\DRIVERS\p2usbhum.sys [1794112 2009-12-09] (Conexant Systems Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-28] ()
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-23] (Malwarebytes Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation                          )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-08-04] () [File not signed]
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
R2 webinstr; C:\Windows\system32\Drivers\webinstr.sys [58040 2014-09-21] (Corsica)
S3 ZD1211BU(ZyDAS); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S3 ZDPSp50a64; C:\Windows\SysWOW64\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-08-26] (CyberLink Corp.)
U3 aphlkjgw; C:\Windows\System32\Drivers\aphlkjgw.sys [0 ] (Advanced Micro Devices)
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
R3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S1 toqvakfe; \??\C:\Windows\system32\drivers\toqvakfe.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 14:22 - 2014-09-23 14:22 - 00042204 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-09-23 14:21 - 2014-09-23 14:22 - 00000000 ____D () C:\FRST
2014-09-23 14:21 - 2014-09-23 14:21 - 02105856 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-09-23 13:16 - 2014-09-23 13:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-23 13:16 - 2014-09-23 13:16 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-23 13:16 - 2014-09-23 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-23 13:16 - 2014-09-23 13:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-23 13:16 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-23 13:16 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-23 13:16 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-21 21:35 - 2014-09-21 21:35 - 00000056 _____ () C:\Windows\setupact.log
2014-09-21 21:35 - 2014-09-21 21:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 20:54 - 2014-09-22 20:54 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-09-21 20:54 - 2014-09-21 21:14 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-09-21 20:54 - 2014-09-21 20:54 - 00002832 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-09-21 20:54 - 2014-09-21 20:54 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-09-21 20:54 - 2014-09-21 20:54 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-09-21 20:54 - 2014-09-21 20:54 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-09-21 20:54 - 2014-09-21 20:54 - 00000318 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\aps.uninstall.scan.results
2014-09-21 20:49 - 2014-09-21 20:49 - 00001245 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-21 20:48 - 2014-09-21 20:48 - 00612072 _____ (ClickMeIn Limited) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nszD8AD.tmp
2014-09-21 20:48 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-21 20:48 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\ConvertAd
2014-09-21 20:48 - 2014-09-21 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-21 20:47 - 2014-09-22 20:37 - 00000428 _____ () C:\Windows\Tasks\BlockAndSurf Update.job
2014-09-21 20:47 - 2014-09-21 21:36 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp
2014-09-21 20:47 - 2014-09-21 20:49 - 00000000 ____D () C:\Program Files (x86)\ver0BlockAndSurf
2014-09-21 20:47 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat
2014-09-21 20:47 - 2014-09-21 20:47 - 00058040 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-09-21 20:47 - 2014-09-21 20:47 - 00003080 _____ () C:\Windows\System32\Tasks\BlockAndSurf Update
2014-09-21 20:47 - 2014-09-21 20:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-21 20:41 - 2014-09-21 20:46 - 74675720 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeStudio.exe
2014-09-21 20:36 - 2014-09-21 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-09-21 20:35 - 2014-09-21 20:36 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-09-21 20:35 - 2014-09-21 20:35 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\VOPackage
2014-09-21 20:35 - 2014-09-21 20:35 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-09-21 00:00 - 2014-09-21 20:00 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\ArcheAge
2014-09-21 00:00 - 2014-09-21 00:00 - 00000000 ____D () C:\ArcheAge
2014-09-20 20:33 - 2014-09-20 20:33 - 00001891 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Archeage.lnk
2014-09-17 19:02 - 2014-09-17 19:03 - 03817601 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\powersaves3ds-software-121.zip
2014-09-11 23:08 - 2014-09-11 23:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\Neuer Ordner
2014-09-11 03:15 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:15 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:15 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:15 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:15 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:15 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:15 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:15 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:15 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:15 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:15 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:15 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:15 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:15 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:15 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:15 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:15 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:15 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:15 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:15 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:15 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:15 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:15 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:15 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:15 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:15 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:15 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:15 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:15 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:15 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:15 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:15 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:15 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:15 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:15 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:15 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:15 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:15 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:15 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:15 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:15 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:15 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:15 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:15 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:15 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:15 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:15 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:15 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:15 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:15 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:15 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:15 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:15 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:15 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:15 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:15 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:02 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:02 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 09:39 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 09:39 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 08:34 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 08:34 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 08:34 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 08:34 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 08:34 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 07:37 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 07:37 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 07:14 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 07:14 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-28 23:19 - 2014-08-28 23:21 - 18599008 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\Free3DVideoMaker.exe
2014-08-28 20:02 - 2014-09-09 21:23 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\lp
2014-08-28 17:26 - 2001-11-01 21:00 - 02097152 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon - Kristall-Edition (D).gbc
2014-08-28 17:03 - 2014-08-28 17:03 - 01050386 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Kristall (D).zip
2014-08-28 13:41 - 2014-08-28 13:41 - 00000945 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\HyperCam 2.lnk
2014-08-28 13:41 - 2014-08-28 13:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
2014-08-28 13:40 - 2014-08-28 13:41 - 03020528 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\HC2Setup-2.29.01 (1).exe
2014-08-27 23:47 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 23:47 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 23:47 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\Slot1D
2014-08-26 13:08 - 2014-08-26 13:17 - 27076650 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\0052.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 14:22 - 2014-09-23 14:22 - 00042204 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-09-23 14:22 - 2014-09-23 14:21 - 00000000 ____D () C:\FRST
2014-09-23 14:21 - 2014-09-23 14:21 - 02105856 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-09-23 13:16 - 2014-09-23 13:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-23 13:16 - 2014-09-23 13:16 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-23 13:16 - 2014-09-23 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-23 13:16 - 2014-09-23 13:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-23 13:01 - 2012-06-04 16:38 - 01187332 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 12:48 - 2011-03-16 16:37 - 00000442 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-22 23:16 - 2014-01-25 18:16 - 00001506 _____ () C:\Windows\Tasks\Feven 2.5-updater.job
2014-09-22 23:16 - 2014-01-25 18:16 - 00001454 _____ () C:\Windows\Tasks\Feven 2.5-codedownloader.job
2014-09-22 23:16 - 2014-01-25 18:16 - 00001332 _____ () C:\Windows\Tasks\Feven 2.5-enabler.job
2014-09-22 23:16 - 2014-01-25 18:15 - 00002276 _____ () C:\Windows\Tasks\Feven 2.5-chromeinstaller.job
2014-09-22 23:16 - 2014-01-25 18:15 - 00002224 _____ () C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job
2014-09-22 20:54 - 2014-09-21 20:54 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-09-22 20:44 - 2014-06-25 12:44 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Powersaves3DS
2014-09-22 20:37 - 2014-09-21 20:47 - 00000428 _____ () C:\Windows\Tasks\BlockAndSurf Update.job
2014-09-22 20:13 - 2014-01-23 20:42 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-09-21 23:10 - 2013-09-03 22:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TS3Client
2014-09-21 21:44 - 2011-01-29 14:11 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\SoftGrid Client
2014-09-21 21:39 - 2014-07-13 14:54 - 00001078 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Dropbox.lnk
2014-09-21 21:39 - 2014-07-13 14:54 - 00000000 ___RD () C:\Users\Spieler.HeikeHarder-HP\Dropbox
2014-09-21 21:39 - 2014-07-13 14:52 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-21 21:39 - 2014-07-13 14:51 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox
2014-09-21 21:39 - 2014-06-24 16:10 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\LogMeIn Hamachi
2014-09-21 21:38 - 2012-12-09 23:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Overwolf
2014-09-21 21:38 - 2012-11-28 11:43 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Raptr
2014-09-21 21:36 - 2014-09-21 20:47 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp
2014-09-21 21:35 - 2014-09-21 21:35 - 00000056 _____ () C:\Windows\setupact.log
2014-09-21 21:35 - 2014-09-21 21:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 21:14 - 2014-09-21 20:54 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-09-21 20:54 - 2014-09-21 20:54 - 00002832 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-09-21 20:54 - 2014-09-21 20:54 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-09-21 20:54 - 2014-09-21 20:54 - 00002830 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-09-21 20:54 - 2014-09-21 20:54 - 00000376 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-09-21 20:54 - 2014-09-21 20:54 - 00000318 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\aps.uninstall.scan.results
2014-09-21 20:49 - 2014-09-21 20:49 - 00001245 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-21 20:49 - 2014-09-21 20:47 - 00000000 ____D () C:\Program Files (x86)\ver0BlockAndSurf
2014-09-21 20:49 - 2012-12-30 13:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\DVDVideoSoft
2014-09-21 20:48 - 2014-09-21 20:48 - 00612072 _____ (ClickMeIn Limited) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nszD8AD.tmp
2014-09-21 20:48 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-21 20:48 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\ConvertAd
2014-09-21 20:48 - 2014-09-21 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-21 20:48 - 2014-09-21 20:47 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat
2014-09-21 20:47 - 2014-09-21 20:47 - 00058040 _____ (Corsica) C:\Windows\system32\Drivers\webinstr.sys
2014-09-21 20:47 - 2014-09-21 20:47 - 00003080 _____ () C:\Windows\System32\Tasks\BlockAndSurf Update
2014-09-21 20:47 - 2014-09-21 20:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-21 20:47 - 2014-01-29 20:26 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-21 20:47 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-21 20:46 - 2014-09-21 20:41 - 74675720 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeStudio.exe
2014-09-21 20:42 - 2011-01-07 21:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-21 20:36 - 2014-09-21 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-09-21 20:36 - 2014-09-21 20:35 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-09-21 20:35 - 2014-09-21 20:35 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\VOPackage
2014-09-21 20:35 - 2014-09-21 20:35 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-09-21 20:00 - 2014-09-21 00:00 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\ArcheAge
2014-09-21 15:06 - 2012-12-09 12:38 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-09-21 00:00 - 2014-09-21 00:00 - 00000000 ____D () C:\ArcheAge
2014-09-20 20:33 - 2014-09-20 20:33 - 00001891 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Archeage.lnk
2014-09-20 20:33 - 2014-07-03 12:03 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-09-20 19:55 - 2011-03-02 15:03 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\KlebezettelNG
2014-09-20 19:54 - 2011-04-18 11:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klebezettel
2014-09-20 19:54 - 2011-01-27 20:05 - 00000000 ____D () C:\Program Files (x86)\Klebezettel NG
2014-09-17 19:05 - 2014-06-25 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS
2014-09-17 19:05 - 2014-06-25 13:55 - 00000000 ____D () C:\Program Files (x86)\Action Replay PowerSaves 3DS
2014-09-17 19:05 - 2014-06-25 12:35 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\powersave
2014-09-17 19:03 - 2014-09-17 19:02 - 03817601 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\powersaves3ds-software-121.zip
2014-09-17 10:31 - 2014-06-03 11:02 - 00003864 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1387178156
2014-09-17 10:31 - 2011-01-27 12:58 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-16 05:56 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-16 05:56 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 20:18 - 2014-08-21 13:50 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-15 20:18 - 2014-08-06 12:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-15 20:18 - 2014-06-24 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-15 20:18 - 2014-06-24 19:23 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-14 21:12 - 2012-10-02 22:27 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\RIFT
2014-09-13 20:18 - 2012-04-12 13:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-13 20:18 - 2012-04-12 13:23 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-13 20:18 - 2012-04-12 13:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-13 20:18 - 2011-05-23 10:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-13 20:10 - 2011-03-09 17:38 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\PDF Software
2014-09-13 20:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-12 18:43 - 2013-01-07 23:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\.minecraft
2014-09-12 05:35 - 2011-01-07 21:54 - 00799382 _____ () C:\Windows\system32\perfh007.dat
2014-09-12 05:35 - 2011-01-07 21:54 - 00188890 _____ () C:\Windows\system32\perfc007.dat
2014-09-12 05:35 - 2009-07-14 07:13 - 01903918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 23:08 - 2014-09-11 23:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\Neuer Ordner
2014-09-11 22:55 - 2014-06-24 16:06 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\pika
2014-09-11 07:41 - 2009-07-14 04:34 - 00000601 _____ () C:\Windows\win.ini
2014-09-11 04:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 03:13 - 2011-01-27 18:45 - 01877262 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:10 - 2013-08-16 09:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:04 - 2011-01-31 19:17 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:02 - 2014-05-01 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-09 21:23 - 2014-08-28 20:02 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\lp
2014-09-09 21:20 - 2014-08-21 22:58 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\uni
2014-09-05 04:10 - 2014-09-10 07:14 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 07:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 17:50 - 2014-06-27 16:12 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-09-01 12:56 - 2013-02-07 00:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Paint.NET
2014-08-31 11:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-30 13:37 - 2014-05-02 14:03 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Winamp
2014-08-28 23:21 - 2014-08-28 23:19 - 18599008 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\Free3DVideoMaker.exe
2014-08-28 20:06 - 2012-12-30 13:05 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\DVDVideoSoft
2014-08-28 17:03 - 2014-08-28 17:03 - 01050386 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Kristall (D).zip
2014-08-28 14:50 - 2014-01-31 17:26 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\emu
2014-08-28 13:41 - 2014-08-28 13:41 - 00000945 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\HyperCam 2.lnk
2014-08-28 13:41 - 2014-08-28 13:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
2014-08-28 13:41 - 2014-08-28 13:40 - 03020528 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\HC2Setup-2.29.01 (1).exe
2014-08-28 13:41 - 2014-08-01 22:57 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\OpenCandy
2014-08-28 13:41 - 2011-03-31 16:43 - 00000000 ____D () C:\Program Files (x86)\HyCam2
2014-08-28 13:39 - 2014-08-18 16:36 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Solveig Multimedia
2014-08-28 03:20 - 2013-08-22 09:23 - 00505384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-26 18:14 - 2014-07-20 21:55 - 00005284 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\desmume.ini
2014-08-26 17:52 - 2014-07-09 18:04 - 00000409 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\fishbotconfig.ini
2014-08-26 16:10 - 2014-07-20 21:55 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\States
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\Slot1D
2014-08-26 13:17 - 2014-08-26 13:08 - 27076650 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\0052.zip
2014-08-26 13:17 - 2014-07-20 21:55 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\Battery

Files to move or delete:
====================
C:\Users\Heike Harder\Okozo_Installer.exe
C:\Users\Public\CommonRTP.exe


Some content of TEMP:
====================
C:\Users\Heike Harder\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpunvnih.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\tmd_34015466.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\tmd_34015938.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ttap2.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ttap2.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uoEK5.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 06:23

==================== End Of Log ============================
--- --- ---

deeprybka 23.09.2014 13:27
Hi,
Logs bitte vollständig posten. :)

gelesen?
Zitat:
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
;)

Blitzi 23.09.2014 13:33
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
Ran by Spieler at 2014-09-23 14:24:01
Running from C:\Users\Spieler.HeikeHarder-HP\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Restricted Area Savegame Editor V1.00 - V1.09 (HKLM-x32\...\ Restricted Area Savegame Editor V1.00 - V1.09) (Version:  - )
3RVX (HKLM-x32\...\{66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}) (Version: 2.5 - matt.malensek.net)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 10 Professional Edition (HKLM-x32\...\{F1000000-0001-0000-0000-074957833700}) (Version: 10.501.159.70013 - ABBYY)
Action Replay DSi Code Manager (HKLM-x32\...\Action Replay DSi Code Manager_is1) (Version:  - )
Action Replay PowerSaves 3DS Version 1.21 (HKLM-x32\...\{CD24B06F-0A4D-410A-AEF2-DFE6A28AB4C0}_is1) (Version: 1.21 - Datel Design & Development)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.110 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe InDesign CS2 (x32 Version: 004.000.000 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Photoshop Elements 6.0 (HKLM-x32\...\Adobe Photoshop Elements 6) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 6.0 (x32 Version: 6.0 - Adobe Systems, Inc.) Hidden
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe Version Cue CS2 (x32 Version: 2.0 - Adobe Systems, Inc.) Hidden
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.12.2400) (Version: 1.12.2400 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.12.2400 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.12.2400 - Aeria Games & Entertainment) Hidden
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AION Free-To-Play (HKLM-x32\...\InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}) (Version: 2.70.0000 - Gameforge)
AION Free-To-Play (x32 Version: 2.70.0000 - Gameforge) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Archeage (HKLM-x32\...\Glyph Archeage) (Version:  - Trion Worlds, Inc.)
Ashampoo Burning Studio Elements 10.0.9 (HKLM-x32\...\Ashampoo Burning Studio Elements_is1) (Version: 3.1.1 - Ashampoo GmbH & Co. KG)
Ashampoo Office 2008 (C:\Program Files (x86)\Ashampoo\Ashampoo Office 2008) (HKLM-x32\...\sm-un1.u32) (Version:  - SoftMaker Software GmbH)
Ashampoo Photo Commander 7.60 (HKLM-x32\...\Ashampoo Photo Commander 7_is1) (Version: 7.6.0 - ashampoo GmbH & Co. KG)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.10 - Audible, Inc.)
Autostart ok-s 2.0 (HKLM-x32\...\{83832C13-FE26-4058-9BEB-89C422F569B3}) (Version: 1.0 - Olaf Koch)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Avira Free Antivirus Packages (HKCU\...\Avira Free Antivirus Packages) (Version:  - ) <==== ATTENTION
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BenVista PhotoZoom Classic 2.0 (HKCU\...\PhotoZoom Classic 2) (Version: 2.0 - BenVista Ltd)
BenVista PhotoZoom Express 3.0 (HKCU\...\PhotoZoom Express 3) (Version: 3.0 - BenVista Ltd)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
BlockAndSurf (HKLM-x32\...\A1D6DEE3-CD99-D9F9-2B7A-A2A5D3639EA3) (Version:  - BlockAndSurf-software) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 1.0.20.0 - Brother Industries, Ltd.)
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version:  - Alactro LLC) <==== ATTENTION
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCEnhancer 3.2 (HKLM-x32\...\CCEnhancer) (Version: 3.2 - )
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
COMPUTERBILD App-Center (HKLM-x32\...\{21295604-BBCA-4A3E-B1D1-1B8A746C4A52}) (Version: 1.0.23 - J3S)
COMPUTERBILD-Cloud (HKLM\...\COMPUTERBILD-Cloud_is1) (Version:  - CyberGhost S.R.L.)
ConvertAd (HKLM-x32\...\ConvertAd) (Version: 1.0.0.0 - ConvertAd) <==== ATTENTION
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.3210 - CyberLink Corp.) Hidden
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.2024.53 - CyberLink Corp.)
CyberLink PowerDVD 11 (x32 Version: 11.0.2024.53 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.01 - Piriform)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.1.46 - INTENIUM GmbH)
Die Jade-Münze (HKLM-x32\...\Die Jade-Münze) (Version: 1.0.0.0 - INTENIUM GmbH)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DomainInspect (HKLM-x32\...\DomainInspect) (Version:  - AntsSoft)
Dragon Age II (HKLM-x32\...\{4D565319-8B91-41cb-961C-0DDC86101AC5}) (Version: 1.00 - Electronic Arts, Inc.)
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.01 - Electronic Arts, Inc.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.04 - Electronic Arts, Inc.)
Drakensang - Am Fluss der Zeit (HKLM-x32\...\Drakensang_TRoT_is1) (Version:  - dtp)
Drakensang (Patch Version 1.1) (HKLM-x32\...\Drakensang_is1) (Version:  - dtp AG)
Drakensang 2 Savegame Editor (HKCU\...\Drakensang 2 Savegame Editor) (Version:  - Philipp Jardas)
Drakensang Savegame Editor (HKCU\...\Drakensang Savegame Editor) (Version:  - Philipp Jardas)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
DVD Video Soft Toolbar (HKLM-x32\...\dvdvideosofttoolbar) (Version: 1.0.0.12 - )
DVDVideoSoftTB Toolbar (HKLM-x32\...\DVDVideoSoftTB Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.62 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX430 Series Printer Uninstall (HKLM\...\EPSON SX430 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free 3GP Video Converter version 5.0.13.608 (HKLM-x32\...\Free 3GP Video Converter_is1) (Version: 5.0.13.608 - DVDVideoSoft Ltd.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free Audio Converter version 5.0.21.1212 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.21.1212 - DVDVideoSoft Ltd.)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.9.906 - DVDVideoSoft Ltd.)
Free YouTube Download 3 version 3.0.6.715 (HKLM-x32\...\Free YouTube Download 3_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube to DVD Converter version 3.0.3.923 (HKLM-x32\...\Free YouTube to DVD Converter_is1) (Version:  - DVDVideoSoft Ltd.)
GameWiz32 (HKLM-x32\...\GameWiz32) (Version: 1.43 - Nico Ebert)
Geheimnis von Montezuma (HKLM-x32\...\Geheimnis von Montezuma) (Version: 0.0.0.0 - INTENIUM GmbH)
Geheimnis von Montezuma 2 (HKLM-x32\...\Geheimnis von Montezuma 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Glitzerndes Troja (HKLM-x32\...\Glitzerndes Troja_is1) (Version:  - Contendo Media GmbH)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Harvard Publisher 6.0 (HKLM-x32\...\Harvard Publisher 6.0) (Version:  - )
Harvard Publisher 6.0 Inhalts-CD-ROM (HKLM-x32\...\Harvard Publisher 6.0 Inhalts-CD-ROM) (Version:  - )
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.0.12656.3472 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4725 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.2.4725 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.2.4517 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.2.4513 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{A40F60B1-F1E1-452E-96A5-FF97F9A2D102}) (Version: 3.1.2.4 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.2.4522 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{53469506-A37E-4314-A9D9-38724EC23A75}) (Version: 8.4.4400.3525 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12844.3519 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}) (Version: 5.1.8.12 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.6.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Hühner-Attacke (HKLM-x32\...\Hühner-Attacke) (Version: 0.0.0.0 - INTENIUM GmbH)
Hühner-Rache Deluxe Special (HKLM-x32\...\Hühner-Rache Deluxe Special) (Version:  - )
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.29.01 - Hyperionics Technology LLC)
InetStat (HKCU\...\InetStat) (Version: 0.5b - InetStat)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Internet Turbo Engine (HKCU\...\{28583d9b-8f7d-474c-b990-7328c7428bae}) (Version: 10.197.20.13927 - ReSoft Ltd.)
iTunes (HKLM\...\{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}) (Version: 10.5.2.11 - Apple Inc.)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 23 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.230 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (HKLM-x32\...\Jewel Quest Solitaire) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire II (HKLM-x32\...\Jewel Quest Solitaire II) (Version: 1.0.0.0 - INTENIUM GmbH)
Jewel Quest Solitaire III (HKLM-x32\...\Jewel Quest Solitaire III) (Version: 1.0.0.0 - INTENIUM GmbH)
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Klebezettel NG (Version 2.9.14) (HKLM-x32\...\{4F81901F-3655-4340-8227-F687F69A3C79}}_is1) (Version:  - )
Land der Magie (HKLM-x32\...\Land der Magie) (Version: 1.0.0.0 - INTENIUM GmbH)
Legendary Demo (HKLM-x32\...\InstallShield_{A6755FD5-4CD1-44A7-8886-6C56FA0A9E21}) (Version: 1.00.0000 - Spark Unlimited)
Legendary Demo (x32 Version: 1.00.0000 - Spark Unlimited) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
LookThisUp (HKLM\...\LookThisUp) (Version: 1.0.2 - LookThisUp)
LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
M6 Processing 1.0 (HKCU\...\M6 Processing) (Version: 1.0 - Pysy Software S.L.)
Magelo Sync (uninstall only) (HKLM\...\Magelo Sync) (Version:  - )
MAGIX Filme auf DVD Download-Version (x32 Version: 9.0.1.2 - MAGIX AG) Hidden
MAGIX Video deluxe 16 Plus Sonderedition Download-Version (HKLM-x32\...\MAGIX_MSI_Videodeluxe16_plus) (Version: 9.0.5.10 - MAGIX AG)
MAGIX Video deluxe 16 Plus Sonderedition Download-Version (x32 Version: 9.0.5.10 - MAGIX AG) Hidden
MAGIX Video deluxe 17 Download-Version (x32 Version: 10.0.1.14 - MAGIX AG) Hidden
Mah Jong Quest (HKLM-x32\...\Mah Jong Quest) (Version: 0.0.0.0 - INTENIUM GmbH)
Mah Jong Quest II (HKLM-x32\...\Mah Jong Quest II) (Version: 0.0.0.0 - INTENIUM GmbH)
Mah Jong Quest III (HKLM-x32\...\Mah Jong Quest III) (Version: 0.0.0.0 - INTENIUM GmbH)
Mahjongg – Ancient Egypt (HKLM-x32\...\Mahjongg – Ancient Egypt) (Version: 1.0.0.0 - INTENIUM GmbH)
Mahjongg – Ancient Mayas (HKLM-x32\...\Mahjongg – Ancient Mayas) (Version: 0.0.0.0 - INTENIUM GmbH)
Mahjongg Artifacts (HKLM-x32\...\Mahjongg Artifacts) (Version: 0.0.0.0 - INTENIUM GmbH)
Mahjongg Artifacts 2 (HKLM-x32\...\Mahjongg Artifacts 2) (Version: 0.0.0.0 - INTENIUM GmbH)
Mahjongg Dimensions Deluxe: Tiles in Time (HKLM-x32\...\Mahjongg Dimensions Deluxe: Tiles in Time) (Version: 1.0.0.0 - INTENIUM GmbH)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Media Player (HKLM-x32\...\MediaPlayerV1alpha718) (Version: 1.1 - Media Player) <==== ATTENTION
Media View (HKLM-x32\...\MediaViewV1alpha3700) (Version: 1.1 - Media View) <==== ATTENTION
Media View (HKLM-x32\...\MediaViewV1alpha9390) (Version: 1.1 - Media View) <==== ATTENTION
Media Viewer (HKLM-x32\...\MediaViewerV1alpha1479) (Version: 1.1 - Media Viewer) <==== ATTENTION
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{91110407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (BWDATOOLSET) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Moorhuhn Schatzjäger 3 (HKLM-x32\...\Moorhuhn Schatzjäger 3) (Version: 1.00 - phenomedia publishing gmbh)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.2.4412 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.2.4412 - Hewlett-Packard) Hidden
Mozilla Thunderbird (3.1.7) (HKLM-x32\...\Mozilla Thunderbird (3.1.7)) (Version: 3.1.7 (de) - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Mystery Solitaire: Secret Island (HKLM-x32\...\Mystery Solitaire: Secret Island) (Version: 0.0.0.0 - INTENIUM GmbH)
NC Launcher (GameForge) (HKLM-x32\...\NCLauncher_GameForge) (Version:  - NCsoft)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Nuance PaperPort 12 (HKLM-x32\...\{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller Driver (x32 Version: 270.61 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.95.599 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Systemsteuerung 310.90 (Version: 310.90 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Office-Bibliothek (HKLM-x32\...\{5C81B189-5456-40C4-9313-7FE6FA6DD64C}) (Version: 5.00.3 - Bibliographisches Institut & F.A. Brockhaus AG)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Opera Stable 24.0.1558.61 (HKLM-x32\...\Opera 24.0.1558.61) (Version: 24.0.1558.61 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.80.20.0 - Overwolf Ltd.)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PCSUITE ADVISOR (HKLM-x32\...\PCSUITE_ADVISOR_PRO_is1) (Version:  - Markement GmbH)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.9 - PDF Complete, Inc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.0 - Frank Heindörfer, Philip Chinery)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.33 - Hewlett-Packard Company)
Pinball Escape (HKLM\...\UDK-4601a1a3-d3ca-4b8b-99ca-a569081d9943) (Version:  - Epic Games, Inc.)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
PowerDirector (Version: 10.00.0000 - CyberLink Corp.) Hidden
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Restricted Area (HKLM-x32\...\Restricted Area_is1) (Version: Restricted Area - Master Creating)
Retter in der Not (HKLM-x32\...\Retter in der Not) (Version: 1.0.0.0 - INTENIUM GmbH)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT (HKCU\...\RIFT) (Version:  - Trion Worlds, Inc.)
RIFT Beta (HKCU\...\RIFT-Beta) (Version:  - Trion Worlds, Inc.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version:  - )
Risen Hotfix 1.01 (HKLM-x32\...\{EE91E474-9298-47B8-817F-8E0042408998}) (Version: 1.01 - Deep Silver)
Ritter Arthur (HKLM-x32\...\Ritter Arthur) (Version: 1.0.0.0 - INTENIUM GmbH)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.17.2.3 - Client Connect LTD) <==== ATTENTION
Serif PhotoPlus X2 (HKLM-x32\...\{FC935397-C56E-4EE3-B9BC-1F7F3EA6CE41}) (Version: 12.0.3.013 - Serif (Europe) Ltd)
Shaiya-DE (HKLM-x32\...\Shaiya-DE) (Version:  - )
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmarterPower (HKLM\...\SmarterPower) (Version: 2014.08.19.181323 - SmarterPower) <==== ATTENTION
Soda PDF 2012 (HKLM-x32\...\{A5EB5C60-5303-46C2-ABC8-860D94A8A973}) (Version: 2.0.33.2835 - LULU Software)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.12 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
The Whispered World (HKLM-x32\...\{82225685-1513-4975-B624-155C10F3EE16}) (Version: 1.01 - Deep Silver)
The Witcher (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
TileSetMaker (HKLM-x32\...\TileSetMaker) (Version:  - )
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Torchlight (HKLM-x32\...\Runic Games Torchlight) (Version: 1.0.69.23 - )
TQ Defiler.NET (HKLM-x32\...\{F4CB0C1E-A88F-46D7-AC9A-03B349A8D64F}) (Version: 1.3.7 - Soul's Software)
TQVault 2.11 (HKLM-x32\...\TQVault_is1) (Version:  - bman654)
Treiber-Studio 2013 (HKLM\...\{7660521A-062D-41F5-AA5E-CBA0E0511131}) (Version: 8.0.519 - Publish Data)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
USB Audio/Video Driver (HKLM-x32\...\InstallShield_{015C057F-D7B9-4D82-B266-FBCF0178F382}) (Version: 1.00.0000 - )
USB Audio/Video Driver (x32 Version: 1.00.0000 - ) Hidden
USB Network Driver (HKLM-x32\...\{66ED8E01-C915-41F5-B33E-C5C31F27B885}) (Version: 2007.07.3 - )
Venetica (HKLM-x32\...\Venetica_is1) (Version:  - dtp)
Video Thumbnails Maker by Scorp (remove only) (HKLM-x32\...\Video Thumbnails Maker) (Version:  - )
ViGlance (HKLM-x32\...\ViGlance) (Version: 1001194 - Lee-Soft.com)
Vindictus (HKLM-x32\...\Vindictus) (Version:  - )
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Vista Start Menu 3.36 (HKLM-x32\...\Vista Start Menu_is1) (Version: 3.36 - OrdinarySoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VP3 Codec Version 3.2.6.1 (HKLM-x32\...\VP3 Codec Version 3.2.6.1) (Version:  - )
Wajam (HKLM-x32\...\Wajam) (Version: 2.14 (i2.5) - Wajam) <==== ATTENTION
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.8.9.0 - Winload)
XLink Kai Evolution 7 (HKLM-x32\...\{F90592EC-5E58-4EE6-A333-EC05ED57ACF4}) (Version: 7.1.7.7 - Team XLink)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{b24abb2f-a278-4d8e-953c-24d702c5cd73}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2355925718-3238339638-3018866954-1007_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

11-09-2014 01:01:00 Windows Update
13-09-2014 18:02:51 Avira Free Antivirus - 13.09.2014 20:02
21-09-2014 18:42:28 Removed ZyDAS Wireless LAN (ZD1211 USB)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01A8FBEE-F847-42AC-BA4F-00A1898D52EA} - System32\Tasks\{A1B14BEA-175E-4E8C-BEE2-5DDA0F36CE9D} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {03BF4D27-0973-4D9D-95F9-13E99149D8BE} - \bProtector No Task File <==== ATTENTION
Task: {07C3EB77-BAD1-4CE8-A8AC-7F7B2FC0B156} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-09-27] ()
Task: {099D38D9-347D-4927-A8D6-717739F0B2D9} - System32\Tasks\{7F6DEF33-A300-41FA-A541-DBEC7DD61924} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {0BB09DF1-229E-407A-B1B9-3AC39272E7CB} - System32\Tasks\{2FE07B1C-ECD4-4699-B785-2C1187027CF6} => C:\Program Files (x86)\TQVault\TQVault.exe [2007-03-18] ()
Task: {10767F79-86BB-4CBE-A00F-FFEEAF2BB163} - System32\Tasks\{66C961E8-5007-4324-903F-35DBDB476678} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {14001BFE-1F98-4D9A-A750-6AE835038689} - System32\Tasks\{E285D0AD-6380-4D20-A7E3-50700C93908A} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {1CE42E40-BEA3-40D6-B42D-C54E78338C19} - System32\Tasks\{AC8529D0-457C-4858-B446-99E3F2D44A5F} => C:\Program Files\HyperCam 2\HyCam2.exe
Task: {1D253A63-D540-4C66-B6C6-563742BC0F6E} - System32\Tasks\{9CA9B3AA-1AD3-4D26-BB36-A9DA9005BE34} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {1EDA99EA-7455-4F84-A4AD-D1CC2C972E15} - System32\Tasks\{A67E58E4-AE88-49A7-85A6-7453A92EB2A9} => C:\Program Files (x86)\Drakensang Online\thinclient.exe
Task: {228BDEE1-C8C3-4C7F-BEE3-91A0B6F66C2F} - System32\Tasks\{67DA8AEA-6354-42CE-B407-E33C42A282D5} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {23B7FBBE-A7D5-4A34-AD46-060CC765D92E} - System32\Tasks\{7FD504B3-841B-408D-8619-E88E190DA8D6} => C:\Program Files (x86)\Divinity II - Ego Draconis\Divinity_II_Patch_1.03_GERMAN.exe
Task: {245A5C11-D036-4CE3-A206-3D0087FF869D} - System32\Tasks\{85FDF290-C320-404D-84B8-6779231A31E0} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {2521C72D-ACF7-4E0D-9F18-A11B57FE74CC} - System32\Tasks\{68E7106A-FDBD-4F0D-8550-DF8A459AFE69} => C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
Task: {2553768B-2AE4-48DF-A613-C7A4A494EE9C} - System32\Tasks\{9CA5AF8D-3F0F-42C7-BD91-D915420ACFE3} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {25873280-90E2-4ABF-8132-3C02CBDE87D0} - System32\Tasks\Feven 2.5-chromeinstaller => C:\Program Files (x86)\Feven 2.5\Feven 2.5-chromeinstaller.exe <==== ATTENTION
Task: {29C47B50-5DFF-438F-99CB-706D6E748C95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-27] (Google Inc.)
Task: {2D359077-ABF9-455A-A2BD-11A8CA7A3FAE} - System32\Tasks\{C9EE2AD4-524E-414F-A50C-DA6B832B5BF8} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {32D184EF-A82C-44B6-9E6E-23488E1E6F81} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {336613B4-A4E0-4242-B841-6A7B83C0D918} - System32\Tasks\{472CECA2-D1CA-452A-A9CD-2E5F66E02CBF} => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2014-07-21] (LogMeIn Inc.)
Task: {3DF64CDE-D27B-4C6D-BDBE-B77C15AE6721} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2355925718-3238339638-3018866954-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {42D95011-430F-42F0-A494-B45A84D8E644} - System32\Tasks\{897D3095-7A62-409F-BEF5-A770BF0CF4DE} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {4509CEBD-89B2-4F95-9BE7-0A923E40072B} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {49C78CDC-889A-45FC-B75C-6600F9966CAB} - System32\Tasks\{79015419-0F92-45C0-8EE4-4E179F736190} => C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
Task: {50806D0A-2107-49B6-A98D-57965254570C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {55C47305-75B5-48A0-908E-0D9AF695E449} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-09-18] (Hewlett-Packard Company)
Task: {56506F83-9B43-4450-B403-9696BE10DBD9} - System32\Tasks\{0D8E4BFB-4760-4899-941A-A04A53FD3A39} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {5774C19F-B0CA-4D81-8771-09EE9EDC61EA} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\ver0BlockAndSurf\l6BlockAndSurfp84.exe [2014-09-21] () <==== ATTENTION
Task: {58C2BEB1-2B7A-4C4C-B1A1-AC302CE23429} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-27] (Google Inc.)
Task: {58D1CC36-2DB1-4333-8242-A9D00DC284C5} - System32\Tasks\Feven 2.5-codedownloader => C:\Program Files (x86)\Feven 2.5\Feven 2.5-codedownloader.exe <==== ATTENTION
Task: {5A2C67D9-88D2-4AEC-B074-A4829C40D7C8} - System32\Tasks\{36C8FF93-8BD8-4E30-A5D6-ED25FFEC2812} => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [2014-08-10] (TeamSpeak Systems GmbH)
Task: {5D92F5D7-5F78-4E3B-AF91-2B41FEE2270B} - System32\Tasks\{4973F1FB-630E-40E2-9C70-88009C1BB43E} => C:\Program Files (x86)\Monte Cristo\Silverfall - Wächter der Elemente - Demo\SilverfallDemo.exe
Task: {5DF0F1DF-816A-4B0D-8969-D28DE8BE9CD6} - System32\Tasks\{1E96FC8D-8C2B-460C-9F54-28CBC2884878} => C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
Task: {6AEAEEBC-EC51-4E8C-94CF-C669E50C2702} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {6C474D59-BADE-4612-B48A-1DA5017652E1} - System32\Tasks\Feven 2.5-firefoxinstaller => C:\Program Files (x86)\Feven 2.5\Feven 2.5-firefoxinstaller.exe <==== ATTENTION
Task: {71B4D24B-817F-41DE-BE2E-C87686063F41} - System32\Tasks\{500EE935-E46A-4AA0-AD58-8D8A54253987} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {74FB1AD8-296D-4FA7-B1F0-D01E746BCD72} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {7537B895-1433-4A0A-B8F3-77C5129BD106} - System32\Tasks\{CC601210-52A7-4E2E-8BE7-E2E5643F0396} => C:\Program Files\HyperCam 2\HyCam2.exe
Task: {7B12E0BF-43DB-4F65-8785-1D2E6D54C158} - \YourFile Update No Task File <==== ATTENTION
Task: {8897DDAF-6212-46C1-B9ED-4A8EB2614805} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {8A6FC5E8-EF62-41F8-A8A5-3E3757027530} - System32\Tasks\{C58DA0D1-31F7-475E-BE33-B1F7592A93B5} => C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [2014-08-10] (TeamSpeak Systems GmbH)
Task: {8AE13740-957F-4B2B-9781-03E7F8D6C839} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-09-21] (Overwolf LTD)
Task: {953B319A-52DE-4460-B15C-45ED8C6E5A27} - System32\Tasks\{7BDD7497-A7C0-4293-AC7A-CA49768B3715} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {9A3001AE-0F9D-453E-BAFE-78FE333C8D39} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-08-20] (CyberLink)
Task: {9EE58FF6-A4F8-4493-89EB-61F5B8006377} - System32\Tasks\{83F7BE8B-3672-4C01-806C-B8D7BADBA939} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {9F7A8A39-9A36-4B20-989E-CFCE33B1E8F2} - System32\Tasks\{EDA016A9-6648-481B-BB50-DF45ED33DA31} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {9F7CA800-2D8A-4033-A94A-9FC9B217E7A7} - System32\Tasks\{412675ED-C224-4FF8-8571-5445803EC050} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {AB2859EC-7065-4D93-AE2D-344A32FF0098} - System32\Tasks\{088F98D3-4398-4748-B038-7915992C069D} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {AC239D12-5FF9-4F16-8A55-EBEBEDA89C6D} - System32\Tasks\{AB9E4B60-D7D4-4489-A561-614D85309523} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {ADC8DFD5-05B7-48C8-A7CC-B236983A1808} - System32\Tasks\{F779D376-AED6-4FEE-B8E4-143428962663} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {B3279C17-9920-4EFF-98BD-52652976909F} - System32\Tasks\{8DB3F366-A097-4A5D-A000-0C16DFFE209E} => C:\Program Files (x86)\JoWooD\SpellForce Demo\SpellForced.exe
Task: {B63FF6D1-52A1-44F6-8079-FC59CAC150F7} - System32\Tasks\{19AA9B0E-513F-411F-8A36-5A48E0FDB28B} => C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
Task: {BA15EECA-B7C6-4088-9C2A-6DD3302112CA} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {BE152DD4-9412-404F-975A-AA8027D5757E} - System32\Tasks\{C14076FC-5996-456C-B87D-9D686938FE02} => C:\Program Files (x86)\Datel\WiFi MAX\WM.EXE
Task: {BF2F502A-C412-4289-B7B9-25BBA3E3FE9F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-09-18] (Hewlett-Packard Company)
Task: {BF4535F7-7D67-4A06-9535-F8EA8F75B06E} - System32\Tasks\Feven 2.5-updater => C:\Program Files (x86)\Feven 2.5\Feven 2.5-updater.exe <==== ATTENTION
Task: {C62C9580-EE55-4935-93AC-F8A8A80A7E06} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2355925718-3238339638-3018866954-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-04-30] (RealNetworks, Inc.)
Task: {C9E22DA0-7805-4B28-B265-7F0002E168C2} - System32\Tasks\{FAE212E9-0CA9-4EF9-881B-FB56B5519A36} => C:\Program Files (x86)\TQVault\TQVault.exe [2007-03-18] ()
Task: {CB364AAC-8A72-4DD4-B732-AA4FB27DADC6} - System32\Tasks\{FD932190-4DCE-4EFB-8275-CCB6841E084C} => C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
Task: {CD7FF6C1-E9D1-4FA5-9131-A6B5D93F3C3C} - System32\Tasks\{B26BBC9F-AC7C-4953-9FA7-CA011047A7F0} => C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe
Task: {D0E886EE-2AB7-4E36-BEDA-B15643EBDA63} - System32\Tasks\{7A4735AA-26B5-4F00-A23A-E669986102AD} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {DC4A8E46-4BBC-43C4-B86A-962F9763E636} - System32\Tasks\{7DD8442C-43A1-46AA-8D56-18DE6AC9AA25} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {DC8D724C-1FC6-4E88-BFA8-431DBC63E82E} - System32\Tasks\{F003A125-9256-4022-8C48-DEA75D2EC1F8} => C:\Program Files (x86)\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
Task: {EB112395-5E92-4203-9283-9439B69C0623} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-13] (Adobe Systems Incorporated)
Task: {EBB7FBBD-513B-4EF3-BE2F-03A46C4F49EF} - System32\Tasks\Feven 2.5-enabler => C:\Program Files (x86)\Feven 2.5\Feven 2.5-enabler.exe <==== ATTENTION
Task: {F0265FC3-20B1-4069-B9C3-B431DE2697DA} - System32\Tasks\{17F06A71-0601-42A9-B5DB-F57D4063A6DE} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {FDB3A3A8-567C-4150-A17A-4444C631180E} - System32\Tasks\{13F537D5-0AB6-4A55-9307-8A4EF1088C32} => C:\Program Files (x86)\Restricted Area\Starter.exe [2007-11-22] ()
Task: {FF4BB84B-A6E2-468C-98C1-4C751C1701FD} - System32\Tasks\Opera scheduled Autoupdate 1387178156 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-12] (Opera Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\Windows\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\ver0BlockAndSurf\l6BlockAndSurfp84.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-chromeinstaller.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-codedownloader.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-enabler.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 2.5-updater.job => C:\Program Files (x86)\Feven 2.5\Feven 2.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-05 20:06 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-09-22 15:16 - 2011-08-24 03:13 - 00083240 _____ () C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
2012-06-04 12:03 - 2012-02-15 17:05 - 00014848 _____ () C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe
2012-04-20 16:30 - 2010-08-19 11:43 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-09-21 20:35 - 2014-09-21 20:35 - 00071680 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\VOPackage\VOsrv.exe
2011-04-07 23:19 - 2012-12-29 10:40 - 00087480 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-21 20:47 - 2014-09-21 20:47 - 00104960 _____ () C:\Program Files (x86)\ver0BlockAndSurf\BlockAndSurf.exe
2014-03-19 19:34 - 2014-03-19 19:34 - 00175424 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe
2014-09-21 20:48 - 2014-09-21 20:48 - 00700430 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat\inetstat.exe
2014-06-15 18:14 - 2014-06-15 18:14 - 00100632 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll
2014-09-21 20:47 - 2014-09-21 20:47 - 00200192 _____ () C:\Program Files (x86)\ver0BlockAndSurf\178_x64.dll
2014-06-15 18:14 - 2014-06-15 18:14 - 00141080 ____N () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll
2014-03-14 15:15 - 2014-03-14 15:15 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-14 15:15 - 2014-03-14 15:15 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-14 15:15 - 2014-03-14 15:15 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-08-06 09:19 - 2014-08-10 13:36 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-08-06 09:19 - 2014-08-10 13:36 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-14 15:15 - 2014-03-14 15:15 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-14 15:15 - 2014-03-14 15:15 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-08-06 09:19 - 2014-08-10 13:36 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-09 15:49 - 2014-08-10 13:36 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-14 15:15 - 2014-03-14 15:15 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-09-17 10:31 - 2014-09-17 10:31 - 01372280 _____ () C:\Program Files (x86)\Opera\24.0.1558.61\opera_crashreporter.exe
2014-09-11 03:57 - 2014-09-11 03:57 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\03d9e855a8969bf00dd1bfeafa5d055e\IsdiInterop.ni.dll
2011-01-07 21:20 - 2010-03-04 06:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-06 12:02 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\SPIELE~1.HEI\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-09-21 21:39 - 2014-09-21 21:39 - 00043008 _____ () c:\users\spiele~1.hei\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpunvnih.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-17 10:31 - 2014-09-17 10:31 - 01378936 _____ () C:\Program Files (x86)\Opera\24.0.1558.61\libglesv2.dll
2014-09-17 10:31 - 2014-09-17 10:31 - 00182392 _____ () C:\Program Files (x86)\Opera\24.0.1558.61\libegl.dll
2014-09-17 10:31 - 2014-09-17 10:31 - 00974968 _____ () C:\Program Files (x86)\Opera\24.0.1558.61\ffmpegsumo.dll
2014-09-13 20:18 - 2014-09-13 20:18 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe /startup
MSCONFIG\startupreg: IndexSearch => "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/23/2014 01:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x163c
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (09/22/2014 11:23:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12636

Error: (09/22/2014 11:23:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12636

Error: (09/22/2014 11:23:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/22/2014 11:23:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11591

Error: (09/22/2014 11:23:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11591

Error: (09/22/2014 11:23:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/22/2014 11:23:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10592

Error: (09/22/2014 11:23:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10592

Error: (09/22/2014 11:23:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (09/23/2014 02:15:27 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/23/2014 01:31:00 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/23/2014 01:03:29 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/23/2014 00:55:01 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/23/2014 00:48:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Search Protect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/23/2014 00:48:45 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 192.168.2.100192.168.137.0255.255.255.0

Error: (09/23/2014 00:48:40 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/23/2014 00:48:28 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/22/2014 11:14:43 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (09/22/2014 11:08:21 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (09/23/2014 01:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd163c01cfd71fd4122fcbC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll1c19b2e5-4313-11e4-868d-6c626d9ce7a5

Error: (09/22/2014 11:23:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12636

Error: (09/22/2014 11:23:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12636

Error: (09/22/2014 11:23:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/22/2014 11:23:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11591

Error: (09/22/2014 11:23:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11591

Error: (09/22/2014 11:23:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/22/2014 11:23:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10592

Error: (09/22/2014 11:23:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10592

Error: (09/22/2014 11:23:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-05-02 13:07:32.885
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-02 13:07:32.634
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz
Percentage of memory in use: 77%
Total physical RAM: 8055.08 MB
Available physical RAM: 1788.88 MB
Total Pagefile: 16108.34 MB
Available Pagefile: 8193.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1383.24 GB) (Free:409.42 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:13.92 GB) (Free:1.72 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: B3DBC71D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1383.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

deeprybka 23.09.2014 13:39
Hi, so geht's weiter... ;)

Schritt 1

Bitte deinstalliere folgende Programme:

Avira Free Antivirus Packages
BlockAndSurf
Buzzdock
ConvertAd
LPT System Updater Service
Media Player
Media View
Media View
Media Viewer
Remote Desktop Access
Search Protect
SmarterPower
Wajam


Versuche es bei Windows 7 http://deeprybka.trojaner-board.de/b...ne/revo/w7.png zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhttp://deeprybka.trojaner-board.de/b...ninstaller.pnghier herunter. Entpacke die zip-Datei auf den Desktop.
Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:


Schritt 2

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Blitzi 23.09.2014 14:11
Code:
# AdwCleaner v3.310 - Bericht erstellt am 23/09/2014 um 14:57:08
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Spieler - HEIKEHARDER-HP
# Gestartet von : C:\Users\Spieler.HeikeHarder-HP\Downloads\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : SPPD
[#] Dienst Gelöscht : V-bates Updater

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\FileCure
Ordner Gelöscht : C:\ProgramData\Media Get LLC
Ordner Gelöscht : C:\ProgramData\Alawar Stargaze
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
Ordner Gelöscht : C:\Program Files (x86)\MediaViewerV1
Ordner Gelöscht : C:\Program Files (x86)\MediaViewV1
Ordner Gelöscht : C:\Program Files (x86)\MediaWatchV1
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Tobit
Datei Gelöscht : C:\Windows\System32\roboot64.exe

***** [ Tasks ] *****

Task Gelöscht : APSnotifierPP1
Task Gelöscht : APSnotifierPP2
Task Gelöscht : APSnotifierPP3
Task Gelöscht : bProtector
Task Gelöscht : YourFile Update

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\Desktop\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKCU\Software\Classes\Applications\inetstat.exe
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [InetStat]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [LookThisUp]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BearShareIEHelper.DNSGuard.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\registrybooster_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\registrybooster_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SafeFinder_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SafeFinder_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32B29DF0-2237-4370-9A29-37CEBB730E9B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32B29DF0-2237-4370-9A29-37CEBB730E9B}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\Bitberry
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\smartbarbackup
Schlüssel Gelöscht : HKCU\Software\smartbarlog
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\blockAndSurf
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Feven 2.5
Schlüssel Gelöscht : HKLM\SOFTWARE\awesomehpSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\MediaPlayerV1
Schlüssel Gelöscht : HKLM\SOFTWARE\MediaViewerV1
Schlüssel Gelöscht : HKLM\SOFTWARE\MediaViewV1
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\V-bates
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\InetStat
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\V-bates
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B6EF34C0188ECFA43B48A4BE9C00748E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v

-\\ Google Chrome v35.0.1916.153

*************************

AdwCleaner[R0].txt - [12248 octets] - [23/09/2014 14:55:48]
AdwCleaner[S0].txt - [10676 octets] - [23/09/2014 14:57:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10737 octets] ##########

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by Spieler (administrator) on HEIKEHARDER-HP on 23-09-2014 15:09:20
Running from C:\Users\Spieler.HeikeHarder-HP\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
() C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Term Tutor) C:\Program Files (x86)\TermTutor\Service\ttsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Dropbox, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office10\WINWORD.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
() C:\Program Files (x86)\Opera\24.0.1558.61\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Users\Heike Harder\Documents\Downloads\Creative Suite 2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [Aeria Ignite] => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ConvertAd] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\ConvertAd\ConvertAd.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2013-08-19] (Raptr, Inc)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Akamai NetSession Interface] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [39712 2014-09-21] (Overwolf LTD)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [vm6] => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe [175424 2014-03-19] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\MountPoints2: {ae8f9719-3d80-11e3-91bb-6c626d9ce7a5} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\VoiceClient.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: CloudIcon_DOWNLOAD -> {C3DBFBE2-A521-4619-9F32-502318CB4EC2} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_ERROR -> {851C758E-C636-4045-B323-059931A3A331} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_INSYNC -> {580030D3-492E-45EA-A1C9-A0AC525BEB26} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_REFRESH -> {FEBF62C8-B6B3-43B7-BEC4-1A9CD61BDCD2} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_UPLOAD -> {EBED3602-8915-43F9-81F7-CAA6FC4F70D6} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {d944bb61-2e34-4dbf-a683-47e505c587dc} URL =
BHO: Feven 2.5 -> {11111111-1111-1111-1111-110411901108} -> C:\Program Files (x86)\Feven 2.5\Feven 2.5-bho64.dll No File
BHO: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: TermTutor -> {6CB99040-7828-4C37-AC01-F15758F43E4D} -> C:\Program Files (x86)\TermTutor\IE\TermTutorClientIE.dll (Term Tutor)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: SmarterPower -> {bd7c9b62-a7d9-4405-be51-7fd633f08791} -> C:\Program Files (x86)\SmarterPower\SmarterPowerbho.dll No File
BHO-x32: Soda PDF 2012 Helper -> {ebe8b562-cba0-40d8-b920-af7cfe0c9d94} -> C:\Program Files (x86)\Soda PDF 2012\PDFIEHelper.dll (LULU Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM - No Name - !{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} -  No File
Toolbar: HKLM - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -  No File
Toolbar: HKLM - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKLM - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} -  No File
Toolbar: HKLM-x32 - Soda PDF 2012 Toolbar - {a8c9d542-fd91-4834-a2e8-adb9ae692b8b} - C:\Program Files (x86)\Soda PDF 2012\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} -  No File
Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKLM-x32 - No Name - !{a0442ee1-d2e7-44c0-b4a5-8c4e6b035787} -  No File
Toolbar: HKLM-x32 - No Name - !{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} -  No File
Toolbar: HKLM-x32 - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKLM-x32 - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} -  No File
Toolbar: HKCU - No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} -  No File
Toolbar: HKCU - No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\user.js
FF Extension: media enhance - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com [2014-03-21]
FF Extension: Feven 2.5 - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com [2014-02-27]
FF Extension: I Want This - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\crossriderapp2258@crossrider.com [2012-06-08]
FF Extension: Extension_Protected - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack [2014-01-25]
FF Extension: FineDeaLSoft - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\lvgnow@dnhktwg.co.uk [2014-03-15]
FF Extension: Internet Turbo - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{17372c46-39f1-4c28-8f8c-b25d9b57d042} [2014-01-25]
FF Extension: Wincore Mediabar - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} [2012-07-23]
FF Extension: Lightning Speed Dial - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\lightningnewtab@gmail.com.xpi [2014-01-25]
FF Extension: WEB.DE MailCheck - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\toolbar@web.de.xpi [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Security Suite CBE 12\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-11]
FF HKLM-x32\...\Firefox\Extensions: [FFSodaPDFConverter2012@sodapdf.com] - C:\Program Files (x86)\Soda PDF 2012\FFSodaExt2012
FF Extension: Soda PDF 2012 Converter For Firefox - C:\Program Files (x86)\Soda PDF 2012\FFSodaExt2012 [2012-06-04]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha718.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1479.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha3700.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha9390.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff
FF Extension: No Name - C:\Program Files (x86)\Better-Surf\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\SuperLyrics\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta541\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha701\ff [Not Found]
FF Extension: No Name - C:\Program Files\Video downloader\Firefox [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\e46480cf-7cf6-495e-af69-573053f52c72@b33ab36d-5952-49aa-adb2-a41b3dbe51a5.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@babylon.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@funmoods.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325578&octid=EB_ORIGINAL_CTID&ISID=MD15F8B10-3BB8-4EB0-ABDF-66BCF70295B7&SearchSource=55&CUI=&UM=2&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3325578&octid=EB_ORIGINAL_CTID&ISID=MD15F8B10-3BB8-4EB0-ABDF-66BCF70295B7&SearchSource=55&CUI=&UM=2&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchProvider: Default -> Trovi search
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M9947CE73-A15F-4F49-BF1D-45E2E50585A7&SearchSource=58&CUI=&UM=6&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-24]
CHR Extension: (Google Drive) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-24]
CHR Extension: (YouTube) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-24]
CHR Extension: (Google Search) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-24]
CHR Extension: (Avira Browser Safety) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-23]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-06-24]
CHR Extension: (Google Wallet) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Gmail) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-24]
CHR HKLM-x32\...\Chrome\Extension: [fcaiicgcjkjiagjocmccmcmncckndcmh] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ch\MediaViewV1alpha3700.crx []
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-11]
CHR HKLM-x32\...\Chrome\Extension: [laaciepchcabcfgpniblbiecldehkbae] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ch\MediaViewV1alpha9390.crx [2012-05-11]
CHR HKLM-x32\...\Chrome\Extension: [mlnobaakadehgcjbhieegodlndablmao] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ch\MediaViewerV1alpha1479.crx [2012-05-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [814344 2009-12-22] (ABBYY)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-01] (Adobe Systems) [File not signed]
S4 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-24] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-08-26] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-08-26] (CyberLink)
R2 DokanMounter; C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe [14848 2012-02-15] () [File not signed]
S4 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-01-27] (Macrovision Europe Ltd.) [File not signed]
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-06] (Hewlett-Packard)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998176 2014-09-21] (Overwolf LTD)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] ()
S3 Soda PDF 2012 Helper Service; C:\Program Files (x86)\Soda PDF 2012\HelperService.exe [827224 2012-01-27] (LULU Software)
R2 Soda PDF 2012 Service; C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe [905560 2012-01-27] (LULU Software)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 ttsvc; C:\Program Files (x86)\TermTutor\Service\ttsvc.exe [276048 2014-09-04] (Term Tutor)
S2 vToolbarUpdater15.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [558592 2007-05-16] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-17] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-03-19] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-06-17] (Avira Operations GmbH & Co. KG)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2012-02-15] (Windows (R) Win 7 DDK provider)
S3 GrabsterSeries.X64; C:\Windows\System32\DRIVERS\GrabsterSeries.X64.SYS [377152 2010-01-22] ()
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation) [File not signed]
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation) [File not signed]
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation) [File not signed]
S3 iComp; C:\Windows\System32\DRIVERS\p2usbhum.sys [1794112 2009-12-09] (Conexant Systems Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-28] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-23] (Malwarebytes Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation                          )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-08-04] () [File not signed]
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor)
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
S3 ZD1211BU(ZyDAS); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S3 ZDPSp50a64; C:\Windows\SysWOW64\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-08-26] (CyberLink Corp.)
U3 ahsi4gyx; C:\Windows\System32\Drivers\ahsi4gyx.sys [0 ] (Intel Corporation)
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 toqvakfe; \??\C:\Windows\system32\drivers\toqvakfe.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 15:03 - 2014-09-23 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-23 15:03 - 2014-09-23 15:03 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-23 14:59 - 2014-09-23 14:59 - 00021618 _____ () C:\Windows\PFRO.log
2014-09-23 14:56 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-23 14:55 - 2014-09-23 15:03 - 00000000 ____D () C:\AdwCleaner
2014-09-23 14:55 - 2014-09-23 14:55 - 01373475 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\AdwCleaner_3.310.exe
2014-09-23 14:53 - 2014-09-23 14:53 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-23 14:53 - 2014-09-23 14:53 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-23 14:24 - 2014-09-23 14:24 - 00068480 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Addition.txt
2014-09-23 14:22 - 2014-09-23 15:09 - 00036987 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-09-23 14:21 - 2014-09-23 15:09 - 00000000 ____D () C:\FRST
2014-09-23 14:21 - 2014-09-23 14:21 - 02105856 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-09-23 13:16 - 2014-09-23 13:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-23 13:16 - 2014-09-23 13:16 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-23 13:16 - 2014-09-23 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-23 13:16 - 2014-09-23 13:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-23 13:16 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-23 13:16 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-23 13:16 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-21 21:35 - 2014-09-23 14:59 - 00000112 _____ () C:\Windows\setupact.log
2014-09-21 21:35 - 2014-09-21 21:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 20:54 - 2014-09-21 20:54 - 00000318 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\aps.uninstall.scan.results
2014-09-21 20:49 - 2014-09-21 20:49 - 00001245 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-21 20:48 - 2014-09-21 20:48 - 00612072 _____ (ClickMeIn Limited) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nszD8AD.tmp
2014-09-21 20:48 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-21 20:47 - 2014-09-21 21:36 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp
2014-09-21 20:47 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat
2014-09-21 20:47 - 2014-09-21 20:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-21 20:41 - 2014-09-21 20:46 - 74675720 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeStudio.exe
2014-09-21 00:00 - 2014-09-21 20:00 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\ArcheAge
2014-09-21 00:00 - 2014-09-21 00:00 - 00000000 ____D () C:\ArcheAge
2014-09-20 20:33 - 2014-09-20 20:33 - 00001891 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Archeage.lnk
2014-09-17 19:02 - 2014-09-17 19:03 - 03817601 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\powersaves3ds-software-121.zip
2014-09-11 23:08 - 2014-09-11 23:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\Neuer Ordner
2014-09-11 03:15 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:15 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:15 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:15 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:15 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:15 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:15 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:15 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:15 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:15 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:15 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:15 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:15 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:15 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:15 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:15 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:15 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:15 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:15 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:15 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:15 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:15 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:15 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:15 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:15 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:15 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:15 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:15 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:15 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:15 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:15 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:15 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:15 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:15 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:15 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:15 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:15 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:15 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:15 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:15 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:15 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:15 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:15 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:15 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:15 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:15 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:15 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:15 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:15 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:15 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:15 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:15 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:15 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:15 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:15 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:15 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:02 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:02 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 09:39 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 09:39 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 08:34 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 08:34 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 08:34 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 08:34 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 08:34 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 07:37 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 07:37 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 07:14 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 07:14 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-08-28 23:19 - 2014-08-28 23:21 - 18599008 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\Free3DVideoMaker.exe
2014-08-28 20:02 - 2014-09-09 21:23 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\lp
2014-08-28 17:26 - 2001-11-01 21:00 - 02097152 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon - Kristall-Edition (D).gbc
2014-08-28 17:03 - 2014-08-28 17:03 - 01050386 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Kristall (D).zip
2014-08-28 13:41 - 2014-08-28 13:41 - 00000945 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\HyperCam 2.lnk
2014-08-28 13:41 - 2014-08-28 13:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
2014-08-28 13:40 - 2014-08-28 13:41 - 03020528 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\HC2Setup-2.29.01 (1).exe
2014-08-27 23:47 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 23:47 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 23:47 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\Slot1D
2014-08-26 13:08 - 2014-08-26 13:17 - 27076650 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\0052.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 15:10 - 2014-09-23 14:22 - 00036987 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-09-23 15:09 - 2014-09-23 14:21 - 00000000 ____D () C:\FRST
2014-09-23 15:05 - 2012-12-09 23:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Overwolf
2014-09-23 15:04 - 2014-07-13 14:54 - 00000000 ___RD () C:\Users\Spieler.HeikeHarder-HP\Dropbox
2014-09-23 15:04 - 2014-07-13 14:51 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox
2014-09-23 15:03 - 2014-09-23 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-23 15:03 - 2014-09-23 15:03 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-23 15:03 - 2014-09-23 14:55 - 00000000 ____D () C:\AdwCleaner
2014-09-23 15:03 - 2014-08-01 19:17 - 00000928 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-09-23 15:03 - 2014-06-24 16:10 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\LogMeIn Hamachi
2014-09-23 15:03 - 2012-11-28 11:43 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Raptr
2014-09-23 15:02 - 2011-03-16 16:37 - 00000441 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-23 15:00 - 2014-01-25 18:16 - 00001506 _____ () C:\Windows\Tasks\Feven 2.5-updater.job
2014-09-23 15:00 - 2014-01-25 18:16 - 00001454 _____ () C:\Windows\Tasks\Feven 2.5-codedownloader.job
2014-09-23 15:00 - 2014-01-25 18:16 - 00001332 _____ () C:\Windows\Tasks\Feven 2.5-enabler.job
2014-09-23 15:00 - 2014-01-25 18:15 - 00002276 _____ () C:\Windows\Tasks\Feven 2.5-chromeinstaller.job
2014-09-23 15:00 - 2014-01-25 18:15 - 00002224 _____ () C:\Windows\Tasks\Feven 2.5-firefoxinstaller.job
2014-09-23 15:00 - 2011-03-09 17:38 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\PDF Software
2014-09-23 14:59 - 2014-09-23 14:59 - 00021618 _____ () C:\Windows\PFRO.log
2014-09-23 14:59 - 2014-09-21 21:35 - 00000112 _____ () C:\Windows\setupact.log
2014-09-23 14:59 - 2012-04-12 13:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-23 14:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-23 14:57 - 2013-12-11 11:49 - 00001106 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-23 14:57 - 2013-12-11 11:49 - 00001076 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Search.lnk
2014-09-23 14:57 - 2012-06-04 16:38 - 01194882 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 14:55 - 2014-09-23 14:55 - 01373475 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\AdwCleaner_3.310.exe
2014-09-23 14:53 - 2014-09-23 14:53 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-23 14:53 - 2014-09-23 14:53 - 00000000 ____D () C:\Program Files (x86)\TermTutor
2014-09-23 14:49 - 2014-01-29 20:26 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-23 14:24 - 2014-09-23 14:24 - 00068480 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Addition.txt
2014-09-23 14:21 - 2014-09-23 14:21 - 02105856 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-09-23 13:16 - 2014-09-23 13:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-23 13:16 - 2014-09-23 13:16 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-23 13:16 - 2014-09-23 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-23 13:16 - 2014-09-23 13:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-22 20:44 - 2014-06-25 12:44 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Powersaves3DS
2014-09-22 20:13 - 2014-01-23 20:42 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-09-21 23:10 - 2013-09-03 22:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TS3Client
2014-09-21 21:44 - 2011-01-29 14:11 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\SoftGrid Client
2014-09-21 21:39 - 2014-07-13 14:54 - 00001078 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Dropbox.lnk
2014-09-21 21:39 - 2014-07-13 14:52 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-21 21:36 - 2014-09-21 20:47 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp
2014-09-21 21:35 - 2014-09-21 21:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 20:54 - 2014-09-21 20:54 - 00000318 _____ () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\aps.uninstall.scan.results
2014-09-21 20:49 - 2014-09-21 20:49 - 00001245 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-21 20:49 - 2012-12-30 13:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\DVDVideoSoft
2014-09-21 20:48 - 2014-09-21 20:48 - 00612072 _____ (ClickMeIn Limited) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nszD8AD.tmp
2014-09-21 20:48 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-21 20:48 - 2014-09-21 20:47 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat
2014-09-21 20:47 - 2014-09-21 20:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-21 20:47 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-21 20:46 - 2014-09-21 20:41 - 74675720 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeStudio.exe
2014-09-21 20:42 - 2011-01-07 21:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-21 20:00 - 2014-09-21 00:00 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\ArcheAge
2014-09-21 15:06 - 2012-12-09 12:38 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-09-21 00:00 - 2014-09-21 00:00 - 00000000 ____D () C:\ArcheAge
2014-09-20 20:33 - 2014-09-20 20:33 - 00001891 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Archeage.lnk
2014-09-20 20:33 - 2014-07-03 12:03 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-09-20 19:55 - 2011-03-02 15:03 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\KlebezettelNG
2014-09-20 19:54 - 2011-04-18 11:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klebezettel
2014-09-20 19:54 - 2011-01-27 20:05 - 00000000 ____D () C:\Program Files (x86)\Klebezettel NG
2014-09-17 19:05 - 2014-06-25 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS
2014-09-17 19:05 - 2014-06-25 13:55 - 00000000 ____D () C:\Program Files (x86)\Action Replay PowerSaves 3DS
2014-09-17 19:05 - 2014-06-25 12:35 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\powersave
2014-09-17 19:03 - 2014-09-17 19:02 - 03817601 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\powersaves3ds-software-121.zip
2014-09-17 10:31 - 2014-06-03 11:02 - 00003864 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1387178156
2014-09-17 10:31 - 2011-01-27 12:58 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-16 05:56 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-16 05:56 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 20:18 - 2014-08-21 13:50 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-15 20:18 - 2014-08-06 12:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-15 20:18 - 2014-06-24 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-15 20:18 - 2014-06-24 19:23 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-14 21:12 - 2012-10-02 22:27 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\RIFT
2014-09-13 20:18 - 2012-04-12 13:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-13 20:18 - 2012-04-12 13:23 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-13 20:18 - 2011-05-23 10:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 18:43 - 2013-01-07 23:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\.minecraft
2014-09-12 05:35 - 2011-01-07 21:54 - 00799382 _____ () C:\Windows\system32\perfh007.dat
2014-09-12 05:35 - 2011-01-07 21:54 - 00188890 _____ () C:\Windows\system32\perfc007.dat
2014-09-12 05:35 - 2009-07-14 07:13 - 01903918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 23:08 - 2014-09-11 23:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\Neuer Ordner
2014-09-11 22:55 - 2014-06-24 16:06 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\pika
2014-09-11 07:41 - 2009-07-14 04:34 - 00000601 _____ () C:\Windows\win.ini
2014-09-11 04:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 03:13 - 2011-01-27 18:45 - 01877262 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:10 - 2013-08-16 09:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:04 - 2011-01-31 19:17 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:02 - 2014-05-01 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-09 21:23 - 2014-08-28 20:02 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\lp
2014-09-09 21:20 - 2014-08-21 22:58 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\uni
2014-09-05 04:10 - 2014-09-10 07:14 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 07:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-09-01 12:56 - 2013-02-07 00:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Paint.NET
2014-08-31 11:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-30 13:37 - 2014-05-02 14:03 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Winamp
2014-08-28 23:21 - 2014-08-28 23:19 - 18599008 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\Free3DVideoMaker.exe
2014-08-28 20:06 - 2012-12-30 13:05 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\DVDVideoSoft
2014-08-28 17:03 - 2014-08-28 17:03 - 01050386 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Kristall (D).zip
2014-08-28 14:50 - 2014-01-31 17:26 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\emu
2014-08-28 13:41 - 2014-08-28 13:41 - 00000945 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\HyperCam 2.lnk
2014-08-28 13:41 - 2014-08-28 13:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
2014-08-28 13:41 - 2014-08-28 13:40 - 03020528 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\HC2Setup-2.29.01 (1).exe
2014-08-28 13:41 - 2014-08-01 22:57 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\OpenCandy
2014-08-28 13:41 - 2011-03-31 16:43 - 00000000 ____D () C:\Program Files (x86)\HyCam2
2014-08-28 13:39 - 2014-08-18 16:36 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Solveig Multimedia
2014-08-28 03:20 - 2013-08-22 09:23 - 00505384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-26 18:14 - 2014-07-20 21:55 - 00005284 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\desmume.ini
2014-08-26 17:52 - 2014-07-09 18:04 - 00000409 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\fishbotconfig.ini
2014-08-26 16:10 - 2014-07-20 21:55 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\States
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\Slot1D
2014-08-26 13:17 - 2014-08-26 13:08 - 27076650 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\0052.zip
2014-08-26 13:17 - 2014-07-20 21:55 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\Battery

Files to move or delete:
====================
C:\Users\Heike Harder\Okozo_Installer.exe
C:\Users\Public\CommonRTP.exe


Some content of TEMP:
====================
C:\Users\Heike Harder\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpccntno.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\Quarantine.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\tmd_34015466.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\tmd_34015938.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ttap2.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ttap2.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uoEK5.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 06:23

==================== End Of Log ============================
--- --- ---

--- --- ---

deeprybka 23.09.2014 14:22
Schritt 1

http://filepony.de/icon/malwarebytes_anti_malware.png Malwarebytes Antimalware
  • Download-Link
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
  • Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
  • Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.



Schritt 2
Bitte lade Dir zoek.exe von hier: http://hijackthis.nl/smeenk/
  • Bitte deaktiviere während des Scans den Virenscanner, da dieser Zoek stören könnte.
  • Starte die zoek.exe mit einem Doppelklick. (Hinweis: Der Start des Programms benötigt einige Zeit)
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und sollte nicht 1:1 auf andere Computer übernommen werden.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    filesrcm;
    CHRdefaults;
    iedefaults;
    emptyclsid;
    autoclean;
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
  • Bitte poste mir das ZOEK-Log.

Schritt 3

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Blitzi 23.09.2014 15:24
Ehm da hab ich ein problem.

Malwarebytes Antimalware stürzt bei mir immer ab und sagt das meine Testphase vorbei ist.

Was soll ich tun?

deeprybka 23.09.2014 15:35
Ok, dann mach bitte mit Schritt 2 und 3 weiter.... :)

Blitzi 23.09.2014 16:39
Code:
Zoek.exe v5.0.0.0 Updated 21-09-2014
Tool run by Spieler on 23.09.2014 at 16:58:40,13.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Spieler.HeikeHarder-HP\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

23.09.2014 17:02:21 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{bd7c9b62-a7d9-4405-be51-7fd633f08791} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A0442EE1-D2E7-44C0-B4A5-8C4E6B035787} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A0442EE1-D2E7-44C0-B4A5-8C4E6B035787} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CD8812D4-E5B8-41C6-94D4-59872A484BF1} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32B29DF0-2237-4370-9A29-37CEBB730E9B} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411901108} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110411901108} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{bd7c9b62-a7d9-4405-be51-7fd633f08791} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bd7c9b62-a7d9-4405-be51-7fd633f08791} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411901108} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901108} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{164E93C4-09BF-4647-9E0B-D5FBB1D35E63} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{5CFCAFF6-5BB0-4864-B626-021C99ED82E5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{DBC80044-A445-435b-BC74-9C25C1C588A9} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{26647CA4-A2A7-4EAC-8A72-761AA9141DE7} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{A0442EE1-D2E7-44C0-B4A5-8C4E6B035787} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{CD8812D4-E5B8-41C6-94D4-59872A484BF1} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{32B29DF0-2237-4370-9A29-37CEBB730E9B} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{32B29DF0-2237-4370-9A29-37CEBB730E9B} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{77BEC163-D389-42c1-91A4-C758846296A5} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{A0442EE1-D2E7-44C0-B4A5-8C4E6B035787} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{A0442EE1-D2E7-44C0-B4A5-8C4E6B035787} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{98889811-442D-49DD-99D7-DC866BE87DBC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\!{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\virtualKeyboard@kaspersky.ru deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\FFSodaPDFConverter2012@sodapdf.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaPlayerV1alpha718.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewerV1alpha1479.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha3700.net deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\ext@MediaViewV1alpha9390.net deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater15.0.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater15.0.0 deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default

---- Lines BabylonToolbar removed from prefs.js ----
user_pref("extensions.BabylonToolbar.babExt", "");
user_pref("extensions.BabylonToolbar.babTrack", "affID=101365");
user_pref("extensions.BabylonToolbar.dfltSrch", true);
user_pref("extensions.BabylonToolbar.hmpg", false);
user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1720:37:12");
user_pref("extensions.BabylonToolbar.newTab", false);
user_pref("extensions.BabylonToolbar.smplGrp", "none");
user_pref("extensions.BabylonToolbar.srcExt", "ss");
user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1720:37:12");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=101365");
user_pref("extensions.BabylonToolbar_i.hardId", "ecc3245c0000000000006c626d9ce7a5");
user_pref("extensions.BabylonToolbar_i.id", "ecc3245c0000000000006c626d9ce7a5");
user_pref("extensions.BabylonToolbar_i.instlDay", "15391");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1720:37:12");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
---- Lines BabylonToolbar removed from user.js ----

user_pref("extensions.BabylonToolbar_i.id", "ecc3245c0000000000006c626d9ce7a5");
user_pref("extensions.BabylonToolbar_i.hardId", "ecc3245c0000000000006c626d9ce7a5");
user_pref("extensions.BabylonToolbar_i.instlDay", "15391");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1720:37:12");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=101365");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

---- Lines Softonic removed from user.js ----

user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search settings, Click No to restore original settings");
user_pref("extensions.Softonic.autoRvrt", "false");
user_pref("extensions.Softonic_i.hmpg", true);
user_pref("extensions.Softonic_i.hmpgUrl", "hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=13&cc=");
user_pref("extensions.Softonic.hpOld", "hxxp://www.searchqu.com/406");
user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=13&cc=");
user_pref("extensions.Softonic_i.dfltSrch", true);
user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=2&cc=&q=");
user_pref("extensions.Softonic.dspOld", "Search Results");
user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
user_pref("extensions.Softonic_i.dnsErr", true);
user_pref("extensions.Softonic_i.newTab", true);
user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=15&cc=");
user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00016/tb_v1?SearchSource=1&cc=&q=");
user_pref("extensions.Softonic.id", "ecc3245c0000000000006c626d9ce7a5");
user_pref("extensions.Softonic.instlDay", "15440");
user_pref("extensions.Softonic.vrsn", "1.5.21.0");
user_pref("extensions.Softonic.vrsni", "1.5.21.0");
user_pref("extensions.Softonic_i.vrsnTs", "1.5.21.00:13:27");
user_pref("extensions.Softonic.prtnrId", "softonic");
user_pref("extensions.Softonic.prdct", "Softonic");
user_pref("extensions.Softonic.aflt", "SD");
user_pref("extensions.Softonic_i.smplGrp", "none");
user_pref("extensions.Softonic.tlbrId", "base");
user_pref("extensions.Softonic.instlRef", "MON00016");
user_pref("extensions.Softonic.dfltLng", "de");
user_pref("extensions.Softonic.excTlbr", false);
user_pref("extensions.Softonic.admin", false);

---- Lines y2layers removed from user.js ----

user_pref("extentions.y2layers.installId", "7e587973-110f-448c-ab39-76706f0febac");

---- FireFox user.js and prefs.js backups ----

user__1715_.backup
prefs__1715_.backup

ProfilePath: C:\Users\HEIKEH~1\AppData\Roaming\Thunderbird\Profiles\yfa13q6e.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs__1715_.backup

ProfilePath: C:\Users\SPIELE~1.HEI\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default

---- Lines BabylonToolbar removed from prefs.js ----
user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"76\",\"lastVrsn\":\"76\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"true
---- FireFox user.js and prefs.js backups ----

user__1715_.backup
prefs__1715_.backup

ProfilePath: C:\Users\SPIELE~1.HEI\AppData\Roaming\Thunderbird\Profiles\rvweewm9.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs__1715_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Opera\shell\open\command]
@="C:\\Program Files (x86)\\Opera\\Opera.exe"

==== Deleting Files \ Folders ======================

C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} not found
C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} not found
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi not found
C:\Program Files (x86)\SuperLyrics\FF not found
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@funmoods.com not found
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi not found
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Packages\windows_ie_ac_001\AC\{8D29679C-9757-6367-1362-24EF70A8A6E5} deleted
C:\Users\Heike Harder\daemonprocess.txt deleted
C:\Users\Spieler.HeikeHarder-HP\daemonprocess.txt deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\install.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Users\Heike Harder\AppData\Roaming\BrowserCompanion deleted
C:\Users\Heike Harder\AppData\Roaming\Babylon deleted
C:\Users\Heike Harder\AppData\Roaming\GetRightToGo deleted
C:\Users\Heike Harder\AppData\Roaming\Systweak deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Search.lnk deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Uniblue deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\0F1F1C2Y1H1P1C0I0T deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\aps.uninstall.scan.results deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\systweak deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\OpenCandy deleted
C:\Users\Heike Harder\AppData\Local\AVG Secure Search deleted
C:\Users\Heike Harder\AppData\Local\blekkotb_020 deleted
C:\Users\Heike Harder\AppData\Local\PackageAware deleted
C:\Users\Heike Harder\AppData\Local\Babylon deleted
C:\Users\Heike Harder\AppData\Local\Conduit deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nspA788.tmp deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\nszD8AD.tmp deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\newplayer deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\LPT deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\AVG Secure Search deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\blekkotb_020 deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\cache deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\PackageAware deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Smartbar deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\conduit deleted
C:\Users\wangzhisong\AppData\Local\Mobogenie deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uncompressor deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Public\CommonRTP.exe deleted
C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeYouTubeToMP3Converter (1).exe deleted
C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeYouTubeToMP3Converter.exe deleted
C:\Users\Spieler.HeikeHarder-HP\Downloads\SoftonicDownloader_fuer_minecraft-forge.exe deleted
C:\Users\Heike Harder\AppData\LocalLow\bbrs_002.tb deleted
C:\Users\Heike Harder\AppData\LocalLow\DVDVideoSoftTB deleted
C:\Users\Heike Harder\AppData\LocalLow\searchresultstb deleted
C:\Users\Heike Harder\AppData\LocalLow\SweetIM deleted
C:\Users\Heike Harder\AppData\LocalLow\AVG Secure Search deleted
C:\Users\Heike Harder\AppData\LocalLow\BabylonToolbar deleted
C:\Users\Heike Harder\AppData\LocalLow\dvdvideosofttoolbar deleted
C:\Users\Heike Harder\AppData\LocalLow\searchqutoolbar deleted
C:\Users\Heike Harder\AppData\LocalLow\searchquband deleted
C:\Users\Heike Harder\AppData\LocalLow\facemoods.com deleted
C:\Users\Heike Harder\AppData\LocalLow\Funmoods deleted
C:\Users\Heike Harder\AppData\LocalLow\Softonic deleted
C:\Users\Heike Harder\AppData\LocalLow\DataMngr deleted
C:\Users\Heike Harder\AppData\LocalLow\Incredibar.com deleted
C:\Users\Heike Harder\AppData\LocalLow\PriceGong deleted
C:\Users\Heike Harder\AppData\LocalLow\Conduit deleted
C:\Users\Heike Harder\AppData\LocalLow\ConduitEngine deleted
C:\Users\Heike Harder\AppData\LocalLow\Toolbar4 deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\AskToolbar deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\dvdvideosofttoolbar deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\wincorebsband deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\mediabarbs deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Softonic_Deutsch deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Smartbar deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\bbrs_002.tb deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\DVDVideoSoftTB deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\searchresultstb deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\blekkotb_019 deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\blekkotb_020 deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\dvdvideosofttoolbar deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\searchqutoolbar deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\searchquband deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Funmoods deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Softonic deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Incredibar.com deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\PriceGong deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Conduit deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted
C:\windows\SysNative\tasks\Feven 2.5-chromeinstaller deleted
C:\windows\SysNative\tasks\Feven 2.5-codedownloader deleted
C:\windows\SysNative\tasks\Feven 2.5-enabler deleted
C:\windows\SysNative\tasks\Feven 2.5-firefoxinstaller deleted
C:\windows\SysNative\tasks\Feven 2.5-updater deleted
C:\Windows\tasks\Feven 2.5-chromeinstaller.job deleted
C:\Windows\tasks\Feven 2.5-codedownloader.job deleted
C:\Windows\tasks\Feven 2.5-enabler.job deleted
C:\Windows\tasks\Feven 2.5-firefoxinstaller.job deleted
C:\Windows\tasks\Feven 2.5-updater.job deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\wangzhisong deleted
C:\Windows\Syswow64\sho22A4.tmp deleted
C:\Windows\Syswow64\sho664.tmp deleted
C:\Windows\Syswow64\sho7B13.tmp deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Heike Harder\Documents\Updater deleted
C:\Users\Spieler.HeikeHarder-HP\Documents\Mobogenie deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\searchplugins\askcom.xml deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\searchplugins\search-results.xml deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\searchplugins\SearchResults.xml deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\searchplugins\Search_Results.xml deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\ffxtlbr@babylon.com deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\bprotector_extensions.rdf deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\bProtector_extensions.sqlite deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\dvdvideosofttoolbar deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\SweetIMToolbarData deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\staged deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\CT2269050 deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\CT2704262 deleted
C:\Users\SPIELE~1.HEI\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\CT2319825 deleted
C:\Users\Spieler.HeikeHarder-HP\Desktop\Search.lnk deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\crossriderapp2258@crossrider.com deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{32b29df0-2237-4370-9a29-37cebb730e9b} deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{cd8812d4-e5b8-41c6-94d4-59872a484bf1} deleted
C:\Users\SPIELE~1.HEI\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com deleted
C:\Users\SPIELE~1.HEI\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com deleted
C:\Users\SPIELE~1.HEI\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\crossriderapp2258@crossrider.com deleted
C:\Users\SPIELE~1.HEI\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\jid0-O6MIff3eO5dIGf5Tcv8RsJDKxrs@jetpack deleted
C:\Users\SPIELE~1.HEI\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\lvgnow@dnhktwg.co.uk deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\ffxtlbra@softonic.com deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\conduitCommon deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\ffox@bandoo.com deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\toolbar@ask.com deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\plugin@yontoo.com deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} deleted
C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\bbrs_002@blabbers.com deleted
"C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\searchplugins\softonic.xml" deleted
"C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\searchplugins\conduit.xml" deleted
"C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\searchplugins\sweetim.xml" deleted
"C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted
"C:\PROGRA~2\TermTutor\Service\ttsvc.exe" deleted
"C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\ap_logs" deleted
"C:\PROGRA~2\TermTutor" not deleted
"C:\PROGRA~2\TermTutor\Service" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\SPIELE~1.HEI\AppData\Local\Temp ====
2014-09-23 13:03:55        4E566FEA83FCEEAF2873702806B55006        43008        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpccntno.dll
2014-09-23 12:53:07        26EE807E54B8C30D215A4E039B160651        40960        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\is45637729\308276872_stp.EXE
2014-09-23 10:35:26        89B461FBDD425AAC0FF7C763925AD71B        173481        ------w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\is45637729\308276442_stp\Generic_vo.exe
2014-09-21 18:47:06        D6C776643BD04F945A821F96271E1EEF        86528        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ttap2.dll
2014-09-21 18:47:06        8C1144BC03FFA0E57FB9263CC473F052        98304        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ttap2.exe
2014-09-21 18:47:06        18AA44B12D0A65A7B00C6714BBA1EBB8        408576        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uoEK5.exe
2014-09-21 18:35:28        1AC42FF41023CE239929989FC4CFB96B        2270880        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\n5414\WIE_2.14.1.82.exe
2014-09-21 18:35:24        75171125AE047C62724A13E5782BF8A0        74675720        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\tmd_34015938.exe
2014-09-21 18:35:20        A234FB2C87F1C72A2C7416B01313D632        2099173        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\n5414\FLVMPlayerSetup.exe
2014-09-21 18:34:44        9D4AC4ABB121001E753AC334ABD87EB6        285209        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\n5414\VOPackage.exe
2014-09-21 18:34:12        0E88682AEBA4D7EF923B316F97F990BA        347552        ----atw-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\n5414\s5414.exe
2014-09-21 18:32:10        75171125AE047C62724A13E5782BF8A0        74675720        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\tmd_34015466.exe
2014-09-21 16:48:40        ACE58E99A13BB9E34A9095F7EAC106AC        173663        ------w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\is45637729\159752500_stp\Generic_vo.exe
2014-09-21 15:17:12        CD7F6178B6AB601F566961570802A0C2        173330        ------w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\is45637729\156681032_stp\Generic_vo.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-09-23 12:56:33        0DC5AF80D059DEC792B665ED598C6567        536576        ----a-w-        C:\Windows\SysWOW64\sqlite3.dll
2014-09-11 01:15:47        E3D7B3F64C30994409BDF8E48048A854        2724864        ----a-w-        C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 01:15:47        6DD476318F524D2DCB73AFEB2EE27B4A        61952        ----a-w-        C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 01:15:47        297EF1AB73B8FCE76BCA1365C2E49AFC        440320        ----a-w-        C:\Windows\SysWOW64\ieui.dll
2014-09-11 01:15:46        CC8F34B345DA638D77BB48C035DA628D        164864        ----a-w-        C:\Windows\SysWOW64\msrating.dll
2014-09-11 01:15:46        84E96F4AF8A7748A3DE7C3EBBC6768E5        365056        ----a-w-        C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 01:15:46        4F2EDC301EC63F803C0FDB6CC87EDA24        454656        ----a-w-        C:\Windows\SysWOW64\vbscript.dll
2014-09-11 01:15:46        42F6F28D4885505F687CAF0459FF9F90        112128        ----a-w-        C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 01:15:46        010DFAF3EF93994B805BAA1493D47973        243200        ----a-w-        C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 01:15:45        D603AC77E17E5B9583E382F2EE0381A7        43008        ----a-w-        C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 01:15:45        AA595171932ACC79DA9851067DCBDABF        32768        ----a-w-        C:\Windows\SysWOW64\iernonce.dll
2014-09-11 01:15:45        8D4FCAB2643DFEF68040B70F1EDCCBC5        327872        ----a-w-        C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 01:15:45        7C3D593AB1E2F5E5687D97772EF99AC7        61952        ----a-w-        C:\Windows\SysWOW64\iesetup.dll
2014-09-11 01:15:45        13C2C87C35E52AAB1B439FB2E26DF2DE        69632        ----a-w-        C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 01:15:45        074646C5A979DE79133DE4A8530A9C5D        603136        ----a-w-        C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 01:15:44        77F79126444896B5867E6761490735B8        60416        ----a-w-        C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 01:15:44        2E2E40E5D92EEA979548E307C5781038        597504        ----a-w-        C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 01:15:43        88EBB8526981D03C5777AB0A4AEBA8B4        1068032        ----a-w-        C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 01:15:43        5074835337862817DB3726558D0908DE        51200        ----a-w-        C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 01:15:43        1D8C086A39B9794D7131384586811B25        678400        ----a-w-        C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 01:15:41        FD96C05DE700F5FD26273D6DDB6495A7        2185728        ----a-w-        C:\Windows\SysWOW64\iertutil.dll
2014-09-11 01:15:40        D58988722C72D265B51A54103DFC2C6F        1812992        ----a-w-        C:\Windows\SysWOW64\wininet.dll
2014-09-11 01:15:40        77B7DDF91F3ED2CDB6CF60224EE13433        4232704        ----a-w-        C:\Windows\SysWOW64\jscript9.dll
2014-09-11 01:15:39        6A3A809CA7A8F40C89E6F1D301898A66        2014208        ----a-w-        C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 01:15:39        41010A88B70A2168F801DC19EBD4CB4F        1190400        ----a-w-        C:\Windows\SysWOW64\urlmon.dll
2014-09-11 01:15:38        7BF1CE9240CB9DD27C3E30733176EB8E        17455104        ----a-w-        C:\Windows\SysWOW64\mshtml.dll
2014-09-11 01:15:37        A3560FAFC1686D5EE9830B33B5C74B66        11769856        ----a-w-        C:\Windows\SysWOW64\ieframe.dll
2014-09-11 01:02:47        2413D2216D08FAF7D7178D9E0B481AEB        2285056        ----a-w-        C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 07:39:48        A8DDB7ACB122FC36FF0D7C9B3099A380        793600        ----a-w-        C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 06:34:25        B094390B6B2D0456821384771020870B        22016        ----a-w-        C:\Windows\SysWOW64\secur32.dll
2014-09-10 06:34:25        1B85FA0D0A93C011B76678733F39DB6C        550912        ----a-w-        C:\Windows\SysWOW64\kerberos.dll
2014-09-10 06:34:25        10826DA2FC073702AEAB93AF3D73B066        96768        ----a-w-        C:\Windows\SysWOW64\sspicli.dll
2014-09-10 05:37:41        79896A78039C9A63C56197843CFBAD0B        1987584        ----a-w-        C:\Windows\SysWOW64\d3d10warp.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-09-11 01:15:48        9EFF09364ABDC86770FA0B1BCC9CA3C3        596480        ----a-w-        C:\Windows\Sysnative\ieui.dll
2014-09-11 01:15:47        EF79F0B9E0F277F5797C475DF4248B97        83968        ----a-w-        C:\Windows\Sysnative\MshtmlDac.dll
2014-09-11 01:15:47        A0600300428AB73664050659E738F11F        33792        ----a-w-        C:\Windows\Sysnative\iernonce.dll
2014-09-11 01:15:47        1BE1D1942825BE2146941DA274D2B92F        2724864        ----a-w-        C:\Windows\Sysnative\mshtml.tlb
2014-09-11 01:15:46        EE6B22396FA99639A163B1B7E9736669        4096        ----a-w-        C:\Windows\Sysnative\ieetwcollectorres.dll
2014-09-11 01:15:46        786ECD92C9D77F571134283E0FABAF1A        289280        ----a-w-        C:\Windows\Sysnative\dxtrans.dll
2014-09-11 01:15:46        641068C626DE3AD348871D0D7931A3FA        547328        ----a-w-        C:\Windows\Sysnative\vbscript.dll
2014-09-11 01:15:46        4CF33E458BAEDA917CAE9F2E8338479C        446464        ----a-w-        C:\Windows\Sysnative\dxtmsft.dll
2014-09-11 01:15:46        305D5395A65D00C74A94AEA40E9909E9        758272        ----a-w-        C:\Windows\Sysnative\jscript9diag.dll
2014-09-11 01:15:46        2D95BDB699FA1D531B642EA18464FE05        139264        ----a-w-        C:\Windows\Sysnative\ieUnatt.exe
2014-09-11 01:15:46        0113777A28BEC88A50C2566F346E4B58        72704        ----a-w-        C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-09-11 01:15:45        E76C23C71345ACBC65ED8F6E87AD01D1        195584        ----a-w-        C:\Windows\Sysnative\msrating.dll
2014-09-11 01:15:45        C07D636B0237172345E68AE8B70A2984        51200        ----a-w-        C:\Windows\Sysnative\jsproxy.dll
2014-09-11 01:15:45        C067D863FCD53B91A5BF78AE1CE88E54        85504        ----a-w-        C:\Windows\Sysnative\mshtmled.dll
2014-09-11 01:15:45        A1BB4CFB25F7CE1D4F67DD71111823AA        374968        ----a-w-        C:\Windows\Sysnative\iedkcs32.dll
2014-09-11 01:15:45        68B0077C0D09D1B669A260F2921FD6B9        66048        ----a-w-        C:\Windows\Sysnative\iesetup.dll
2014-09-11 01:15:45        33BAC6F66DB5FE5F7E20D41B025F490E        707072        ----a-w-        C:\Windows\Sysnative\ie4uinit.exe
2014-09-11 01:15:45        2AEFBA4339A34C8EF021B49D23D1F1DF        727040        ----a-w-        C:\Windows\Sysnative\msfeeds.dll
2014-09-11 01:15:44        920BD93A0B64657A20CA66C2EBB167EA        23591424        ----a-w-        C:\Windows\Sysnative\mshtml.dll
2014-09-11 01:15:43        698C19E198F832E071778A1427E942C8        111616        ----a-w-        C:\Windows\Sysnative\ieetwcollector.exe
2014-09-11 01:15:43        5A0C72B9D3CCA42D8AB74890C19443B2        940032        ----a-w-        C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-09-11 01:15:43        4C8838D7C13E9080AF4B548CA791896B        1249280        ----a-w-        C:\Windows\Sysnative\mshtmlmedia.dll
2014-09-11 01:15:43        227303FC6E95547EA274F4337BBC7278        48640        ----a-w-        C:\Windows\Sysnative\ieetwproxystub.dll
2014-09-11 01:15:43        1439630B47D717960D59423958754394        775168        ----a-w-        C:\Windows\Sysnative\ieapfltr.dll
2014-09-11 01:15:41        75498A52C2AE248DEE5BDF5209768963        2793984        ----a-w-        C:\Windows\Sysnative\iertutil.dll
2014-09-11 01:15:40        F6304AACC5744016770C8C797CAA2AF7        5833728        ----a-w-        C:\Windows\Sysnative\jscript9.dll
2014-09-11 01:15:40        39EBB9708453036A74C30C9A294023FF        2310656        ----a-w-        C:\Windows\Sysnative\wininet.dll
2014-09-11 01:15:39        FECA80905D551074E1A9298BD98103B7        1447424        ----a-w-        C:\Windows\Sysnative\urlmon.dll
2014-09-11 01:15:39        97752927B6E2401011A96E0D6082E403        2104832        ----a-w-        C:\Windows\Sysnative\inetcpl.cpl
2014-09-11 01:15:37        BA56C68CCB912C4C08C97DD32C47AD31        13588480        ----a-w-        C:\Windows\Sysnative\ieframe.dll
2014-09-11 01:02:47        3469B9FAE899139FEE7356E91693376A        2777088        ----a-w-        C:\Windows\Sysnative\msmpeg2vdec.dll
2014-09-10 07:39:48        EFF3FF9D9E5BFD2A05390D959A1C3AD0        1031168        ----a-w-        C:\Windows\Sysnative\TSWorkspace.dll
2014-09-10 06:34:25        EE4B105F1DBE1E864AFC72E7F0315432        1460736        ----a-w-        C:\Windows\Sysnative\lsasrv.dll
2014-09-10 06:34:25        33EF550DCCC58C93F5B65FD75BAD9832        728064        ----a-w-        C:\Windows\Sysnative\kerberos.dll
2014-09-10 05:37:41        224C2EEBAAF39CD93DE5332DBE5E5A95        2565120        ----a-w-        C:\Windows\Sysnative\d3d10warp.dll
2014-09-10 05:14:22        E2BCB58869598B392D6A78953F61A2D9        578048        ----a-w-        C:\Windows\Sysnative\aepdu.dll
2014-09-10 05:14:21        88BC88D0BDFB6BBE5765D5ABB233C110        424448        ----a-w-        C:\Windows\Sysnative\aeinv.dll
====== C:\Windows\Sysnative\drivers =====
2014-09-23 14:21:22        8A50D5304E6AE48664CF5838EC32F647        122584        ----a-w-        C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-09-23 14:21:07        F92B0E478C0FAA6D6661E6E977247E60        25816        ----a-w-        C:\Windows\Sysnative\drivers\mbam.sys
2014-09-23 14:21:07        9D9ED48F841EA37AA5310D54B9E5D3C7        91352        ----a-w-        C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-09-23 14:21:07        15E8ABC06843672955CE26A009533BAD        63704        ----a-w-        C:\Windows\Sysnative\drivers\mwac.sys
2014-09-21 18:47:10        D41D8CD98F00B204E9800998ECF8427E        0        ---ha-w-        C:\Windows\Sysnative\drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-04 17:22:34        4501E093B242532C5B677DC52614D6EB        58232        ----a-w-        C:\Windows\Sysnative\drivers\ttnfd.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-09-23 12:53:21        --------        d-----w-        C:\Program Files\TermTutor
======= C:\PROGRA~2 =====
2014-09-23 12:53:19        --------        d-----w-        C:\PROGRA~2\TermTutor
2014-09-21 18:49:09        --------        d-----w-        C:\PROGRA~2\DVDVideoSoft
======= C: =====
====== C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming ======
2014-09-21 18:48:00        --------        d-----w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-21 18:47:59        --------        d-----w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat
2014-09-21 18:47:49        --------        d-----w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp
2014-08-28 11:41:54        --------        d-----w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
====== C:\Users\Spieler.HeikeHarder-HP ======
2014-09-23 14:20:30        E90BF9E1562F40140161573B79CD5720        17292760        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (3).exe
2014-09-23 12:55:15        1B151CCE618BE06C22B55FD4B502B75E        1373475        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\AdwCleaner_3.310.exe
2014-09-23 12:21:28        3898339E870EDE8F50036C6E463198A4        2105856        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-09-23 11:15:36        E90BF9E1562F40140161573B79CD5720        17292760        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-09-23 11:15:07        E90BF9E1562F40140161573B79CD5720        17292760        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-21 18:49:41        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-21 18:41:06        75171125AE047C62724A13E5782BF8A0        74675720        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeStudio.exe

====== C: exe-files ==
2014-09-23 14:20:30        E90BF9E1562F40140161573B79CD5720        17292760        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (3).exe
2014-09-23 13:03:10        9DF4EB707D8FA2C6F93C08C435E39CEF        48521944        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Raptr\raptr-4.1.0-r86354-release.exe
2014-09-23 12:55:15        1B151CCE618BE06C22B55FD4B502B75E        1373475        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\AdwCleaner_3.310.exe
2014-09-23 12:53:07        26EE807E54B8C30D215A4E039B160651        40960        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\is45637729\308276872_stp.EXE
2014-09-23 12:52:45        612F9A64E1C050345825131AEFB0A5E8        592353        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YLQ455BR\Setup[1].exe
2014-09-23 12:21:28        3898339E870EDE8F50036C6E463198A4        2105856        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-09-23 11:15:36        E90BF9E1562F40140161573B79CD5720        17292760        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-09-23 11:15:07        E90BF9E1562F40140161573B79CD5720        17292760        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-23 11:07:32        4C8C0B0340C6234649C7F91FB5E89A54        571272        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\recovery\101.3.21.141\ChromeRecovery.exe
2014-09-23 11:07:31        984CC93BB0EF86A0B4825269D8379D81        774424        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\recovery\101.3.21.141\GoogleUpdateSetup.exe
2014-09-23 10:35:26        89B461FBDD425AAC0FF7C763925AD71B        173481        ------w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\is45637729\308276442_stp\Generic_vo.exe
2014-09-22 12:13:54        2941120388D052BFB27F8EC78EDA9F54        150214592        ----a-w-        C:\ProgramData\Overwolf\Setup\0.80.20.0\OverwolfSetup.exe
2014-09-21 18:49:40        B2D5EE8DAB72DFEB5A68A9317F04A3EE        2796544        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Instagram Download\FreeInstagramDownload.exe
2014-09-21 18:49:39        A7B188FE47718D4B5766EA331DBBDE75        2786472        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe
2014-09-21 18:49:39        A76489AE142B61E7F3233AE6928B6171        1489576        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Video to DVD Converter\FreeDVDVideoBurner.exe
2014-09-21 18:49:39        A76489AE142B61E7F3233AE6928B6171        1489576        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free DVD Video Burner\FreeDVDVideoBurner.exe
2014-09-21 18:49:38        B12129ED81350F7AEE5B25DC544A479D        7969960        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Image Convert And Resize\FreeImageConvertAndResize.exe
2014-09-21 18:49:37        E870F7828E24A1474E2617610ECB7FF7        1777320        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Screen Video Recorder\FreeScreenVideoRecorder.exe
2014-09-21 18:49:37        CD8956CD7703B6E230FAB7683CAFAD22        6050472        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
2014-09-21 18:49:37        838E0690A62236F93ED11FC184F116FC        1958568        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Uploader for Facebook\FreeUploaderForFacebook.exe
2014-09-21 18:49:37        375E8A8366DFE6E9B45095B49FEE1422        574120        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Uploader for Facebook\FreeUploaderForFacebookStub.exe
2014-09-21 18:49:34        4D76C8C5A3B975B5E8E0631AC6390943        2398720        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free YouTube Uploader\FreeYouTubeUploader.exe
2014-09-21 18:49:33        CAFB615041C9A98BFC14BBA98859BD2F        1588736        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Video Flip and Rotate\FreeVideoFlipAndRotate.exe
2014-09-21 18:49:33        C8C5E771F703D548AE6016336E397380        1768616        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free DVD Video Converter\FreeDVDVideoConverter.exe
2014-09-21 18:49:32        E27BF18FE2FA3825E8096742570BC15B        874664        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Audio Editor\FreeAudioEditor.exe
2014-09-21 18:49:32        2343BBA26FCA6DAF16B0C384803A9AE8        901800        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Video Editor\FreeVideoEditor.exe
2014-09-21 18:49:31        D2D6C75BA62099C936B2EEDBDEC508A3        85672        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free YouTube to DVD Converter\ytgroovlc.exe
2014-09-21 18:49:31        ABEE199287E4756C207A7073A905A9D9        85672        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ytgroovlc.exe
2014-09-21 18:49:31        9992E0234E390B8C7CA13B3BF4E06AD6        2790568        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free YouTube to DVD Converter\FreeYouTubeToDVDConverter.exe
2014-09-21 18:49:30        A6BA764B254EABD910CAFD8B4A099C95        85672        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\ytgroovlc.exe
2014-09-21 18:49:30        863E08B68F2413035BBBC11911D21265        2785960        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
2014-09-21 18:49:29        3C502FA97C0DB042AAEF1832FA0BEC4B        2783400        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe
2014-09-21 18:49:29        099736B65B312C83180535CAF806D4EF        2280448        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Video to MP3 Converter\FreeVideoToMP3Converter.exe
2014-09-21 18:49:29        099736B65B312C83180535CAF806D4EF        2280448        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Video to JPG Converter\FreeVideoToJPGConverter.exe
2014-09-21 18:49:29        099736B65B312C83180535CAF806D4EF        2280448        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Video to DVD Converter\FreeVideoToDVDConverter.exe
2014-09-21 18:49:29        099736B65B312C83180535CAF806D4EF        2280448        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free MP4 Video Converter\FreeMP4VideoConverter.exe
2014-09-21 18:49:29        099736B65B312C83180535CAF806D4EF        2280448        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Audio Converter\FreeAudioConverter.exe
2014-09-21 18:49:26        8835B57F7E822F586B9404792D346BFD        112296        ----a-w-        C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\facebook_auth.exe
2014-09-21 18:49:25        F378DDD2C53ACB621CDBAAB6739D535D        19393395        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free DVD Video Converter\HandBrakeCLI.exe
2014-09-21 18:49:24        8B89DBE1A968EAA3A4918333C76CB29C        541600        ----a-w-        C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dvdauthor.exe
2014-09-21 18:49:24        4CD5DB20E5CC3C0C2CA1D7237E2FED4E        285184        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Video Flip and Rotate\ffmpeg.exe
2014-09-21 18:49:24        0E42A6F5616BB6D755628FE17F4D2599        406072        ----a-w-        C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\spumux.exe
2014-09-21 18:49:24        04F0EBD84546546E1EFCF50B34F26E95        319144        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free YouTube Uploader\ffmpeg.exe
2014-09-21 18:49:22        04F0EBD84546546E1EFCF50B34F26E95        319144        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Video Editor\ffmpeg.exe
2014-09-21 18:49:22        04F0EBD84546546E1EFCF50B34F26E95        319144        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\Free Audio Editor\ffmpeg.exe
2014-09-21 18:49:19        C21E3E21923419EC1495B11F9E08F75A        186536        ----a-w-        C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\updhelper.exe
2014-09-21 18:49:16        4BD42E764A7DBF39348A01A18FBD0CC1        359080        ----a-w-        C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe
2014-09-21 18:49:11        2B5C5346B4BC8AFA7383DC3076D67BDA        523944        ----a-w-        C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe
2014-09-21 18:49:11        04F0EBD84546546E1EFCF50B34F26E95        319144        ----a-w-        C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\ffmpeg.exe
2014-09-21 18:49:09        6BB10735FB90613EDB503945DB9F3375        1174520        ----a-w-        C:\Program Files (x86)\DVDVideoSoft\unins000.exe
2014-09-21 18:48:00        43A792989D6E34C307068F09A04E95FD        700430        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat\inetstat.exe
2014-09-21 18:47:54        CF5F4FFBEA3BF2A667AAA66BB7946B49        206480        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp\LookThisUpUninstall.exe
2014-09-21 18:47:50        3F48839ED5C8EF49DEE94ED82A2AE97F        1848976        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp\LookThisUp.exe
2014-09-21 18:47:06        8C1144BC03FFA0E57FB9263CC473F052        98304        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\ttap2.exe
2014-09-21 18:47:06        18AA44B12D0A65A7B00C6714BBA1EBB8        408576        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\uoEK5.exe
2014-09-21 18:41:06        75171125AE047C62724A13E5782BF8A0        74675720        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeStudio.exe
2014-09-21 18:35:28        1AC42FF41023CE239929989FC4CFB96B        2270880        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\n5414\WIE_2.14.1.82.exe
2014-09-21 18:35:24        75171125AE047C62724A13E5782BF8A0        74675720        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\tmd_34015938.exe
2014-09-21 18:35:20        A234FB2C87F1C72A2C7416B01313D632        2099173        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\n5414\FLVMPlayerSetup.exe
2014-09-21 18:34:44        9D4AC4ABB121001E753AC334ABD87EB6        285209        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\n5414\VOPackage.exe
2014-09-21 18:34:12        0E88682AEBA4D7EF923B316F97F990BA        347552        ----atw-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\n5414\s5414.exe
2014-09-21 18:32:10        75171125AE047C62724A13E5782BF8A0        74675720        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\tmd_34015466.exe
2014-09-21 16:48:40        ACE58E99A13BB9E34A9095F7EAC106AC        173663        ------w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\is45637729\159752500_stp\Generic_vo.exe
2014-09-21 15:17:12        CD7F6178B6AB601F566961570802A0C2        173330        ------w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\is45637729\156681032_stp\Generic_vo.exe
2014-09-21 08:59:30        2BCE940645009F66760BAFD979AD1488        111168        ----a-w-        C:\Program Files (x86)\Overwolf\OWUninstaller.exe
2014-09-21 08:59:28        67FF06D9E8049C398F1970AD9A6686A6        54048        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.20.0\OverwolfCrashHandler.exe
2014-09-21 08:59:28        1B5D06E953620CB844A9337DCC855218        74528        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.20.0\OverwolfBrowser.exe
2014-09-21 08:59:26        F7B3E91854DE6B39FFB21204840033A2        54048        ----a-w-        C:\Program Files (x86)\Common Files\Overwolf\0.80.20.0\OverwolfHelper.exe
2014-09-21 08:59:26        E7ED1EF09C668A99714998F535F12A87        87840        ----a-w-        C:\Program Files (x86)\Common Files\Overwolf\0.80.20.0\OverwolfHelper64.exe
2014-09-21 08:59:26        7497B153228715C9BB65A086BB297E45        181536        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.20.0\Purplizer\Purplizer.exe
2014-09-21 08:59:26        525BCBD5BC2365FDD438FE389D896A55        39712        ----a-w-        C:\Program Files (x86)\Overwolf\Overwolf.exe
2014-09-21 08:59:24        419B46AEF57049CAB061E39F06BE4C5E        998176        ----a-w-        C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
2014-09-21 08:59:24        352BD8B0AF75FBC0287F06A0FDE65EFA        66336        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.20.0\OWCleanup.exe
2014-09-21 08:59:24        28A1DC17AF38BCD336D219E00701B77C        519456        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.20.0\OWUninstallMenu.exe
2014-09-21 08:57:12        74C2E79D7B2AEA127725301C474690F2        1356544        ----a-w-        C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
2014-09-21 08:57:12        3943CCFD25474EFDB59D5851CA501F24        439552        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.20.0\OverwolfTSHelper.exe
2014-09-21 08:57:10        FE5C1F193F36449F154A1A7AE99E565E        531712        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.20.0\OverwolfOverlayHelper.exe
2014-09-20 22:00:05        C55A40E86096B2C417D21D38A933175F        267264        ----a-r-        C:\Program Files (x86)\Glyph\Games\ArcheAge\Live\bin32\hshield\Update\autoup.exe
2014-09-20 22:00:05        C55A40E86096B2C417D21D38A933175F        267264        ----a-r-        C:\ArcheAge\Working\bin32\hshield\Update\autoup.exe
2014-09-20 17:54:30        7BE039B2BFD4099FEA12FC23A2349B8E        717665        ----a-w-        C:\Program Files (x86)\Klebezettel NG\unins000.exe
2014-09-20 17:54:09        EB1D4248589AE34D078A9C8371099943        3542792        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\KlebezettelNG\LiveUpdate\klebe.exe
2014-09-18 12:13:59        DCEBC24BBA306D6E04FA067CC950BD2E        150214080        ----a-w-        C:\ProgramData\Overwolf\Setup\0.80.13.0\OverwolfSetup.exe
2014-09-17 18:46:20        663540F61B79B50495531C31656A866D        54048        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.13.0\OverwolfCrashHandler.exe
2014-09-17 18:46:18        A62C2674344A0FAE9991A6311919D0C9        87840        ----a-w-        C:\Program Files (x86)\Common Files\Overwolf\0.80.13.0\OverwolfHelper64.exe
2014-09-17 18:46:18        3705C69743C01DA801628D2858EA49EE        54048        ----a-w-        C:\Program Files (x86)\Common Files\Overwolf\0.80.13.0\OverwolfHelper.exe
2014-09-17 18:46:18        257B5239EABDFEC0D82681640371FA67        74528        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.13.0\OverwolfBrowser.exe
2014-09-17 18:46:16        E716B56581330F94CF912766DA7E4C16        66336        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.13.0\OWCleanup.exe
2014-09-17 18:46:16        375D09AFE4564ED60A5BC62DC46EE1D2        519456        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.13.0\OWUninstallMenu.exe
2014-09-17 18:46:16        10301A84C688D06F7CBB5308B0F73E93        181536        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.13.0\Purplizer\Purplizer.exe
2014-09-17 18:44:02        3943CCFD25474EFDB59D5851CA501F24        439552        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.13.0\OverwolfTSHelper.exe
2014-09-17 18:44:00        FE5C1F193F36449F154A1A7AE99E565E        531712        ----a-w-        C:\Program Files (x86)\Overwolf\0.80.13.0\OverwolfOverlayHelper.exe
2014-09-17 17:05:26        9238F082257E2A7CC7BA92DAE489880E        1208295        ----a-w-        C:\Program Files (x86)\Action Replay PowerSaves 3DS\unins000.exe
2014-09-17 17:05:11        AC06EB6C9E952E93A770799E0DD66C26        3894853        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Desktop\powersave\powersaves_setup_v1.21.exe
2014-09-17 08:31:53        F955D214F78F7DE28977F35F9D947348        48069240        ----a-w-        C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
2014-09-17 08:31:53        E4C77B94735CE5C0636C657D6255E381        3180152        ----a-w-        C:\Program Files (x86)\Opera\24.0.1558.61\opera_autoupdate.exe
2014-09-17 08:31:53        A2BD280F1EF5A3E8B6AB36412FEFC2A8        73336        ----a-w-        C:\Program Files (x86)\Opera\24.0.1558.61\wow_helper.exe
2014-09-17 08:31:53        983C641D1CEAC68B224615770F56E395        3537016        ----a-w-        C:\Program Files (x86)\Opera\24.0.1558.61\installer.exe
2014-09-17 08:31:53        2CEF0826198AFD0975B580D5801202AE        1372280        ----a-w-        C:\Program Files (x86)\Opera\24.0.1558.61\opera_crashreporter.exe
=== C: other files ==
2014-09-23 14:21:22        8A50D5304E6AE48664CF5838EC32F647        122584        ----a-w-        C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-23 14:21:07        F92B0E478C0FAA6D6661E6E977247E60        25816        ----a-w-        C:\Windows\System32\drivers\mbam.sys
2014-09-23 14:21:07        9D9ED48F841EA37AA5310D54B9E5D3C7        91352        ----a-w-        C:\Windows\System32\drivers\mbamchameleon.sys
2014-09-23 14:21:07        15E8ABC06843672955CE26A009533BAD        63704        ----a-w-        C:\Windows\System32\drivers\mwac.sys
2014-09-23 12:49:03        8A80554C91D9FCA8ACB82F023DE02F11        3        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T8K1ZA6L\world-333[1].com
2014-09-17 17:02:24        DCAA0AF50292BBE8D0A590E14893EE68        3817601        ----a-w-        C:\Users\Spieler.HeikeHarder-HP\Downloads\powersaves3ds-software-121.zip

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [11.05.2012 11:54]

==== Firefox Extensions ======================

ProfilePath: C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default
- Plasmoo Search Engine - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\engine@plasmoo.com
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\ffox@bandoo.com
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\toolbar@ask.com
- WEB.DE MailCheck - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\toolbar@web.de
- Undetermined - C:\ProgramData\AVG Secure Search\12.2.5.32
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\ffxtlbr@babylon.com
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\ffxtlbra@softonic.com
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\plugin@yontoo.com
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{32b29df0-2237-4370-9a29-37cebb730e9b}
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{cd8812d4-e5b8-41c6-94d4-59872a484bf1}
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
- Undetermined - C:\Users\Heike Harder\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\bbrs_002@blabbers.com
- Plasmoo Search Engine - %ProfilePath%\extensions\engine@plasmoo.com
- WEB.DE MailCheck - %ProfilePath%\extensions\toolbar@web.de
- Wincore Mediabar - %ProfilePath%\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}

ProfilePath: C:\Users\HEIKEH~1\AppData\Roaming\Thunderbird\Profiles\yfa13q6e.default
- Undetermined - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Suite CBE 11\THBExt_3_1_x

ProfilePath: C:\Users\SPIELE~1.HEI\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default
- Undetermined - C:\Program Files (x86)\Better-Surf\ff
- Undetermined - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
- Undetermined - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
- Undetermined - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff
- Undetermined - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff
- Undetermined - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff
- Undetermined - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff
- Undetermined - C:\Program Files (x86)\SuperLyrics\FF
- Undetermined - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta541\ff
- Undetermined - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha701\ff
- Undetermined - C:\Program Files\Video downloader\Firefox
- Undetermined - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com
- Undetermined - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\crossriderapp2258@crossrider.com
- Undetermined - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\e46480cf-7cf6-495e-af69-573053f52c72@b33ab36d-5952-49aa-adb2-a41b3dbe51a5.com
- Undetermined - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@babylon.com
- Undetermined - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@funmoods.com
- Internet Turbo - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{17372c46-39f1-4c28-8f8c-b25d9b57d042}
- Wincore Mediabar - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
- Internet Turbo - %ProfilePath%\extensions\{17372c46-39f1-4c28-8f8c-b25d9b57d042}
- Wincore Mediabar - %ProfilePath%\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
- Lightning Speed Dial - %ProfilePath%\extensions\lightningnewtab@gmail.com.xpi
- WEB.DE MailCheck - %ProfilePath%\extensions\toolbar@web.de.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default
6D657ABADF217DBB17CF0A0AF44A7E29        - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll -        Nexon Game Controller
6A8A6B3C42CA4D1403C8FEA50BACEC63        - C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -        Unity Player
10737B44923217BC0E67D26A9FC1F0AA        - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll -        RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)
2645990C521342DCD08963D2DF6CD0D2        - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll -        RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)


==== Deleted Firefox Extensions ======================

C:\Users\HEIKEH~1\AppData\Roaming\Mozilla\Firefox\Profiles\e7puc2qc.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted
C:\Users\SPIELE~1.HEI\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\lightningnewtab@gmail.com.xpi deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} deleted
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{17372c46-39f1-4c28-8f8c-b25d9b57d042} deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fcaiicgcjkjiagjocmccmcmncckndcmh - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ch\MediaViewV1alpha3700.crx[]
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
jfmjfhklogoienhpfnppmbcbjfjnkonk - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx[11.05.2012 11:54]
laaciepchcabcfgpniblbiecldehkbae - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ch\MediaViewV1alpha9390.crx[]
mlnobaakadehgcjbhieegodlndablmao - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ch\MediaViewerV1alpha1479.crx[]

RealPlayer HTML5Video Downloader Extension - Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk
media enhance - Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo

==== Chromium Startpages ======================

C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "hxxp://www.trovi.com/?gd=&ctid=CT3325578&octid=EB_ORIGINAL_CTID&ISID=MD15F8B10-3BB8-4EB0-ABDF-66BCF70295B7&SearchSource=55&CUI=&UM=2&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&SSPV=",
"startup_urls": [ "hxxp://www.trovi.com/?gd=&ctid=CT3325578&octid=EB_ORIGINAL_CTID&ISID=MD15F8B10-3BB8-4EB0-ABDF-66BCF70295B7&SearchSource=55&CUI=&UM=2&UP=SP50F30F4C-32BB-47E8-8B88-21A74C21ACB9&SSPV=" ],


==== Chromium Fix ======================

C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_ciuvo.com_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_ciuvo.com_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_api.ciuvo.com_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_api.ciuvo.com_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.boostsaves.com_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.boostsaves.com_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_static.boostsaves.com_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_static.boostsaves.com_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.wajam.com_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_www.wajam.com_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_flliilndjeohchalpbbcdekjklbdgfkk_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_flliilndjeohchalpbbcdekjklbdgfkk_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0.localstorage deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0.localstorage-journal deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_lekgiimbfodefdaoofhlckefjbgpeilo_0 deleted successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\lekgiimbfodefdaoofhlckefjbgpeilo deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
"Search Bar"="hxxp://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="hxxp://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.google.com"
"SearchAssistant"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="hxxp://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown  Url="Not_Found"
{d944bb61-2e34-4dbf-a683-47e505c587dc} Unknown  Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Heike Harder\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Heike Harder\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
HKEY_USERS\S-1-5-21-2355925718-3238339638-3018866954-1007\Software\Microsoft\Internet Explorer\SearchScopes\{d944bb61-2e34-4dbf-a683-47e505c587dc} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6CB99040-7828-4C37-AC01-F15758F43E4D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6CB99040-7828-4C37-AC01-F15758F43E4D} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{6CB99040-7828-4C37-AC01-F15758F43E4D} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6CB99040-7828-4C37-AC01-F15758F43E4D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6CB99040-7828-4C37-AC01-F15758F43E4D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6CB99040-7828-4C37-AC01-F15758F43E4D} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fcaiicgcjkjiagjocmccmcmncckndcmh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\laaciepchcabcfgpniblbiecldehkbae deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mlnobaakadehgcjbhieegodlndablmao deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Iminent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IminentMessenger deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Heike Harder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Heike Harder\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=7875 folders=992 231417633 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gast\AppData\Local\Temp emptied successfully
C:\Users\Heike Harder\AppData\Local\Temp emptied successfully
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp will be emptied at reboot
C:\Users\SPIELE~1~HEI\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\SPIELE~1.HEI\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\TermTutor"  not found

==== EOF on 23.09.2014 at 17:28:53,00 ======================

Blitzi 23.09.2014 16:40

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by Spieler (administrator) on HEIKEHARDER-HP on 23-09-2014 17:37:59
Running from C:\Users\Spieler.HeikeHarder-HP\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
() C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(LULU Software) C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
() C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe
(Akamai Technologies, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Dropbox, Inc.) C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.80.20.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.80.20.0\OverwolfHelper64.exe
() C:\Program Files (x86)\Overwolf\0.80.20.0\OverwolfBrowser.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
() C:\Program Files (x86)\Opera\24.0.1558.61\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.61\opera.exe
() C:\Program Files (x86)\Overwolf\0.80.20.0\OverwolfBrowser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Version Cue CS2] => c:\Users\Heike Harder\Documents\Downloads\Creative Suite 2\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [Aeria Ignite] => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2011-12-08] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ConvertAd] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\ConvertAd\ConvertAd.exe
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3802448 2014-09-04] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [DriverMax_RESTART] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [9532824 2012-03-26] (Innovative Solutions)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2013-08-19] (Raptr, Inc)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Akamai NetSession Interface] => C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Klebezettel NG] => [X]
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [39712 2014-09-21] (Overwolf LTD)
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\Run: [vm6] => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\M6 Processing\vm6.exe [175424 2014-03-19] ()
HKU\S-1-5-21-2355925718-3238339638-3018866954-1007\...\MountPoints2: {ae8f9719-3d80-11e3-91bb-6c626d9ce7a5} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\VoiceClient.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: CloudIcon_DOWNLOAD -> {C3DBFBE2-A521-4619-9F32-502318CB4EC2} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_ERROR -> {851C758E-C636-4045-B323-059931A3A331} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_INSYNC -> {580030D3-492E-45EA-A1C9-A0AC525BEB26} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_REFRESH -> {FEBF62C8-B6B3-43B7-BEC4-1A9CD61BDCD2} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
ShellIconOverlayIdentifiers: CloudIcon_UPLOAD -> {EBED3602-8915-43F9-81F7-CAA6FC4F70D6} => C:\Program Files\COMPUTERBILD-Cloud\ShellExt64.dll (CyberGhost SRL)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Soda PDF 2012 Helper -> {ebe8b562-cba0-40d8-b920-af7cfe0c9d94} -> C:\Program Files (x86)\Soda PDF 2012\PDFIEHelper.dll (LULU Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKLM-x32 - Soda PDF 2012 Toolbar - {a8c9d542-fd91-4834-a2e8-adb9ae692b8b} - C:\Program Files (x86)\Soda PDF 2012\PDFIEPlugin.dll (LULU Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - !!{D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.4.53 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\user.js
FF Extension: WEB.DE MailCheck - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\Extensions\toolbar@web.de.xpi [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-11]
FF Extension: No Name - C:\Program Files (x86)\Better-Surf\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha718\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\SuperLyrics\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta541\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha701\ff [Not Found]
FF Extension: No Name - C:\Program Files\Video downloader\Firefox [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\crossriderapp2258@crossrider.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\e46480cf-7cf6-495e-af69-573053f52c72@b33ab36d-5952-49aa-adb2-a41b3dbe51a5.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@babylon.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\ffxtlbr@funmoods.com [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\lightningnewtab@gmail.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{17372c46-39f1-4c28-8f8c-b25d9b57d042} [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} [Not Found]
FF Extension: No Name - C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Mozilla\Firefox\Profiles\6q039lkv.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-24]
CHR Extension: (Google Drive) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-24]
CHR Extension: (YouTube) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-24]
CHR Extension: (Google Search) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-24]
CHR Extension: (Google Wallet) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-27]
CHR Extension: (Gmail) - C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [814344 2009-12-22] (ABBYY)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-02-01] (Adobe Systems) [File not signed]
S4 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-24] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [75048 2011-08-26] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [292136 2011-08-26] (CyberLink)
R2 DokanMounter; C:\Program Files\COMPUTERBILD-Cloud\Data\Tools\mounter.exe [14848 2012-02-15] () [File not signed]
S4 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-01-27] (Macrovision Europe Ltd.) [File not signed]
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-06] (Hewlett-Packard)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-08-08] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998176 2014-09-21] (Overwolf LTD)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2010-08-19] ()
S3 Soda PDF 2012 Helper Service; C:\Program Files (x86)\Soda PDF 2012\HelperService.exe [827224 2012-01-27] (LULU Software)
R2 Soda PDF 2012 Service; C:\Program Files (x86)\Soda PDF 2012\ConversionService.exe [905560 2012-01-27] (LULU Software)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S2 ttsvc; "C:\Program Files (x86)\TermTutor\Service\ttsvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 athrusb; C:\Windows\System32\DRIVERS\athrxusb.sys [558592 2007-05-16] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-17] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-03-19] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-06-17] (Avira Operations GmbH & Co. KG)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2012-02-15] (Windows (R) Win 7 DDK provider)
S3 GrabsterSeries.X64; C:\Windows\System32\DRIVERS\GrabsterSeries.X64.SYS [377152 2010-01-22] ()
S3 hid7906; C:\Windows\SysWOW64\drivers\hid7906.sys [34963 2007-12-12] (Compuware Corporation) [File not signed]
S3 hid8101; C:\Windows\SysWOW64\drivers\hid8101.sys [37024 2007-12-03] (Compuware Corporation) [File not signed]
S3 hid8103; C:\Windows\SysWOW64\drivers\hid8103.sys [34587 2007-11-28] (Compuware Corporation) [File not signed]
S3 iComp; C:\Windows\System32\DRIVERS\p2usbhum.sys [1794112 2009-12-09] (Conexant Systems Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-28] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-23] (Malwarebytes Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [748648 2010-08-12] (Realtek Semiconductor Corporation                          )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2011-08-04] () [File not signed]
R1 ttnfd; C:\Windows\System32\drivers\ttnfd.sys [58232 2014-09-04] (Term Tutor)
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [51600 2007-02-08] (Thesycon GmbH, Germany)
S3 ZD1211BU(ZyDAS); C:\Windows\System32\DRIVERS\zd1211Bu.sys [493440 2005-10-28] (ZyDAS Technology Corporation)
S3 ZDPSp50a64; C:\Windows\SysWOW64\Drivers\ZDPSp50a64.sys [31744 2005-03-18] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-08-26] (CyberLink Corp.)
U3 ap6v2o5x; C:\Windows\System32\Drivers\ap6v2o5x.sys [0 ] (Microsoft Corporation)
S3 connctfy; system32\DRIVERS\connctfy.sys [X]
S3 connctfyMP; system32\DRIVERS\connctfy.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 toqvakfe; \??\C:\Windows\system32\drivers\toqvakfe.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 17:26 - 2014-09-23 16:58 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-23 17:01 - 2014-09-23 17:28 - 00078237 _____ () C:\zoek-results.log
2014-09-23 16:58 - 2014-09-23 17:24 - 00000000 ____D () C:\zoek_backup
2014-09-23 16:58 - 2014-09-09 07:36 - 01290240 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\zoek.exe
2014-09-23 16:57 - 2014-09-23 16:57 - 04114148 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\zoek.zip
2014-09-23 16:21 - 2014-09-23 16:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-23 16:21 - 2014-09-23 16:21 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-23 16:21 - 2014-09-23 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-23 16:21 - 2014-09-23 16:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-23 16:21 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-23 16:21 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-23 16:21 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-23 16:20 - 2014-09-23 16:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (3).exe
2014-09-23 15:03 - 2014-09-23 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-23 15:03 - 2014-09-23 15:03 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-23 14:59 - 2014-09-23 17:26 - 00022212 _____ () C:\Windows\PFRO.log
2014-09-23 14:56 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-23 14:55 - 2014-09-23 17:01 - 00000000 ____D () C:\AdwCleaner
2014-09-23 14:55 - 2014-09-23 14:55 - 01373475 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\AdwCleaner_3.310.exe
2014-09-23 14:53 - 2014-09-23 14:53 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-23 14:24 - 2014-09-23 14:24 - 00068480 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Addition.txt
2014-09-23 14:22 - 2014-09-23 17:37 - 00031143 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-09-23 14:21 - 2014-09-23 17:38 - 00000000 ____D () C:\FRST
2014-09-23 14:21 - 2014-09-23 14:21 - 02105856 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-21 21:35 - 2014-09-23 17:27 - 00000168 _____ () C:\Windows\setupact.log
2014-09-21 21:35 - 2014-09-21 21:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 20:49 - 2014-09-21 20:49 - 00001245 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-21 20:48 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-21 20:47 - 2014-09-21 21:36 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp
2014-09-21 20:47 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat
2014-09-21 20:47 - 2014-09-21 20:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-21 20:41 - 2014-09-21 20:46 - 74675720 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeStudio.exe
2014-09-21 00:00 - 2014-09-21 20:00 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\ArcheAge
2014-09-21 00:00 - 2014-09-21 00:00 - 00000000 ____D () C:\ArcheAge
2014-09-20 20:33 - 2014-09-20 20:33 - 00001891 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Archeage.lnk
2014-09-17 19:02 - 2014-09-17 19:03 - 03817601 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\powersaves3ds-software-121.zip
2014-09-11 23:08 - 2014-09-11 23:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\Neuer Ordner
2014-09-11 03:15 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:15 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:15 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:15 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:15 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 03:15 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:15 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:15 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:15 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 03:15 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:15 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 03:15 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 03:15 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:15 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:15 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:15 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:15 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 03:15 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 03:15 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 03:15 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:15 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 03:15 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:15 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 03:15 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 03:15 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:15 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 03:15 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 03:15 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:15 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:15 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:15 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:15 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:15 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:15 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:15 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 03:15 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 03:15 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:15 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:15 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:15 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:15 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 03:15 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 03:15 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:15 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:15 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:15 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:15 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:15 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:15 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:15 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:15 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 03:15 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:15 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:15 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:15 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 03:15 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 03:02 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:02 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 09:39 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 09:39 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 08:34 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 08:34 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 08:34 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 08:34 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 08:34 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-10 07:37 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 07:37 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 07:14 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 07:14 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-08-28 23:19 - 2014-08-28 23:21 - 18599008 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\Free3DVideoMaker.exe
2014-08-28 20:02 - 2014-09-09 21:23 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\lp
2014-08-28 17:26 - 2001-11-01 21:00 - 02097152 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon - Kristall-Edition (D).gbc
2014-08-28 17:03 - 2014-08-28 17:03 - 01050386 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Kristall (D).zip
2014-08-28 13:41 - 2014-08-28 13:41 - 00000945 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\HyperCam 2.lnk
2014-08-28 13:41 - 2014-08-28 13:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
2014-08-28 13:40 - 2014-08-28 13:41 - 03020528 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\HC2Setup-2.29.01 (1).exe
2014-08-27 23:47 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 23:47 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 23:47 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\Slot1D
2014-08-26 13:08 - 2014-08-26 13:17 - 27076650 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\0052.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-23 17:39 - 2014-09-23 14:22 - 00031143 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST.txt
2014-09-23 17:38 - 2014-09-23 14:21 - 00000000 ____D () C:\FRST
2014-09-23 17:36 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-23 17:36 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-23 17:31 - 2012-12-09 23:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Overwolf
2014-09-23 17:30 - 2014-07-13 14:54 - 00000000 ___RD () C:\Users\Spieler.HeikeHarder-HP\Dropbox
2014-09-23 17:30 - 2014-07-13 14:51 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Dropbox
2014-09-23 17:30 - 2014-06-24 16:10 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\LogMeIn Hamachi
2014-09-23 17:29 - 2012-11-28 11:43 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Raptr
2014-09-23 17:28 - 2014-09-23 17:01 - 00078237 _____ () C:\zoek-results.log
2014-09-23 17:28 - 2011-03-16 16:37 - 00000442 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-23 17:27 - 2014-09-21 21:35 - 00000168 _____ () C:\Windows\setupact.log
2014-09-23 17:27 - 2011-03-09 17:38 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\PDF Software
2014-09-23 17:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-23 17:26 - 2014-09-23 14:59 - 00022212 _____ () C:\Windows\PFRO.log
2014-09-23 17:26 - 2012-06-04 16:38 - 01202340 _____ () C:\Windows\WindowsUpdate.log
2014-09-23 17:24 - 2014-09-23 16:58 - 00000000 ____D () C:\zoek_backup
2014-09-23 17:18 - 2011-01-29 12:51 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP
2014-09-23 17:18 - 2011-01-27 12:25 - 00000000 ____D () C:\Users\Heike Harder
2014-09-23 17:01 - 2014-09-23 14:55 - 00000000 ____D () C:\AdwCleaner
2014-09-23 16:58 - 2014-09-23 17:26 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-23 16:57 - 2014-09-23 16:57 - 04114148 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\zoek.zip
2014-09-23 16:21 - 2014-09-23 16:21 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-23 16:21 - 2014-09-23 16:21 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-23 16:21 - 2014-09-23 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-23 16:21 - 2014-09-23 16:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-23 16:20 - 2014-09-23 16:20 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (3).exe
2014-09-23 15:03 - 2014-09-23 15:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-23 15:03 - 2014-09-23 15:03 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-09-23 15:03 - 2014-08-01 19:17 - 00000928 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-09-23 14:59 - 2012-04-12 13:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-23 14:55 - 2014-09-23 14:55 - 01373475 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\AdwCleaner_3.310.exe
2014-09-23 14:53 - 2014-09-23 14:53 - 00000000 ____D () C:\Program Files\TermTutor
2014-09-23 14:49 - 2014-01-29 20:26 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-23 14:24 - 2014-09-23 14:24 - 00068480 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Addition.txt
2014-09-23 14:21 - 2014-09-23 14:21 - 02105856 _____ (Farbar) C:\Users\Spieler.HeikeHarder-HP\Downloads\FRST64.exe
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (2).exe
2014-09-23 13:15 - 2014-09-23 13:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Spieler.HeikeHarder-HP\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-22 20:44 - 2014-06-25 12:44 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Powersaves3DS
2014-09-22 20:13 - 2014-01-23 20:42 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2014-09-21 23:10 - 2013-09-03 22:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\TS3Client
2014-09-21 21:44 - 2011-01-29 14:11 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\SoftGrid Client
2014-09-21 21:39 - 2014-07-13 14:54 - 00001078 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Dropbox.lnk
2014-09-21 21:39 - 2014-07-13 14:52 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-21 21:36 - 2014-09-21 20:47 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp
2014-09-21 21:35 - 2014-09-21 21:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-21 20:49 - 2014-09-21 20:49 - 00001245 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-09-21 20:49 - 2014-09-21 20:49 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-09-21 20:49 - 2012-12-30 13:01 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\DVDVideoSoft
2014-09-21 20:48 - 2014-09-21 20:48 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-09-21 20:48 - 2014-09-21 20:47 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\InetStat
2014-09-21 20:47 - 2014-09-21 20:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstr_01009.Wdf
2014-09-21 20:47 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-21 20:46 - 2014-09-21 20:41 - 74675720 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\FreeStudio.exe
2014-09-21 20:42 - 2011-01-07 21:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-21 20:00 - 2014-09-21 00:00 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\ArcheAge
2014-09-21 15:06 - 2012-12-09 12:38 - 00000000 ____D () C:\Program Files (x86)\RIFT
2014-09-21 00:00 - 2014-09-21 00:00 - 00000000 ____D () C:\ArcheAge
2014-09-20 20:33 - 2014-09-20 20:33 - 00001891 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\Archeage.lnk
2014-09-20 20:33 - 2014-07-03 12:03 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-09-20 19:55 - 2011-03-02 15:03 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\KlebezettelNG
2014-09-20 19:54 - 2011-04-18 11:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klebezettel
2014-09-20 19:54 - 2011-01-27 20:05 - 00000000 ____D () C:\Program Files (x86)\Klebezettel NG
2014-09-17 19:05 - 2014-06-25 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS
2014-09-17 19:05 - 2014-06-25 13:55 - 00000000 ____D () C:\Program Files (x86)\Action Replay PowerSaves 3DS
2014-09-17 19:05 - 2014-06-25 12:35 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\powersave
2014-09-17 19:03 - 2014-09-17 19:02 - 03817601 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\powersaves3ds-software-121.zip
2014-09-17 10:31 - 2014-06-03 11:02 - 00003864 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1387178156
2014-09-17 10:31 - 2011-01-27 12:58 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-15 20:18 - 2014-08-21 13:50 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-15 20:18 - 2014-08-06 12:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-15 20:18 - 2014-06-24 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-15 20:18 - 2014-06-24 19:23 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-14 21:12 - 2012-10-02 22:27 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\RIFT
2014-09-13 20:18 - 2012-04-12 13:23 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-13 20:18 - 2012-04-12 13:23 - 00003824 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-13 20:18 - 2011-05-23 10:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-12 18:43 - 2013-01-07 23:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\.minecraft
2014-09-12 05:35 - 2011-01-07 21:54 - 00799382 _____ () C:\Windows\system32\perfh007.dat
2014-09-12 05:35 - 2011-01-07 21:54 - 00188890 _____ () C:\Windows\system32\perfc007.dat
2014-09-12 05:35 - 2009-07-14 07:13 - 01903918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 23:08 - 2014-09-11 23:08 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\Neuer Ordner
2014-09-11 22:55 - 2014-06-24 16:06 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\pika
2014-09-11 07:41 - 2009-07-14 04:34 - 00000601 _____ () C:\Windows\win.ini
2014-09-11 04:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 03:13 - 2011-01-27 18:45 - 01877262 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:10 - 2013-08-16 09:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:04 - 2011-01-31 19:17 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:02 - 2014-05-01 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-09 21:23 - 2014-08-28 20:02 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\lp
2014-09-09 21:20 - 2014-08-21 22:58 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Desktop\uni
2014-09-09 07:36 - 2014-09-23 16:58 - 01290240 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\zoek.exe
2014-09-05 04:10 - 2014-09-10 07:14 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-10 07:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 19:22 - 2014-09-04 19:22 - 00058232 _____ (Term Tutor) C:\Windows\system32\Drivers\ttnfd.sys
2014-09-01 12:56 - 2013-02-07 00:45 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Paint.NET
2014-08-31 11:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-30 13:37 - 2014-05-02 14:03 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Winamp
2014-08-28 23:21 - 2014-08-28 23:19 - 18599008 _____ (DVDVideoSoft Ltd. ) C:\Users\Spieler.HeikeHarder-HP\Downloads\Free3DVideoMaker.exe
2014-08-28 20:06 - 2012-12-30 13:05 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Documents\DVDVideoSoft
2014-08-28 17:03 - 2014-08-28 17:03 - 01050386 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\Pokemon Kristall (D).zip
2014-08-28 14:50 - 2014-01-31 17:26 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\emu
2014-08-28 13:41 - 2014-08-28 13:41 - 00000945 _____ () C:\Users\Spieler.HeikeHarder-HP\Desktop\HyperCam 2.lnk
2014-08-28 13:41 - 2014-08-28 13:41 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
2014-08-28 13:41 - 2014-08-28 13:40 - 03020528 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\HC2Setup-2.29.01 (1).exe
2014-08-28 13:41 - 2011-03-31 16:43 - 00000000 ____D () C:\Program Files (x86)\HyCam2
2014-08-28 13:39 - 2014-08-18 16:36 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Solveig Multimedia
2014-08-28 03:20 - 2013-08-22 09:23 - 00505384 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-26 18:14 - 2014-07-20 21:55 - 00005284 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\desmume.ini
2014-08-26 17:52 - 2014-07-09 18:04 - 00000409 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\fishbotconfig.ini
2014-08-26 16:10 - 2014-07-20 21:55 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\States
2014-08-26 16:05 - 2014-08-26 16:05 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\Slot1D
2014-08-26 13:17 - 2014-08-26 13:08 - 27076650 _____ () C:\Users\Spieler.HeikeHarder-HP\Downloads\0052.zip
2014-08-26 13:17 - 2014-07-20 21:55 - 00000000 ____D () C:\Users\Spieler.HeikeHarder-HP\Downloads\Battery

Files to move or delete:
====================
C:\Users\Heike Harder\Okozo_Installer.exe


Some content of TEMP:
====================
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\avgnt.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsc7xbw.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-16 06:23

==================== End Of Log ============================
--- --- ---

deeprybka 23.09.2014 20:57
OK... ;)

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Blitzi 24.09.2014 17:36
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=729d05bc4529ad4ea48a1456c5ef33f7
# engine=20274
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-24 11:41:05
# local_time=2014-09-24 01:41:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 9649 8543707 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 7928240 163188715 0 0
# scanned=399145
# found=40
# cleaned=0
# scan_time=9308
sh=3C27DC455682FB37699CEA7D9D5DF3F3433776F4 ft=0 fh=0000000000000000 vn="Win32/AdWare.BetterSurf.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff\chrome\content\ffMediaViewerV1alpha1479ffaction.js.vir"
sh=873AACC06D2899322601DDE3A7221C70F9FDCD06 ft=0 fh=0000000000000000 vn="Win32/AdWare.BetterSurf.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff\chrome\content\ffMediaViewV1alpha3700ffaction.js.vir"
sh=F8EB89E8E0C989CA2047CC1B7D0700BD51BB0F2E ft=0 fh=0000000000000000 vn="Win32/AdWare.BetterSurf.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff\chrome\content\ffMediaViewV1alpha9390ffaction.js.vir"
sh=7F851F7F3AB08BB489A9E9553635ACFF24BD2F4F ft=1 fh=480bb73806aecf9e vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=EBB8454D4017FE184FD4B1A4D390C8CE099213C1 ft=1 fh=438201fe522fde58 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=CB8E8CC79BCC050599002537552BBB1AC22FB74F ft=1 fh=061ee74c2ddeab0b vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e21.rbf"
sh=632F8C4E3211B853162BA9FAA5E2C5DD183410AE ft=1 fh=2b963662ff145a5f vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e22.rbf"
sh=B5054B2B2A3B5FD9F6506BC317F3B4E560658C25 ft=1 fh=96e77847753278f6 vn="Variante von Win32/SweetIM.F evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e28.rbf"
sh=EC698435956BB659F58EA2FEAC2F77C05A34E88C ft=1 fh=3c4d9042e8d654c2 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e29.rbf"
sh=FDDACB12BE22CD908B31CCE495E8E09A4AC27543 ft=1 fh=a3c7fa381f3fa71e vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e2a.rbf"
sh=4951DA48B889C75F0C26459AB9805185A4109D3C ft=1 fh=560800bb6ccf20c0 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e2b.rbf"
sh=E601752F4FFF43B60EB869F967DA6296A9B1012F ft=1 fh=95d32721a7b63a1d vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e2c.rbf"
sh=3B586633B40C0ED2086F3D811848B47356957707 ft=1 fh=b10c46915b943e5a vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e2e.rbf"
sh=99AABAACFD9ECD4CD0CCB2E9F1EEA692AF05792F ft=1 fh=d8573ee5d719baee vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e2f.rbf"
sh=F962AC502F701A65F85F43092C4E6DCDEC1D343F ft=1 fh=175265476119f355 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e63.rbf"
sh=7E365F5F8841673A67DEB61EBCD4B689A488B677 ft=1 fh=ae054f85f50e59fb vn="Variante von Win64/Adware.Vitruvian.B Anwendung" ac=I fn="C:\Program Files\TermTutor\IE\TermTutorClientIE.dll"
sh=47FBD19BD8614EFA7926BD2C215CD8C8787FAF51 ft=1 fh=601caf80efafcc06 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Desktop\Anwendungen\Natascha\Natascha\Documents\Tasche\FreeYouTubeToMP3Converter.exe"
sh=894D413CCB58223FF6C99C01ECF6524F886738F5 ft=1 fh=483ab3832d808c98 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Documents\Downloads\Integrated_BrotherSoft_TB.exe"
sh=698A03A88D3C1D0613EFCE82138248A3EA21E3E0 ft=1 fh=8b635154fd9f4e78 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Documents\Downloads\Programme\ashampoo_photo_commander_7_7.60_7659.exe"
sh=579CA41AC9C743F424E3B3852504622887F28DB8 ft=1 fh=c8f51c412215ae36 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Documents\Downloads\Programme\Babylon8_setup.exe"
sh=2EFA02620ADA3216BD219998D4C9405D75838A61 ft=1 fh=3df0639353844df0 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Documents\Downloads\Programme\BearShareV8.exe"
sh=7C96A6339BBFAFD17EF5A8F8DB286087CDB037C3 ft=1 fh=f18e0338cfc43a42 vn="Variante von Win32/Adware.Trymedia.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Documents\Downloads\Spiele\MahjongEscapeChinaSetup-dm.exe"
sh=1159B21B7DD49F1FA4D7150C33856FA67B3525CE ft=1 fh=ab9f4e684e10e093 vn="Variante von Win32/InstallBrain.AW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Downloads\PCPerformerSetup.exe"
sh=4778B3769DC265421CA98D9211683B4A5F1532C8 ft=1 fh=a43338250a33fef3 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Videos\SoftonicDownloader_fuer_hypercam.exe"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\FreeSoundRecorder\ldrtbFree.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\FreeSoundRecorder\tbFree.dll"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\FreeSoundRecorder\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\ldrtbWin0.dll"
sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\ldrtbWin2.dll"
sh=0460B794834ED78BE69BA5EB9C0E6211EBEAD9B6 ft=1 fh=0f8145e534b0e78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\ldrtbWinl.dll"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWin0.dll"
sh=41CDE566540E31CF556FFC948255F45D4A94EAF8 ft=1 fh=3fb8233a96c1e513 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWin1.dll"
sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWin2.dll"
sh=8CA209A796CAB152BC9907BCEF283C221AC5F058 ft=1 fh=16efebacbcd5a9c9 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWinl.dll"
sh=AF2A09062B79711D5D92F58251EE238DF2E5E9F9 ft=1 fh=ea86b3a42b031233 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\www.Freeware-download.com\tbwww..dll"
sh=AC6D9EAEE290054A7795C4B0455BB168C0551D20 ft=1 fh=2e08452f5cb4be17 vn="Variante von MSIL/Adware.iBryte.H Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp\LookThisUp.exe"
sh=2CFF635D1CE90A4D2352283CDF8F37C4B5C0B1D3 ft=1 fh=d4202a5777ca5c03 vn="Variante von MSIL/Adware.iBryte.H Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp\LookThisUpUninstall.exe"
sh=2C8A8687CB75CDEDEB00D78D560F4D9CD2331256 ft=1 fh=8ab61b757ed15be1 vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\File System\000\t\00\00000000"
sh=5E588264B04A1CDC3F60E07E94EF2F510356F2B4 ft=1 fh=e8af7bd24140a2e6 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\simboapp.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=729d05bc4529ad4ea48a1456c5ef33f7
# engine=20277
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-24 04:10:06
# local_time=2014-09-24 06:10:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 25790 8559848 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 7944381 163204856 0 0
# scanned=583285
# found=228
# cleaned=0
# scan_time=16078
sh=3C27DC455682FB37699CEA7D9D5DF3F3433776F4 ft=0 fh=0000000000000000 vn="Win32/AdWare.BetterSurf.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1479\ff\chrome\content\ffMediaViewerV1alpha1479ffaction.js.vir"
sh=873AACC06D2899322601DDE3A7221C70F9FDCD06 ft=0 fh=0000000000000000 vn="Win32/AdWare.BetterSurf.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewV1\MediaViewV1alpha3700\ff\chrome\content\ffMediaViewV1alpha3700ffaction.js.vir"
sh=F8EB89E8E0C989CA2047CC1B7D0700BD51BB0F2E ft=0 fh=0000000000000000 vn="Win32/AdWare.BetterSurf.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaViewV1\MediaViewV1alpha9390\ff\chrome\content\ffMediaViewV1alpha9390ffaction.js.vir"
sh=7F851F7F3AB08BB489A9E9553635ACFF24BD2F4F ft=1 fh=480bb73806aecf9e vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=EBB8454D4017FE184FD4B1A4D390C8CE099213C1 ft=1 fh=438201fe522fde58 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=CB8E8CC79BCC050599002537552BBB1AC22FB74F ft=1 fh=061ee74c2ddeab0b vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e21.rbf"
sh=632F8C4E3211B853162BA9FAA5E2C5DD183410AE ft=1 fh=2b963662ff145a5f vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e22.rbf"
sh=B5054B2B2A3B5FD9F6506BC317F3B4E560658C25 ft=1 fh=96e77847753278f6 vn="Variante von Win32/SweetIM.F evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e28.rbf"
sh=EC698435956BB659F58EA2FEAC2F77C05A34E88C ft=1 fh=3c4d9042e8d654c2 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e29.rbf"
sh=FDDACB12BE22CD908B31CCE495E8E09A4AC27543 ft=1 fh=a3c7fa381f3fa71e vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e2a.rbf"
sh=4951DA48B889C75F0C26459AB9805185A4109D3C ft=1 fh=560800bb6ccf20c0 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e2b.rbf"
sh=E601752F4FFF43B60EB869F967DA6296A9B1012F ft=1 fh=95d32721a7b63a1d vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e2c.rbf"
sh=3B586633B40C0ED2086F3D811848B47356957707 ft=1 fh=b10c46915b943e5a vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e2e.rbf"
sh=99AABAACFD9ECD4CD0CCB2E9F1EEA692AF05792F ft=1 fh=d8573ee5d719baee vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e2f.rbf"
sh=F962AC502F701A65F85F43092C4E6DCDEC1D343F ft=1 fh=175265476119f355 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Config.Msi\2ba99e63.rbf"
sh=7E365F5F8841673A67DEB61EBCD4B689A488B677 ft=1 fh=ae054f85f50e59fb vn="Variante von Win64/Adware.Vitruvian.B Anwendung" ac=I fn="C:\Program Files\TermTutor\IE\TermTutorClientIE.dll"
sh=47FBD19BD8614EFA7926BD2C215CD8C8787FAF51 ft=1 fh=601caf80efafcc06 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Desktop\Anwendungen\Natascha\Natascha\Documents\Tasche\FreeYouTubeToMP3Converter.exe"
sh=894D413CCB58223FF6C99C01ECF6524F886738F5 ft=1 fh=483ab3832d808c98 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Documents\Downloads\Integrated_BrotherSoft_TB.exe"
sh=698A03A88D3C1D0613EFCE82138248A3EA21E3E0 ft=1 fh=8b635154fd9f4e78 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Documents\Downloads\Programme\ashampoo_photo_commander_7_7.60_7659.exe"
sh=579CA41AC9C743F424E3B3852504622887F28DB8 ft=1 fh=c8f51c412215ae36 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Documents\Downloads\Programme\Babylon8_setup.exe"
sh=2EFA02620ADA3216BD219998D4C9405D75838A61 ft=1 fh=3df0639353844df0 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Documents\Downloads\Programme\BearShareV8.exe"
sh=7C96A6339BBFAFD17EF5A8F8DB286087CDB037C3 ft=1 fh=f18e0338cfc43a42 vn="Variante von Win32/Adware.Trymedia.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Documents\Downloads\Spiele\MahjongEscapeChinaSetup-dm.exe"
sh=1159B21B7DD49F1FA4D7150C33856FA67B3525CE ft=1 fh=ab9f4e684e10e093 vn="Variante von Win32/InstallBrain.AW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Downloads\PCPerformerSetup.exe"
sh=4778B3769DC265421CA98D9211683B4A5F1532C8 ft=1 fh=a43338250a33fef3 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Heike Harder\Videos\SoftonicDownloader_fuer_hypercam.exe"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\FreeSoundRecorder\ldrtbFree.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\FreeSoundRecorder\tbFree.dll"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\FreeSoundRecorder\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\ldrtbWin0.dll"
sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\ldrtbWin2.dll"
sh=0460B794834ED78BE69BA5EB9C0E6211EBEAD9B6 ft=1 fh=0f8145e534b0e78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\ldrtbWinl.dll"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWin0.dll"
sh=41CDE566540E31CF556FFC948255F45D4A94EAF8 ft=1 fh=3fb8233a96c1e513 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWin1.dll"
sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWin2.dll"
sh=8CA209A796CAB152BC9907BCEF283C221AC5F058 ft=1 fh=16efebacbcd5a9c9 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWinl.dll"
sh=AF2A09062B79711D5D92F58251EE238DF2E5E9F9 ft=1 fh=ea86b3a42b031233 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\www.Freeware-download.com\tbwww..dll"
sh=AC6D9EAEE290054A7795C4B0455BB168C0551D20 ft=1 fh=2e08452f5cb4be17 vn="Variante von MSIL/Adware.iBryte.H Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp\LookThisUp.exe"
sh=2CFF635D1CE90A4D2352283CDF8F37C4B5C0B1D3 ft=1 fh=d4202a5777ca5c03 vn="Variante von MSIL/Adware.iBryte.H Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp\LookThisUpUninstall.exe"
sh=2C8A8687CB75CDEDEB00D78D560F4D9CD2331256 ft=1 fh=8ab61b757ed15be1 vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\File System\000\t\00\00000000"
sh=5E588264B04A1CDC3F60E07E94EF2F510356F2B4 ft=1 fh=e8af7bd24140a2e6 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\simboapp.exe"
sh=6CAC5AC1BD62E9BD8C20773F6EF77D2D3C22F219 ft=1 fh=ed69c0f9230932f8 vn="Win32/Somoto.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\Downlodes\CheatEngine61.exe"
sh=DFD5F7A9EA55A9564B60E3FCFE9E7A0138805707 ft=1 fh=1522edb60d2c3866 vn="Variante von Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\Downlodes\isobuster_all_lang.exe"
sh=BCBD47A2AFB0A7956BBF88F9F625E00D17319CAB ft=1 fh=220efb76e017b9c0 vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\Downlodes\registrybooster.exe"
sh=675FD111C7B08393436B694A297AD0C20FE5CB4F ft=1 fh=7cce267f006e47f6 vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\Downlodes\SoftonicDownloader_fuer_diablo-iii.exe"
sh=6D6F591B036398FE29624861504017760E34A433 ft=1 fh=7da278ab98611d15 vn="Variante von Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\Downlodes\Dragensang Online\CheatEngine62.exe"
sh=EFFFD2D3E286AE81EB317EC03425DF77196F81E2 ft=1 fh=7a2a47bf6d0242e9 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\Downlodes\Dragensang Online\SoftonicDownloader_fuer_vindictus.exe"
sh=7E9F5CF48A438B4420A9BBBE06D7C321DBD73406 ft=1 fh=ed8404618088cd8d vn="Variante von Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\Downlodes\Sacred\FVD2011SetupSFA.exe"
sh=60479F0E1541F9C7122C2C60D739A6FDD2357488 ft=1 fh=0155faa485b69c08 vn="Variante von Generik.MSLHOFC Trojaner" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\Downlodes\Torchlight\_savegame\torchlight_savegame_editor\Torchlight_Save_edit1.0.exe"
sh=E8CD33623287C08C7CC3662A042E45522654BB30 ft=1 fh=7cd3b160b0dbd4bd vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\RIFT\FreeYouTubeToMP3Converter37.exe"
sh=B4F353E02180CC0F9A14F6113A45D8A3084E6411 ft=1 fh=2f6a191943753ae5 vn="Win32/DomaIQ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Documents\RIFT\Player_Plugin.exe"
sh=9769330BE0E960B982E7C79097BA070BEA89C88E ft=1 fh=b52394473be6a4db vn="Variante von Win32/InstallCore.QH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Downloads\CR_Downloader_fuer_pokemon-emerald.exe"
sh=2C8A8687CB75CDEDEB00D78D560F4D9CD2331256 ft=1 fh=8ab61b757ed15be1 vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Downloads\Java (1).exe"
sh=8302844D2F855212C5D111492D456843813D5032 ft=1 fh=4992328ce8cbc03b vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Downloads\Java.exe"
sh=941F148C054D6C73FC8EA4B40715678A6FB37BDF ft=1 fh=69205b3342d3a3ea vn="Win32/OutBrowse.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Downloads\setup (1).exe"
sh=42A8E0B4C815F374D557AADE2C4A277564793497 ft=1 fh=e94051aa2e8aed98 vn="Variante von Win32/AdWare.iBryte.AK Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Downloads\Setup (2).exe"
sh=5D918F4ECD51DCB605614FB1BF20B8DA274A541B ft=1 fh=cf53c7cb56b36b70 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Downloads\Virtual Audio Cable - CHIP-Downloader.exe"
sh=6ED83CE586DCDECC79577A14549292617F11BA23 ft=0 fh=0000000000000000 vn="Variante von Win32/Somoto.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Spieler.HeikeHarder-HP\Videos\rf\hypercam227-free.zip"
sh=672E9D6FB9B1CF47ACA936E17D43776E5E89A487 ft=1 fh=3ca9fa5b35d6fe69 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=6A859B87A0320253D474441D76A966AA85F25AE0 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\106863c3.msi"
sh=78E9B5DAADBF2A2E6430B30653918C25EC98719C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\afe633c.msi"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\ldrtbFree.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\tbFree.dll"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\ldrtbFree.dll"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\tbFree.dll"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
sh=02AA64EB5F8CF0F34AB1C4A6DECCE8FC695F0C78 ft=1 fh=4a025439321add12 vn="Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_nspA788.tmp.vir"
sh=8A61EFCF05C59326E8EFA6B456B4DC0219DF82A8 ft=1 fh=c34c47dcb9f04e63 vn="Variante von Win32/SoftonicDownloader.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_Downloads_SoftonicDownloader_fuer_minecraft-forge.exe.vir"
sh=8242BD4EEE162B47CFB747901E137937FF409B7D ft=1 fh=7577f344c81db086 vn="Variante von Win32/AdWare.Vitruvian.D Anwendung" ac=I fn="C:\zoek_backup\C_PROGRA~2_TermTutor\IE\TermTutorClientIE.dll"
sh=F48E3296587DA40FDCE135488EC1CFDAB4F77CEB ft=1 fh=218b94011b24785c vn="Variante von Win32/AdWare.Vitruvian.D Anwendung" ac=I fn="C:\zoek_backup\C_PROGRA~2_TermTutor\Service\ttsvc.exe"
sh=A24B9FB4F38473ECAC32B472CCE9B3491B81726C ft=1 fh=c71c0011b420df55 vn="Variante von Win32/BrowserCompanion.A evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Heike Harder_AppData_LocalLow_bbrs_002.tb\content\BCHelper.exe"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Heike Harder_AppData_LocalLow_DVDVideoSoftTB\ldrtbDVD0.dll"
sh=C2C7BD3BD6C75D5DBCCA298C785C208AB6C73CF0 ft=1 fh=154117e7567d41ef vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Heike Harder_AppData_LocalLow_DVDVideoSoftTB\ldrtbDVD2.dll"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Heike Harder_AppData_LocalLow_DVDVideoSoftTB\tbDVD0.dll"
sh=41CDE566540E31CF556FFC948255F45D4A94EAF8 ft=1 fh=3fb8233a96c1e513 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Heike Harder_AppData_LocalLow_DVDVideoSoftTB\tbDVD1.dll"
sh=5C684D51F07A183EEA13D66F5C7E9630C48D93B5 ft=1 fh=53be76e80c29ad73 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Heike Harder_AppData_LocalLow_DVDVideoSoftTB\tbDVD2.dll"
sh=953D44F4BF59B02BE6E35587DAF60E63463E78C3 ft=1 fh=a83bfe4d2b644d64 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Heike Harder_AppData_Local_Babylon\Setup\Setup.exe"
sh=404CCDD0C1EAD3AC4E636BB0CACF6A5B0558EDDD ft=1 fh=50f7a819ca7f850c vn="Variante von Win32/BrowserCompanion.H evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Heike Harder_AppData_Roaming_BrowserCompanion\tcbhn.exe"
sh=C4A83F072A746A531C277727DE017D0A3E1B9442 ft=0 fh=0000000000000000 vn="Win32/BrowserCompanion.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Heike Harder_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_bbrs_002@blabbers.com\chrome\content\witmain.js"
sh=1A0F0CEBEDFCEC559615CDDB6C873334633A21E4 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo Anwendung" ac=I fn="C:\zoek_backup\C_Users_Heike Harder_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_plugin@yontoo.com\content\overlay.js"
sh=9EFDE89A61BAAA7D5D5D4B08214BE3D2EE505248 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_HEIKEH~1_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\102_dealply_m.js"
sh=57F445259F179510FE1EACAAD27A82E87305756C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_HEIKEH~1_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\103_intext_5_m.js"
sh=E87ABD87A6168E160F36A5CE9E444C1719F203DC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_HEIKEH~1_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\180_bpo_serp_m.js"
sh=39D85F60370A7E5065A9BDC9D83216476D768A60 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_HEIKEH~1_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\191_ciuvo_m.js"
sh=755E6F27D557EE62A1733A6D7446929692C0E2D5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_HEIKEH~1_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js"
sh=1C11431100002928B21CADA701E3D80CDBEFB6A2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_HEIKEH~1_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js"
sh=0E7EF78031BACDEDEF5E878B0C1960A4E50BB4E1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_HEIKEH~1_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\91_monetizationLoader.js.js"
sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_HEIKEH~1_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\93_superfish_no_coupons_m.js"
sh=C4A83F072A746A531C277727DE017D0A3E1B9442 ft=0 fh=0000000000000000 vn="Win32/BrowserCompanion.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_HEIKEH~1_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_bbrs_002@blabbers.com\chrome\content\witmain.js"
sh=1A0F0CEBEDFCEC559615CDDB6C873334633A21E4 ft=0 fh=0000000000000000 vn="Win32/Adware.Yontoo Anwendung" ac=I fn="C:\zoek_backup\C_Users_HEIKEH~1_AppData_Roaming_Mozilla_Firefox_Profiles_e7puc2qc.default_extensions_plugin@yontoo.com\content\overlay.js"
sh=AF2A09062B79711D5D92F58251EE238DF2E5E9F9 ft=1 fh=ea86b3a42b031233 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_LocalLow_Softonic_Deutsch\tbSof0.dll"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_LocalLow_Softonic_Deutsch\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll"
sh=50FB6BB89CD7675DD1220222E9A83802878EC2E4 ft=1 fh=fd3e98b57cf7fe79 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_conduit\spcon\1.2.2.0\embededstub.exe"
sh=D0BDA8661A671FB42ACC4CEA63B854E81BB82EE0 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\LPTInstaller.msi"
sh=BDA39A73EA906CFB7DB693F9FE785207C876FEB5 ft=1 fh=0d0036f62c1a5492 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\lrrot.dll"
sh=9DBB7D597F5EBA182DD7E3A43E9FF0BFF61BB576 ft=1 fh=dc0f9a720c4cc4b4 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\Newtonsoft.Json.dll"
sh=068FB4E9D9E6CD104749004DFF5862EC17D596F6 ft=1 fh=3843de1ac54d965c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\Proxy.Lib.dll"
sh=BF4E64DB858F88557658EB20E4D052F2A544C090 ft=1 fh=b1e1b23461b9e802 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\ProxySettings.dll"
sh=80CC982C2675CB4638C93E7E0D6CB37FC3F1CEDA ft=1 fh=26e64b7d495fe6b5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\Smartbar.Common.dll"
sh=FCCE95D7245E4505985A5C98DFF9703C1F38B783 ft=1 fh=35ed5b8297d89d1b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\Smartbar.Communication.dll"
sh=15FC81E18D2B65D898A1B7E3723D1B33A7CB87FF ft=1 fh=b1306c9740de1f74 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\Smartbar.Communication.NamedPipe.dll"
sh=5E97C129021F7B50284F842E4EFF4DEC6635C3B4 ft=1 fh=53a873cb0a67f405 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\Smartbar.Infrastructure.Utilities.dll"
sh=E02CA5B0D6F74AB67310293360395D21EF64B229 ft=1 fh=837269b0557c712c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\Smartbar.Monetization.Proxy.ProxyService.dll"
sh=581AFE0013B4622DBA55BB8E575E563026D26CDA ft=1 fh=1fca0b6eb50ae28f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\Smartbar.Personalization.Common.dll"
sh=4B14CFC7990CE2F2E4C6175B3421280B2E4532DF ft=1 fh=5b7a8827d304e11d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=7309D8EFEB67A0287EDC6DE19F68A9F54FB53391 ft=1 fh=30cbf5fcf8f03532 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\sppsm.dll"
sh=7754BFF7940F36DE57C8419EACDE4D14BF62D3D3 ft=1 fh=b2e39fd91ed2b0d4 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\spusm.dll"
sh=E6EFF7176D23CEFC1A6CBF19B1BF315AFDC1A829 ft=1 fh=bf02f3aa752ed8ba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\srbs.dll"
sh=12A1B2D810E9F2069280D8CE4B39B90B5486B1B9 ft=1 fh=1cdd15764df609bb vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\srbu.dll"
sh=618915634C3879B3877EBC23F25C01D71952B99C ft=1 fh=092ce9854039268e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\sreu.dll"
sh=0BC4FD22AF282D6E216468A09A67D83FB834561D ft=1 fh=c6fda95a5958a4a1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\srpdm.dll"
sh=2C3FF84A9302D0F389DCB1BD5DD495AF9472E818 ft=1 fh=0ddc9a3532cc1c1b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\srprl.dll"
sh=0619D9FF571213298EA0F16864227599F8581BA8 ft=1 fh=6f9028d38dd648b2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\srpt.dll"
sh=1C891FC7D2C40C3E23099CACC8EFCF9D99A60BE0 ft=1 fh=c7970dbcfcddae93 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\srptc.dll"
sh=8033FCE5B1173ED16DF0E671B4F20429B6DCCCD8 ft=1 fh=9939b1375b1c4418 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_LPT\srut.dll"
sh=672E9D6FB9B1CF47ACA936E17D43776E5E89A487 ft=1 fh=3ca9fa5b35d6fe69 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Interop.SHDocVw.dll"
sh=BD33FD5A24842348B447DB13A696573E218F32EE ft=1 fh=4bfeedaa4023443f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Interop.WMPLib.dll"
sh=5BB38CCD50D40CB5DDAAA78C28D6B7E357889C79 ft=1 fh=119ed4cc4c5bbac3 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\lrcnt.dll"
sh=BDA39A73EA906CFB7DB693F9FE785207C876FEB5 ft=1 fh=0d0036f62c1a5492 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\lrrot.dll"
sh=95CAAD7AD6FA5764501F9D461BD1F5D98647A477 ft=1 fh=bce1bfecedbfa6a4 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\MACTrackBarLib.dll"
sh=F302C0902FA6F161546600CD4E3020F0DA88FCE8 ft=1 fh=1825bba2ddace04f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\NDde.dll"
sh=9DBB7D597F5EBA182DD7E3A43E9FF0BFF61BB576 ft=1 fh=dc0f9a720c4cc4b4 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Newtonsoft.Json.dll"
sh=068FB4E9D9E6CD104749004DFF5862EC17D596F6 ft=1 fh=3843de1ac54d965c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Proxy.Lib.dll"
sh=BF4E64DB858F88557658EB20E4D052F2A544C090 ft=1 fh=b1e1b23461b9e802 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\ProxySettings.dll"
sh=6CE5A11FFB84BF162456CD2637E04644F37A944F ft=1 fh=fc0964dbb683619e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\sgml.dll"
sh=3C8BC47C992A288969C30D164CD99C8AA0F5F29F ft=1 fh=c990cda3dab0e754 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\sidb.dll"
sh=3857E7DA6897E6578AB681C09CE163B58A58B708 ft=1 fh=5c8b774c6358f4c0 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\siem.dll"
sh=BD0768FEB88C571BEB9643E3B09855306388B48D ft=1 fh=46186eb10ff5b4b1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\sipb.dll"
sh=2B1AF2582A98E118A3F2014958C2ADA8C57F4660 ft=1 fh=d462e02a141bd30d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\sismlp.dll"
sh=80CC982C2675CB4638C93E7E0D6CB37FC3F1CEDA ft=1 fh=26e64b7d495fe6b5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Common.dll"
sh=FCCE95D7245E4505985A5C98DFF9703C1F38B783 ft=1 fh=35ed5b8297d89d1b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Communication.dll"
sh=15FC81E18D2B65D898A1B7E3723D1B33A7CB87FF ft=1 fh=b1306c9740de1f74 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Communication.NamedPipe.dll"
sh=49ECFCE58E5BE4DC4FE4BE076C89A3444A978C1C ft=1 fh=23687382991870f7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.GUI.Controls.dll"
sh=74D0D4CC03EE9C59578BC4323479D2DE918CCD5B ft=1 fh=a15a68f6b3c0bdbd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.GUI.MainClient.dll"
sh=A71C48061BD6FEF5D25DF77F974DFD1C67B52D85 ft=1 fh=964f0261736e2754 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll"
sh=5C686DDE35F54876F19D066FBD361FD53863069A ft=1 fh=89249dc8d7339e6b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Infrastructure.Core.dll"
sh=D92E9ACB93D9E37E887780457B909CBD430C9AC2 ft=1 fh=c7431dfbf489faf0 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll"
sh=5E97C129021F7B50284F842E4EFF4DEC6635C3B4 ft=1 fh=53a873cb0a67f405 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Infrastructure.Utilities.dll"
sh=E02CA5B0D6F74AB67310293360395D21EF64B229 ft=1 fh=837269b0557c712c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Monetization.Proxy.ProxyService.dll"
sh=581AFE0013B4622DBA55BB8E575E563026D26CDA ft=1 fh=1fca0b6eb50ae28f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Personalization.Common.dll"
sh=ADB3C712F91E336DF167F48B0F87880F71A5630C ft=1 fh=70d07bafadd654d9 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Resources.LanguageSettings.dll"
sh=03A37BE8799E85995F81190F0EF4A7B566805913 ft=1 fh=85032c32ec6beeed vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll"
sh=A9696BD71F6AC5B101D577C4D3C5B32E408C1F7E ft=1 fh=1f750880207bfa5b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll"
sh=F4BE1221C096B5DFAA3586DDFF535EB5D15B71E2 ft=1 fh=e73982b66544d8a0 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\Smartbar.Resources.Translations.dll"
sh=0B5CAEBD535C46B65F692FFB6E45226DF9C7F560 ft=1 fh=5ab456862b99418e vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\SmartbarInternetExplorerBHO.dll"
sh=0B5CAEBD535C46B65F692FFB6E45226DF9C7F560 ft=1 fh=5ab456862b99418e vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\SmartbarInternetExplorerBHO2.dll"
sh=B60C67DB6DE2149498D1780175D2665A4E499C81 ft=1 fh=086a046e3a760fd5 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\SmartbarInternetExplorerExtension.dll"
sh=B60C67DB6DE2149498D1780175D2665A4E499C81 ft=1 fh=086a046e3a760fd5 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\SmartbarInternetExplorerExtension2.dll"
sh=1F9427A97CFBE64E5DBE21194C8415E3AC4C7BC7 ft=1 fh=26ee96a5425bf52c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\smta.dll"
sh=09D3971CBF0C89DCB04D597A71DC1AF4E7D361F4 ft=1 fh=3ab7d971024c4df0 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\smti.dll"
sh=D08A682CE9332876B10E9A80ED2EA207ED3AB582 ft=1 fh=61a8db7efc1d4c49 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\smtu.dll"
sh=2A8A53FE3A6DF4868E86A9BD98F7EAD58B875DE8 ft=1 fh=0344a09ccb201f83 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\spbe.dll"
sh=F0530E0E4B4EE5A995015B8E1F5E78FA4EF62A75 ft=1 fh=b795e06e337f817e vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\spbl.dll"
sh=7309D8EFEB67A0287EDC6DE19F68A9F54FB53391 ft=1 fh=30cbf5fcf8f03532 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\sppsm.dll"
sh=9C593682772BC96AD62F53A238F5768729D6ABCB ft=1 fh=fbf98f7d41961d03 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\spsm.dll"
sh=7754BFF7940F36DE57C8419EACDE4D14BF62D3D3 ft=1 fh=b2e39fd91ed2b0d4 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\spusm.dll"
sh=DB8A0F36D1EC59E1F94BC7F00EA48A9BEDAAE52F ft=1 fh=9a7cb4c5abb8770a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srau.dll"
sh=4DD9D0C12AE5BE2D99C78C22C5F8F3B7147CFB13 ft=1 fh=a9b040cdbdeea672 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srbhu.dll"
sh=E6EFF7176D23CEFC1A6CBF19B1BF315AFDC1A829 ft=1 fh=bf02f3aa752ed8ba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srbs.dll"
sh=12A1B2D810E9F2069280D8CE4B39B90B5486B1B9 ft=1 fh=1cdd15764df609bb vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srbu.dll"
sh=618915634C3879B3877EBC23F25C01D71952B99C ft=1 fh=092ce9854039268e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\sreu.dll"
sh=07E391DC59AC71934EC36E7FF0C4A9EC586B8DF3 ft=1 fh=97a092f6dbbe9e6a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srgu.dll"
sh=CFDA19E52945408B520ED98282E430601D880523 ft=1 fh=9642ed848cc678cd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srns.dll"
sh=6D7FAD57BD27D4E6D82671A5E2F3EF2B3F77834C ft=1 fh=fbfbbc217dcf5248 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srom.dll"
sh=0BC4FD22AF282D6E216468A09A67D83FB834561D ft=1 fh=c6fda95a5958a4a1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srpdm.dll"
sh=2C3FF84A9302D0F389DCB1BD5DD495AF9472E818 ft=1 fh=0ddc9a3532cc1c1b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srprl.dll"
sh=F46CA2130D1238800CEA60F789A38CF1F846001D ft=1 fh=f59f97db15b50136 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srpu.dll"
sh=95392134385DF083304A734F6E57D6364F996128 ft=1 fh=37539a96a89e7ddb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srsbs.dll"
sh=FDE91934093989F46732233B32211A2CC04B7BDB ft=1 fh=5ec4aafc370ceabb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srsbsau.dll"
sh=887D53A3B0A848035E939E0514AB35459F885FDE ft=1 fh=0010a7526238fde5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srsl.dll"
sh=DDB579277E9CCC5C7B4BAD69ACE9E0D085A07A0C ft=1 fh=147b4886edd27b8d vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\sruhs.dll"
sh=59C5B5C1A229918DBECF17C77F1F9228A4B8FC48 ft=1 fh=e320b798f494eeee vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srus.dll"
sh=8033FCE5B1173ED16DF0E671B4F20429B6DCCCD8 ft=1 fh=9939b1375b1c4418 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\srut.dll"
sh=C57E61DE60B5EA4E74E1BB329D001614235F6449 ft=1 fh=ff28ad8c51af5a1f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll"
sh=36C33FBC49F1F43E495BF2832FF4D45958240094 ft=1 fh=8f3b91373be546bd vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll"
sh=E40A1ADF30EB29ABE24108C67BAABD9F9D47B131 ft=1 fh=fbefebb0a4f5c1fa vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll"
sh=0F8BB9CAAE1EA840AD10ADD234E8136C06199B1F ft=1 fh=1fcdece35f94cf41 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll"
sh=D5B1CEDE24107451A6992C4160AA41266DFAFAC3 ft=1 fh=d752db1b6073b705 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll"
sh=9DD805A2B491C8F5D5D99FC5C0873E9D141A9941 ft=1 fh=44431407f527d8cf vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll"
sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll"
sh=4B9D59EFA89F628628CE74083961743D56E460C7 ft=1 fh=8e9074b2b2075a48 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll"
sh=7290509DD9B7F8DCFA781334EBEFF3E5D4C58C5C ft=1 fh=0aae782d31fb93bd vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll"
sh=32602D4077332EE0F75304C87434755510F768FD ft=1 fh=4d22cbd3b33f2e9e vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll"
sh=A5517659524BFD05ABEF457FE26F1D0E80D3EF85 ft=1 fh=af4585d56f4a69b5 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll"
sh=36E31354BDEA960B9E966413460C3CB81036C629 ft=1 fh=107c58d6ba93a4af vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_30.dll"
sh=F47066B654DCB4E6127CE2B08002490E363F78AD ft=1 fh=bd34a232fe4bf2ba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll"
sh=6F87CF5D007F78A5E12E2D2E0C453C205CCF686B ft=1 fh=4b94b226c2420552 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll"
sh=15DBC7408759F4FC3FCF377E9AFBC28159B5CFE6 ft=1 fh=df9bb1037b628200 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll"
sh=F3CD1ACC90EC655B411D3140C4773814ABA7615F ft=1 fh=c7a8391b8741a59a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll"
sh=C613E318C1ABD640ED01080EB9D376808B17828C ft=1 fh=c9aa8bdfbb1bc052 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll"
sh=18B959365F8040ADC2D524059A2DB56D803DDAAB ft=1 fh=338532da61eb5a7f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.AdvancedExeLauncherPlugin.dll"
sh=853CADBDF4B70CC4610196D6E766DC1C02E8D849 ft=1 fh=a369aeeabc6afc29 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.CustomControl.dll"
sh=185FB983A564FDAD8713E294FCE498C08FFF9EFC ft=1 fh=13902d426f3f84b6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll"
sh=3AA60EA07F43461E6244742F8168F9BE13222714 ft=1 fh=bc88f56fc952b075 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll"
sh=91E2241D8D7361F89A6E2D985E472A1F3023D712 ft=1 fh=4c6572a5818b659b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.SafeMode.dll"
sh=C958F7DF75F771F934240904F065C4D202293BFD ft=1 fh=a9b6610bcf3cfa7c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll"
sh=60D99FC3C9C75562895A591C90F964E3E5259676 ft=1 fh=0b51d3f03653bc69 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll"
sh=507262E8F61954C21C41A37035806C85A656AF14 ft=1 fh=1bd7c74c0c881a00 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.YoutubeDownloadPlugin.dll"
sh=89D506DDB18EFF2EE0AF01B3527CE571BB1AEF1C ft=1 fh=d81f389a663e3805 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Local_Smartbar\Common\ServicesPlugins\spup.dll"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_20.dll"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_21.dll"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_22.dll"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_23.dll"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_24.dll"
sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_25.dll"
sh=62FCEA376B1A621250C656D1CB04EE312D17D1F8 ft=1 fh=ab20167c78718fdb vn="Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_OpenCandy\8674ED82C9C840B286C1825BA121A2D6\SearchProtect_p1v4.exe"
sh=119E149747A552877117A6D91EFD3BE4B26418AE ft=1 fh=d60c8402287380a1 vn="Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_OpenCandy\8674ED82C9C840B286C1825BA121A2D6\sp-downloader.exe"
sh=A5B0B87FB9A0718E45E59F48CCD51B3470F2D492 ft=1 fh=7c58f7e58f0d1dae vn="Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_OpenCandy\9231E58A63A44BD481F4DD52D72AEFBC\SearchProtect_p1v5.exe"
sh=119E149747A552877117A6D91EFD3BE4B26418AE ft=1 fh=d60c8402287380a1 vn="Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_OpenCandy\9231E58A63A44BD481F4DD52D72AEFBC\sp-downloader.exe"
sh=9E77E1D2FD7B77B0FD8A71A70C35DD5A16836CF3 ft=1 fh=b241df9fafd25e77 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_Spieler.HeikeHarder-HP_AppData_Roaming_systweak\ssd\SSDPTstub.exe"
sh=9EFDE89A61BAAA7D5D5D4B08214BE3D2EE505248 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\102_dealply_m.js"
sh=57F445259F179510FE1EACAAD27A82E87305756C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\103_intext_5_m.js"
sh=E87ABD87A6168E160F36A5CE9E444C1719F203DC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\180_bpo_serp_m.js"
sh=39D85F60370A7E5065A9BDC9D83216476D768A60 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\191_ciuvo_m.js"
sh=7CD82C8AAFF59D7A1E7625012490985C70AD0157 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\223_imonomy_m.js"
sh=DE138BFD2293B4197712198C41377CE6A89E6200 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\230_revizer_ws_dynamic_b2b_2_m.js"
sh=E0F8250FB3FFBCB394862C11971C43A7B3B6BD17 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\233_revizer_p_dynamic_b2b_2_m.js"
sh=2C1383206E28E330BBC4DAA4BD9C8D7F942B2AE4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\91_monetizationLoader.js.js"
sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_4433da5b-eb52-495d-8865-b2a7468567f6@927544a3-fdfb-4485-a78b-21e1113eee35.com\extensionData\plugins\93_superfish_no_coupons_m.js"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_20.dll"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_21.dll"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_22.dll"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_23.dll"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_24.dll"
sh=C88DAF3FB5D3FEC090233FF251F7F0CFC73EF4CD ft=1 fh=b74c7f4df627386b vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Users_SPIELE~1.HEI_AppData_Roaming_Mozilla_Firefox_Profiles_6q039lkv.default_extensions_{17372c46-39f1-4c28-8f8c-b25d9b57d042}\components\SmartbarFireFoxRemotePlugin_25.dll"
sh=0460B794834ED78BE69BA5EB9C0E6211EBEAD9B6 ft=1 fh=0f8145e534b0e78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_DVDVideoSoftTB\ldrtbDVDV.dll"
sh=8CA209A796CAB152BC9907BCEF283C221AC5F058 ft=1 fh=16efebacbcd5a9c9 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_DVDVideoSoftTB\tbDVDV.dll"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_Windows_sysWoW64_config_systemprofile_AppData_LocalLow_DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
seit gestern habe ich nun keine Nervende Werbung mehr im Hintergrund. Doch ich warte nochmal en bisschen ob nicht es doch wieder auftritt

deeprybka 25.09.2014 13:48
Zitat:
Zitat von Blitzi (Beitrag 1364217)
seit gestern habe ich nun keine Nervende Werbung mehr im Hintergrund. Doch ich warte nochmal en bisschen ob nicht es doch wieder auftritt
Ok...:lach:

Mach bitte in der Zwischenzeit schon mal diesen Fix:

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...st/frstfix.png

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Heike Harder\Okozo_Installer.exe
C:\Config.Msi\2ba99e21.rbf
C:\Config.Msi\2ba99e22.rbf
C:\Config.Msi\2ba99e28.rbf
C:\Config.Msi\2ba99e29.rbf
C:\Config.Msi\2ba99e2a.rbf
C:\Config.Msi\2ba99e2b.rbf
C:\Config.Msi\2ba99e2c.rbf
C:\Config.Msi\2ba99e2e.rbf
C:\Config.Msi\2ba99e2f.rbf
C:\Config.Msi\2ba99e63.rbf
C:\Program Files\TermTutor\IE\TermTutorClientIE.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\FreeSoundRecorder\tbFree.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\FreeSoundRecorder\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\ldrtbWin0.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\ldrtbWin2.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\ldrtbWinl.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWin0.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWin1.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWin2.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\Winload\tbWinl.dll
C:\Users\Spieler.HeikeHarder-HP\AppData\LocalLow\www.Freeware-download.com\tbwww..dll
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp\LookThisUp.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\LookThisUp\LookThisUpUninstall.exe
C:\Users\Spieler.HeikeHarder-HP\AppData\Roaming\Opera Software\Opera Stable\File System\000\t\00\00000000
C:\Windows\Installer\106863c3.msi
C:\Windows\Installer\afe633c.msi
C:\Windows\System32\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\ldrtbFree.dll
C:\Windows\System32\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\tbFree.dll
C:\Windows\System32\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\ldrtbFree.dll
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\tbFree.dll
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\FreeSoundRecorder\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll
EmptyTemp:
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Fix-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:20 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19